Join IDSA
Join IDSA

Archives

  1. Self Assessment: Modern Access Management Maturity

    October 30th, 2025 by Paul Hunter | Posted in News, Perspective, Research |

    Tags: , , , , , , , , ,

    To conclude this 5 part series on the importance of comprehensive and deliberate NHI governance, we are pleased to share this self assessment framework to help organizations understand where they are in their access management maturity journey. In case you missed it, here’s what we’ve covered so far: 1. Outnumbered and underprotected: the hidden risk…

  2. Close the NHI Governance Gap

    October 23rd, 2025 by Paul Hunter | Posted in News, Perspective, Research |

    Tags: , , , , , , , , ,

    We’ve spent the better part of the last decade tightening our grip on workforce authentication. SSO is widespread. MFA is table stakes. Access reviews, offboarding workflows, and role-based policies are now standard practice. It took time and iteration, but we got there.  Now it’s time to apply that same rigor to machine identities. The service…

  3. Start Governing NHIs by Managing Access, Not Credentials

    October 16th, 2025 by Paul Hunter | Posted in News, Perspective, Research |

    Tags: , , , , , , , , ,

    This is part 3 in our series on non-human identity (NHI) governance. In this post, we focus on one of the most persistent risks in production infrastructure: static credentials and standing privilege. Static credentials are still at large in most environments and many enable dangerously over-permissioned and under-governed access to sensitive systems and data. API…

  4. Beyond Humans: Governing Machine Identity Access at Scale

    October 9th, 2025 by Paul Hunter | Posted in News, Perspective, Research |

    Tags: , , , , , , , , ,

    In organizations today, every identity—human or machine—is a potential pivot point in an attack. Most progress in identity security has focused on authenticating people: SSO, MFA, admin lockdowns, automated provisioning. Important steps, but they only address half the identities accessing your systems. The other half—machines like CI/CD pipelines, service accounts, automation tools, AI agents, and…

  5. Outnumbered and Underprotected: The Hidden Risk of Non-Human Identities

    October 2nd, 2025 by Paul Hunter | Posted in News, Perspective, Research |

    Tags: , , , , , , , , , , , ,

    Most security teams have focused their identity governance efforts on managing human access. You’ve got SSO in place. MFA is enforced. There’s a reasonably consistent process for onboarding and offboarding employees. You probably run access reviews on a quarterly basis and, if you’re further along, maybe you’ve deployed a PAM solution to protect privileged user…

  6. From Tickets to Trust: How to Roll Out Just-in-Time Access without Slowing Down Engineers

  7. Non-Human Identities: The unseen workforce driving AI-era security

    August 19th, 2025 by Paul Hunter | Posted in Best Practices, Perspective, Research |

    This blog was originally published by iDMig here. Non-human identities (NHIs) are front and center Throughout the conferences I’ve attended, and those I had the privilege to present in 2024 and 2025, one key takeaway from all is the explosive growth of non-human identities. These identities have been around for decades to be sure, primarily…

  8. Simplifying Machine Identity Compliance – Live Walkthrough

  9. NIST Cybersecurity Framework 2.0 And Why It Matters

    August 7th, 2024 by Vaughn Camarda | Posted in Uncategorized |

    The National Institute of Standards and Technology (NIST) recently unveiled version 2.0 of its respected Cybersecurity Framework. This update represents a significant advancement in one of the most extensively adopted cybersecurity guidelines across various industries. The release highlights several crucial aspects of the rapidly evolving cybersecurity threat landscape, including a heightened focus on modern threats…

  10. Wrapping Up #BeIdentitySmart Week

    November 1st, 2021 by Jeff Reich | Posted in Technical Working Groups | No Comments

    In April we partnered with the National Cybersecurity Alliance (NCA) on the first ever Identity Management Day to raise awareness about the importance of securing digital identities. For 18 years the NCA has hosted Cybersecurity Awareness Month to ensure organizations and individuals have the resources they need to stay safer and more secure online. In recent years,…

Next Entries »
Background

READY TO MAKE AN IMPACT?

Let's work together to help everyone become more secure.
Join the IDSA