Risk related to non-human identities: Believe the hype, reject the FUD

2024-07-15 05:00

A steady stream of NHI-related breaches is causing some of the chatter surrounding NHI risk to veer into FUD. Given the rate at which NHis are outnumbering human identities - by some reports by as much as 45-to-1 - the hype seems warranted.

Because NHIs are commonly used to access sensitive data and services across applications, allowing exposed, unmanaged NHIs to proliferate is akin to leaving all your doors and windows unlocked when you leave your house.

In these cases, a new NHI would have been created, which delegates access on behalf of the human user.

For human identities, we already have systems that do this, but not so much so for NHIs.

To keep NHI risk in check, we need systems that can detect NHI anomalies.

Whatever tools you use, these are the steps involved with establishing a sustainable protocol for mitigating NHI risk.

News URL

https://www.helpnetsecurity.com/2024/07/15/non-human-identities-nhi-risk/

#FUD