This session will provide a practitioner's view to managing Non-Human Identity risks, from an industry veteran who has managed global NHI programs for over 25 years.
Lalit Choda founder of the Non-Human Identity Management Group, will talk about why this is probably the most complex and challenging technology risk exposure to address, given most organisations currently have little or no controls in place for managing NHIs, further complicated by Multi Hybrid Cloud, SaaS and On-Prem environments and the fact that NHIs typically outnumber human identities by a factor of 25x - 50x.
The session will cover the key risks around hard-coded credentials in source code, lack of inventory and ownership, stale/inactive accounts, lack of credential cycling/rotation, lack of environment segregation, sharing of credentials and humans inappropriately using NHIs.
Lalit will share real-life examples, of how he dealt with 500k+ NHIs, 1,000s of apps and securing 100k+ credentials, explaining the risks, how they were tackled, the pitfalls/challenges, best practices, lessons learned and how to take a risk based approach.
Attendees will walk away with an appreciation of the complexities of managing NHIs and why you need to take a risk based approach to tackling this 'huge elephant in the room'.
