We hear this quite a bit:
“We have a whole bunch of service accounts and AI brokers operating within the background. We did not create most of them. We do not know who owns them. How are we purported to safe them?”
Each enterprise as we speak runs on greater than customers. Behind the scenes, 1000’s of non-human identities, from service accounts to API tokens to AI brokers, entry methods, transfer knowledge, and execute duties across the clock.
They don’t seem to be new. However they’re multiplying quick. And most weren’t constructed with safety in thoughts.
Conventional id instruments assume intent, context, and possession. Non-human identities have none of these. They do not log out and in. They do not get offboarded. And with the rise of autonomous brokers, they’re starting to make their very own selections, usually with broad permissions and little oversight.
It is already creating new blind spots. However we’re solely at the start.
On this put up, we’ll take a look at how non-human id threat is evolving, the place most organizations are nonetheless uncovered, and the way an id safety material helps safety groups get forward earlier than the size turns into unmanageable.
The rise (and threat) of non-human identities
Cloud-first architectures elevated infrastructure complexity and triggered a surge in background identities. As these environments develop, the variety of background identities grows with them, lots of which get created routinely, with out clear possession or oversight. In lots of circumstances, these identities outnumber human customers by greater than 80 to 1.
What makes that particularly dangerous is how little most groups find out about them. NHIs usually get created routinely throughout deployment or provisioning, then disappear from the radar, untracked, unowned, and sometimes over-permissioned.
Service accounts, specifically, are in every single place. They transfer knowledge between methods, run scheduled jobs, and authenticate headless providers. However their sprawl is never seen, and their permissions are hardly ever reviewed. Over time, they change into good automobiles for lateral motion and privilege escalation.
However service accounts are solely a part of the image. As AI adoption grows, a brand new class of non-human id introduces much more unpredictable threat.
Why AI brokers behave in a different way and why that issues
In contrast to most machine identities, AI brokers provoke actions on their very own; interacting with APIs, querying knowledge, and making selections autonomously.
That autonomy comes at a value. AI brokers usually want entry to delicate knowledge and APIs, however few organizations have guardrails for what they’ll do or the way to revoke that entry.
Worse, most AI brokers lack clear possession, observe no normal lifecycle, and provide little visibility into their real-world conduct. They are often deployed by builders, embedded in instruments, or known as by way of exterior APIs. As soon as stay, they’ll run indefinitely, usually with persistent credentials and elevated permissions.
And since they are not tied to a consumer or session, AI brokers are tough to observe utilizing conventional id indicators like IP, location, or gadget context.
The price of invisible entry
Secrets and techniques get hardcoded. Tokens get reused. Orphaned identities stay lively for months, generally years.
These dangers usually are not new, however static credentials and wide-open entry could have been manageable if you had a number of dozen service accounts. However with 1000’s, or tens of 1000’s, of NHIs working independently throughout cloud providers, guide monitoring merely would not scale.
That is why many safety groups are revisiting how they outline id within the first place. As a result of if an AI agent can authenticate, entry knowledge, and make selections, it’s an id. And if that id is not ruled, it is a legal responsibility.
Frequent NHI safety challenges
Understanding that non-human identities characterize a rising threat is one factor; managing that threat is one other. The core downside is that the instruments and processes constructed for human id administration do not translate to the world of APIs, service accounts, and AI brokers. This disconnect creates a number of distinct and harmful safety challenges that many organizations are solely starting to confront.
You may’t shield what you possibly can’t see
Essentially the most basic problem in securing NHIs is visibility. Most safety groups do not have an entire stock of each non-human id working of their atmosphere. These identities are sometimes created dynamically by builders or automated methods to serve a particular, momentary perform. They get spun as much as assist a brand new microservice, run a deployment script, or combine a third-party utility.
As soon as created, nevertheless, they hardly ever get documented or tracked in a central id administration system. They change into “shadow” identities, lively and purposeful, however fully invisible to safety and IT. And not using a complete view of what NHIs exist, who (or what) created them, and what they’re accessing, it is unimaginable to construct a significant safety technique. You might be left attempting to safe an assault floor of an unknown measurement.
Why “set it and overlook it” is a safety legal responsibility
A standard observe for builders and operations groups is to assign broad permissions to NHIs to make sure a service or utility works with out interruption. Consider it as putting in an app that asks for entry to your digicam roll, microphone, and placement. You faucet “Enable” simply to get it working, then overlook about it.
It is faster and extra handy in the intervening time, but it surely introduces pointless dangers. Equally, assigning overly broad permissions to NHIs would possibly make setup simpler, but it surely creates vital safety gaps, leaving your methods susceptible to exploitation.
The precept of least privilege is usually sacrificed for velocity and comfort. An NHI would possibly solely have to learn knowledge from one database desk, but it surely’s granted write entry to your entire database to keep away from future permission-related errors.
This strategy creates a large safety legal responsibility. These over-permissioned identities change into high-value targets for attackers. If a menace actor compromises an NHI with extreme privileges, they’ll transfer laterally throughout methods, escalate their entry, and exfiltrate delicate knowledge with out ever needing a human consumer’s credentials.
