A shared-use device is an endpoint used by multiple people across different sessions, such as a workstation or mobile device in a clinical setting. Security depends on preserving user attribution, session isolation, and auditability, because the device itself no longer proves who accessed patient data.
Expanded Definition
A shared-use device is any endpoint that serves multiple people across separate sessions, where the device is not a trustworthy proxy for identity. In NHI and IAM operations, the term matters because attribution must come from the authenticated user, the session context, and the access controls enforced at sign-in and sign-out, not from the hardware itself.
Usage in the industry is still evolving. In healthcare, education, manufacturing, and frontline operations, shared-use devices often combine temporary logins, kiosk modes, and application-level access controls. That makes the boundary between device trust and user trust especially important. Guidance from the NIST Cybersecurity Framework 2.0 reinforces that identity, access, and auditability must remain intact even when the endpoint is reused by different people. NHI governance becomes relevant when service access, tokens, and clinical workflows are attached to the device environment rather than the current user session. The most common misapplication is treating a shared workstation as if it establishes user identity, which occurs when teams rely on the logged-in device state instead of enforcing session re-authentication and attribution.
Examples and Use Cases
Implementing shared-use device controls rigorously often introduces friction at sign-in and logout, requiring organisations to weigh faster workflow handoffs against stronger attribution and reduced session leakage.
- A nurse logs into a bedside terminal to retrieve patient records, then the session is cleared before the next clinician uses the same terminal.
- A warehouse scanner is shared across shifts, but each operator authenticates individually so task actions remain attributable.
- A call-center workstation uses application-level sessions so the device can stay available while user identity changes between calls.
- A field tablet in a public-service office is reused throughout the day, with automatic timeout and audit logs that preserve who accessed which records.
These patterns are common in environments where speed matters, but they only work when session isolation is enforced consistently. The Ultimate Guide to NHIs shows how weak lifecycle control and poor visibility routinely create exposure for identities and credentials tied to operational systems, while the NIST Cybersecurity Framework 2.0 is useful for mapping authentication, logging, and access governance to the device workflow. A shared-use device should support the session, not become the authority for the session.
Why It Matters in NHI Security
Shared-use devices matter because they can hide who actually performed an action when multiple users, tokens, or service workflows pass through the same endpoint. That ambiguity weakens audit trails, complicates incident response, and can expose patient data or operational data to the wrong session if sign-out, timeout, or app-level segregation fails. NHI Management Group has found that only 5.7% of organisations have full visibility into their service accounts, a reminder that identity opacity is already a widespread problem, and shared endpoints can make it worse when access records are incomplete.
When organisations reuse endpoints without strict attribution, they also risk extending a user’s access beyond the intended session. The Ultimate Guide to NHIs is clear that visibility and governance are foundational to reducing identity-driven exposure, especially where access and secrets intersect. In practice, shared-use devices must be paired with strong session controls, immutable logs, and rapid revocation of access artifacts after each handoff. Organisations typically encounter the real impact only after a disputed action, a privacy investigation, or an incident review, at which point shared-use device controls become operationally unavoidable to address.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST CSF 2.0 and NIST Zero Trust (SP 800-207) set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| NIST CSF 2.0 | PR.AC | Shared-use devices require strong identity and access control across each reused session. |
| OWASP Non-Human Identity Top 10 | NHI-03 | Shared endpoints can obscure attribution and weaken lifecycle governance for identities and credentials. |
| NIST Zero Trust (SP 800-207) | SA-3 | Zero trust requires each access request to be evaluated, even on a reused device. |
Treat every shared-device session as untrusted until identity, context, and policy are revalidated.
