NHIs may be your biggest — and most neglected — security hole
The NHI problem is “more challenging in cloud environments, with third-party interactions, IoT deployments, and at remote sites,” said Michael Tsia, the head of product at SaaS management platform Zluri. “The nature of these distributed environments makes it hard to keep centralized control and visibility over NHIs. Third-party NHIs might not be under your direct control, which makes consistent access policies difficult to enforce.”
IoT devices, for example, often offer limited options for access controls, Tsia points out. Moreover, NHIs local to remote sites may be hard to monitor from a central location.
“To address these challenges, organizations can implement additional measures like centrally managing and frequently rotating NHI credentials, closely monitoring authentication attempts and access patterns to detect anomalies, segmenting networks to isolate high-risk NHIs and limit lateral movement if compromised, and extending PoLP [principle of least privilege] and auditing practices to third-party and remote NHIs as much as possible,” he says.