The NHI problem is “more challenging in cloud environments, third-party collaboration, IoT deployments, and remote environments,” said Michael Tsia, product head of SaaS management platform Zluri. “The nature of these distributed environments makes it difficult to maintain control and visibility in one place for NHIs. Third-party NHIs may not be under your direct control, making it difficult to enforce consistent access policies.”
IoT devices, for example, often offer limited access control options, Tsia points out. In addition, NHIs from local to remote sites may be difficult to monitor from a central location.
“To address these challenges, organizations can use additional measures such as centralizing and exchanging NHI credentials regularly, carefully monitoring authentication efforts and access patterns to detect ambiguities, segmenting networks to isolate high-risk NHIs and limiting lateral movement in case of corruption, and extending the PoLP. [principle of least privilege] and procedures for evaluating third-party NHIs and remote NHIs as much as possible,” he said.
Source link