Automation and NHI Security Risks - Key Findings Revealed
High severity β significant development or major threat actor activity
Basically, companies are using automated tools that can be risky if not managed properly.
A new report highlights serious security risks linked to automation and non-human identities in enterprises. Over 40% of experts reported incidents last year. Organizations must improve management practices to protect their data.
What Happened
A recent report from Keeper Security unveiled significant security risks associated with automation and the use of non-human identities (NHIs) in organizations. This report was presented at the RSA Conference and sheds light on the increasing reliance on AI-powered tools, service accounts, and API keys for system interactions.
Who's Affected
The findings are particularly concerning for IT professionals and organizations that utilize automated systems. Over 40% of surveyed experts reported experiencing security incidents related to machine credentials or NHIs in the past year. This indicates a widespread issue across various sectors, especially those heavily reliant on automation.
What Data Was Exposed
While the report does not specify exact data breaches, it emphasizes that excessive privileges granted to automated tools without proper oversight can lead to significant vulnerabilities. The lack of visibility into these systems poses a serious threat to data security.
What You Should Do
Organizations are urged to develop a cohesive strategy that integrates secrets control and password management to enhance data security. Here are some steps to consider:
- Implement standard guidelines for managing automated tools and NHIs.
- Increase visibility into AI and automation processes within your systems.
- Regularly audit machine access and privileges to ensure they are appropriate.
The Call for Action
Darren Guccione, CEO of Keeper Security, highlighted the urgent need for organizations to adopt a comprehensive approach to managing NHIs. As automation continues to grow, so do the complexities of securing these non-human identities. Without proper management and oversight, organizations risk exposing themselves to significant security threats.
π How to Check If You're Affected
- 1.Review access logs for automated tools and NHIs.
- 2.Conduct regular audits of privileges granted to non-human identities.
- 3.Implement monitoring solutions to track NHI activities.
π Pro insight: The findings underscore the critical need for organizations to implement robust access controls and visibility measures for NHIs to mitigate potential security incidents.