Securing NHIs: Governance, Architecture, and Tools to Mitigate Risks of Non-Human Accounts

Securing NHIs: Governance, Architecture, and Tools to Mitigate Risks of Non-Human Accounts

Most organizations today have a vast array of privileged non-human accounts in use – with some research enumerating that for each human identity, there are an average of 92 NHIs. Provisioning and entitlements of NHIs is complex, as we see excessive permissions and secret mismanagement of these accounts commonplace. Agentic AI and Robot Process Automation (RPA) accounts further complicate the situation by expanding the use cases for NHIs. With many high-profile breaches in the past year stemming from NHI attacks and the use of NHIs continuing to exponentially grow – whether in your cloud environment or from the adoption of AI agents – CISOs and security leaders must review the architectural design, identity lifecycle and governance, and controls necessary to meet the specific requirements of these often poorly managed but highly privileged accounts. In this symposium, IANS Faculty Wolfgang Goerlich deep dives into:

• Governance and lifecycle management considerations for NHI accounts, including discovery, provisioning, and monitoring strategies
• Fitting security principles like least privilege and separation of duties to NHIs, particularly those for RPA and AI agents
• Reference architectures and where (and how) to implement controls to secure NHIs
• Adapting and applying identity tooling for NHI, such as ISPM and ITDR

Audience

This event is for IANS clients and invited guests — there is no vendor sponsorship or presence.