How To Tackle The Unique Challenges Posed By Non-Human Identities
Security Boulevard, Thursday, December 5th, 2024
In technology security, non-human identities (NHIs) are accounts, services and systems that perform automated tasks. These identities pose a unique set of challenges and risks because they often have privileged access and lack the added security of multi-factor authentication (MFA) that can be applied to devices.
However, like any risk, NHIs can be mitigated and there are a few ways to do this.
Dedicated Identities
Contrary to the conventional practice of reusing service accounts across multiple apps and/or services, each NHI should be dedicated to a single process or application. This limits the potential damage if an identity is compromised and can aid greatly in investigation, remediation and eradication efforts if a compromise takes place. It also limits the blast radius of a compromised account to the specific app or service that it's tied to.