Subscribe to the Non-Human & AI Identity Journal

Hybrid Connectivity

Hybrid connectivity is a model where a device can switch between terrestrial and non-terrestrial links such as satellite fallback. It expands coverage, but it also expands the trust boundary, which means authentication, logging, and revocation must follow the asset rather than the network path.

Expanded Definition

Hybrid connectivity describes an operating model in which the same endpoint can use more than one communications path, typically a terrestrial network and a non-terrestrial option such as satellite, cellular backup, or another alternate link. In security terms, the key issue is not the transport itself but the shifting trust boundary: the device may remain the same asset while its route, latency, addressability, and exposure conditions change. That makes identity, policy enforcement, and telemetry continuity more important than the network path in use.

For NHI Management Group, the practical distinction is that hybrid connectivity is not simply resilience engineering. It is also an identity and access problem because credentials, device posture, session continuity, and revocation must remain consistent across links. Guidance is still evolving across vendors on how much state should be preserved at the edge versus revalidated after path changes, so implementation choices vary. The most common misapplication is treating the alternate link as a separate environment, which occurs when teams reauthenticate inconsistently, split logs across channels, or assume the backup path inherits the same controls automatically.

Authoritative security governance aligns best with the NIST Cybersecurity Framework 2.0, especially where asset visibility, access control, and recovery expectations must remain intact across changing communications paths.

Examples and Use Cases

Implementing hybrid connectivity rigorously often introduces operational complexity, requiring organisations to weigh availability gains against the cost of duplicated policy enforcement, monitoring, and failover testing.

  • A remote industrial gateway uses primary fiber and fails over to satellite when the wired path drops, while maintaining the same device identity and access policy.
  • A field service tablet connects through LTE during travel and switches to Wi-Fi at a depot, with sessions revalidated so the change in path does not weaken access controls.
  • A maritime or aviation system depends on terrestrial links near port or runway and non-terrestrial links in transit, requiring persistent logging even when bandwidth and latency vary.
  • An edge inference appliance in a constrained location keeps telemetry flowing over the best available path, but revocation and certificate checks still follow the endpoint, not the network.
  • A critical supplier uses backup connectivity to preserve business continuity, then validates that alerting, time sync, and forensic logs remain searchable across both routes.

These scenarios are easier to secure when hybrid connectivity is treated as part of a broader resilience and access architecture, not as an ad hoc failover feature. That perspective is consistent with the way the NIST Cybersecurity Framework 2.0 frames asset management, protective controls, and recovery planning around business functions rather than a single transport layer.

Why It Matters for Security Teams

Security teams need to understand hybrid connectivity because path switching can silently change the attack surface without changing the asset. If authentication is tied too closely to a specific network location, devices may bypass controls during failover; if logging is fragmented, incident responders lose continuity across the exact moment when resilience matters most. The strongest programmes therefore bind identity, certificate lifecycle, monitoring, and revocation to the endpoint, while treating transport as replaceable infrastructure.

This becomes especially important for NHI and agentic environments, where autonomous devices, services, and agents may depend on always-on reachability to API endpoints, secrets stores, or control planes. A connectivity change should not create a fresh trust grant or a blind spot in governance. Teams should also verify that fallback routes do not weaken segmentation, inspection, or recovery objectives, particularly when non-terrestrial links are introduced into regulated or safety-critical operations. Organisations typically encounter the operational cost of hybrid connectivity only after a primary link fails, at which point inconsistent authentication and incomplete telemetry become operationally unavoidable to address.

The same principles support the identity and resilience expectations described in the NIST Cybersecurity Framework 2.0, especially where continuity and recovery must survive transport changes.

Standards & Framework Alignment

This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.

NIST CSF 2.0 and NIST Zero Trust (SP 800-207) set the governance and control requirements practitioners need to meet.

Framework Control / Reference Relevance
NIST CSF 2.0 PR.AC-1 Access permissions should follow the asset across changing network paths.
NIST Zero Trust (SP 800-207) 3.3 Zero Trust requires continuous verification regardless of network location.

Keep authentication and access decisions bound to the device identity, not the current link.