Due to how hardly ever NHIs are reviewed or deprovisioned, these permissive accounts can stay lively and susceptible for months and even years, ready to be exploited.
No context, no trendy controls
Fashionable id safety depends on context. When a consumer logs in, we are able to confirm their id utilizing indicators like their location, gadget, and community, usually prompting for multi-factor authentication (MFA) if one thing appears uncommon. NHIs have none of this context. They’re simply code executing on a server. They do not have a tool, a geographic location, or behavioral patterns that may be simply monitored.
As a result of they authenticate with static, long-lived credentials, MFA would not apply. Which means if a credential is stolen, there isn’t any second issue to cease an attacker from utilizing it. The absence of context-aware entry controls makes it extremely tough to differentiate between professional and malicious NHI exercise till it is too late.
Orphaned identities and digital ghosts
What occurs when the developer who created a service account leaves the corporate? Or when an utility that used a particular API token is decommissioned? In most organizations, the related NHIs are left behind. These “orphaned” or “lingering” identities stay lively, with their permissions intact, however with no proprietor accountable for their lifecycle.
These digital ghosts are a compliance nightmare and a safety threat. They muddle the atmosphere, making it more durable to establish professional and lively identities. Extra importantly, they characterize an deserted, unmonitored entry level into your methods. An attacker who discovers an orphaned id with legitimate credentials has discovered an ideal backdoor, one which no person is watching.
How safety groups are regaining management
Dealing with an assault floor that’s increasing and turning into extra autonomous, main safety groups are shifting from reactive fixes to proactive governance. That shift begins with recognizing each credentialed system, script, and agent as an id value governing.
Uncover and stock all NHIs
Fashionable id platforms can scan environments like AWS, GCP, and on-prem infrastructure to floor hidden tokens, unmanaged service accounts, and over-permissioned roles.
These instruments substitute spreadsheets and guesswork with a real-time, unified stock of each, human and non-human identities. With out this basis, governance is simply guesswork. With it, safety groups can lastly transfer from enjoying whack-a-mole with service accounts to constructing actual management.
Triage and deal with high-risk identities first
With an entire stock in place, the following step is to shrink the potential blast radius. Not all NHIs pose the identical degree of threat. The secret’s to prioritize remediation primarily based on permissions and entry. Danger-based privilege administration helps establish which identities are dangerously over-permissioned.
From there, groups can systematically right-size entry to align with the precept of least privilege. This additionally entails implementing stronger controls, similar to automated rotation for secrets and techniques and credentials. For essentially the most highly effective NHIs, like autonomous AI brokers, it is important to have “kill switches” that enable for quick session termination if anomalous conduct is detected.
Automate governance and lifecycle
Human identities have lifecycle insurance policies: onboarding, position modifications, offboarding. Non-human identities want the identical rigor.
Main organizations are automating these processes end-to-end. When a brand new NHI is created, it is assigned an proprietor, given scoped permissions, and added to an auditable stock. When a instrument is retired or a developer leaves, related identities are routinely deprovisioned, closing the door on orphaned accounts and guaranteeing entry would not linger indefinitely.
Why an id safety material modifications the equation
Lots of the dangers tied to non-human identities have much less to do with the identities themselves and extra to do with the fragmented methods attempting to handle them.
Every cloud supplier, CI/CD instrument, and AI platform handles id in a different way. Some use static tokens. Some difficulty credentials throughout deploy. Some do not expire entry in any respect. And not using a shared system for outlining possession, assigning permissions, and implementing guardrails, the sprawl grows unchecked.
A unified id safety material modifications this by consolidating all identities, human and non-human, beneath a single management aircraft. And with Okta, which means:
Mechanically surfacing identities and posture gaps with Id Safety Posture Administration (ISPM)
Making use of least-privilege entry with rotation and vaulting for delicate secrets and techniques
Defining lifecycle insurance policies for each id, together with brokers and repair accounts
Extending workload id patterns (short-lived tokens, consumer credentials) and adaptive entry to providers and background jobs
Governing entry to AWS providers like Bedrock and Amazon Q, whereas AWS IAM points and enforces the underlying agent/workload credentials
As an alternative of sewing collectively workarounds, groups can outline id controls as soon as and apply them in every single place. Which means fewer blind spots, quicker response occasions, and a smaller assault floor, without having ten totally different instruments to get there.
Do not let NHIs change into your greatest blind spot
AI brokers and non-human identities are already reshaping your assault floor. They’re multiplying quicker than most groups can observe and too many nonetheless function with out clear possession, sturdy controls, or any actual visibility.
You need not rebuild your technique from the bottom up. However you do have to deal with non-human identities like what they’re: important entry factors that deserve the identical governance as any consumer.
With a unified id platform, safety groups can stock what’s operating, apply scalable controls, and lower off dangerous entry earlier than it is exploited—not after.
See how Okta and AWS assist organizations convey order to NHI sprawl. [Download the guide] to get began.
Discovered this text fascinating? This text is a contributed piece from one in every of our valued companions. Comply with us on Google Information, Twitter and LinkedIn to learn extra unique content material we put up.
