Early-bird Discount
expires in
Register Now

Agenda

Non-Human Identity Management

Non-Human Identity Management

Combined Session
Wednesday, May 07, 2025 11:00—12:00
Location: B07-08

Demystifying Non-Human Identities: A Foundational Guide to Workflow and Machine Identity Management
11:00—11:20
 

Non-Human Identities (NHIs) - including machine accounts, service accounts, and automated workflows - are increasingly prevalent in today's digital landscape. While they boost efficiency, they also introduce often-overlooked security vulnerabilities. This session explores NHIs, using recent security breaches to highlight the risks of inadequate management.

Attendees will gain insights into the dangers of unmanaged NHIs, such as unauthorized access and privilege escalation. The session remains vendor-neutral, focusing on essential features of NHI management tools. Practical advice will be shared on how organizations can initiate effective NHI management, including strategies for risk assessment and implementation planning.

Participants will leave with a foundational understanding of NHIs, the risks they pose, and actionable steps to mitigate them. This session is ideal for attendees aiming to enhance their organization's security without delving too deep into technical complexities.

Dr. Heiko Klarl
Independent
Dr. Heiko Klarl is a distinguished expert in Identity and Access Management (IAM) with over 18 years of experience. With a strong background in cybersecurity, Heiko excels in structuring complex...
A Practitioner's Guide to Managing Non-Human Identity Risks
11:20—11:40
 

This session will provide a practitioner's view to managing Non-Human Identity risks, from an industry veteran who has managed global NHI programs for over 25 years.
Lalit Choda founder of the Non-Human Identity Management Group, will talk about why this is probably the most complex and challenging technology risk exposure to address, given most organisations currently have little or no controls in place for managing NHIs, further complicated by Multi Hybrid Cloud, SaaS and On-Prem environments and the fact that NHIs typically outnumber human identities by a factor of 25x - 50x.

The session will cover the key risks around hard-coded credentials in source code, lack of inventory and ownership, stale/inactive accounts, lack of credential cycling/rotation, lack of environment segregation, sharing of credentials and humans inappropriately using NHIs.

Lalit will share real-life examples, of how he dealt with 500k+ NHIs, 1,000s of apps and securing 100k+ credentials, explaining the risks, how they were tackled, the pitfalls/challenges, best practices, lessons learned and how to take a risk based approach.

Attendees will walk away with an appreciation of the complexities of managing NHIs and why you need to take a risk based approach to tackling this 'huge elephant in the room'.

Lalit Choda
Founder
Non-Human Identity Management Group
Lalit Choda is the founder of the Non-Human Identity Mgmt Group where he evangelises and influences the industry around NHI risks. Lalit has unique hands on 25+ years practitioner experience,...
Non-Human Identity Life Cycle in New Technologic Era
11:40—12:00
 
The emergence of non-human identities, such as service accounts, system accounts and generic is reshaping the modern corporate landscape. These entities are becoming integral to business processes, decision-making, and customer interaction, presenting new challenges in governance, management, and legal accountability.
This session aims to explore how organizations can effectively manage and govern non-human identities within corporate frameworks. We will discuss key topics such as defining roles and responsibilities, establishing compliance standards, ensuring accountability, and integrating these entities into existing governance structures. By addressing these aspects, the session seeks to provide strategic insights into building resilient corporate ecosystems that balance technological advancement with organizational integrity and accountability.
Burcu Ekiz
Identity Infrastructure Technologies Manager
Garanti BBVA Bank
Burcu is a dedicated identity access management professional with development background. She has been working at Garanti BBVA bank for more than 25 years and developed a IAM strategy for the bank....
Almost Ready to Join the EIC 2025?
Reach out to our team with any remaining questions
Get in touch