Identity Multi-Used
Risk Category
Usage
Risk Description
Using the same NHI across different systems increases your risk. Discover best practices to separate identity use and cut down the attack surface!
Why It’s a Risk
When an identity is used in multiple environments, a compromise in one location could lead to unauthorized access across all connected systems. This increases the attack surface and can lead to broader security breaches, downtime, and damage. Additionally, managing the lifecycle of multi-used identities becomes more complex, making it harder to track and secure.
Likelihood of Occurrence
moderate
Medium, especially in complex environments with shared services or widespread API usage.
Impact Level
high
High, as a compromise in one location can lead to a broader security breach across connected systems.
Mitigation Strategy
Regularly audit and track identities used across multiple locations. Segregate identity usage to minimize the blast radius of a potential breach, and consolidate identities into secure environments where necessary. Apply Zero Trust principles to continuously verify the legitimacy of access requests, ensuring that even if one system is compromised, the impact remains contained.
Playbooks in Clutch
110
Applies for:
Cloud Service Provider
Vault
Source Manager
CI/CD
Password Manager
EDR
Data
Network
PaaS
Collaboration
Project Management
Log Analytics
IDP
CRM
MDM
IM
Ticketing
Automation
HRIS
SIEM
