1Password acquires Apono: implications for NHI and AI agent governance

At a glance

What this is: 1Password’s acquisition of Apono frames a move toward combining credential protection with just-in-time privileged access governance for people, machines, and AI agents.

Why it matters: It matters because identity programmes now have to govern who or what can act, for how long, and under what conditions across human IAM, NHI, and emerging autonomous access paths.

By the numbers:

• Only 5.7% of organisations have full visibility into their service accounts.
• 97% of NHIs carry excessive privileges, increasing unauthorised access and broadening the attack surface.

👉 Read 1Password's acquisition announcement for Apono and Unified Access

Context

Identity governance is shifting from who can sign in to what any identity is allowed to do in the moment. That matters because the operating model now includes humans, service accounts, machine workloads, and AI agents, each with different access lifecycles and failure modes.

The acquisition is a signal about where the access-control stack is moving. Credential custody, just-in-time grant logic, and revocation need to work together if organisations want to limit standing privilege without slowing down cloud operations or agent-driven workflows.

Key questions

Q: How should security teams govern just-in-time access for non-human identities?

A: They should scope access to a specific task, verify the requester at the point of use, and revoke the grant automatically as soon as the work is complete. The important test is whether privilege exists only for the minimum execution window and whether audit evidence proves that revocation really happened.

Q: Why do standing privileges create more risk for machine identities and AI agents?

A: Standing privileges outlive the task they were meant to support, which makes them easier to abuse and harder to justify in fast-changing environments. For machine identities and AI agents, that risk grows because access may be used continuously or initiated at runtime without a human review pause.

Q: What do identity teams get wrong about vaulting secrets and controlling access?

A: They often treat secure storage as if it automatically means safe usage. In practice, a credential can be well protected in a vault and still enable excessive downstream access if privilege boundaries are broad, review cycles are slow, or revocation does not fully invalidate the token or session.

Q: Who should own governance when access spans humans, service accounts, and AI agents?

A: Ownership should sit with the identity programme, but the operating controls need to be shared across IAM, PAM, NHI governance, and security engineering. The key is a single policy model with actor-specific execution rules so the same access principle is enforced consistently across all three identity types.

How it works in practice

Just-in-time privileged access for non-human identities

Just-in-time privileged access grants permissions only when a task requires them and revokes them when the task ends. For non-human identities, that pattern reduces standing privilege but also changes the control plane: access is no longer a permanent entitlement, it becomes a time-bounded event with audit evidence attached. The architecture depends on reliable requester verification, scoped approval logic, and precise revocation so temporary elevation does not become a new form of latent privilege.

Practical implication: map every privileged NHI workflow to a task-scoped grant and verify that revocation is automatic, logged, and complete.

Credential custody versus access governance

Credential custody controls where secrets, tokens, and certificates live, while access governance controls what an identity can do after the credential is issued. These are related but distinct layers. If credentials are protected but privilege remains broad, the attack surface is still large. If privilege is narrow but credentials spread across repositories, pipelines, and apps, exposure still persists. A usable design separates secret release from action authorisation so both layers can be independently monitored.

Practical implication: separate secret storage controls from privilege enforcement controls and test both independently.

Why standing privilege breaks under dynamic cloud work

Standing privilege assumes access can be granted ahead of time and left in place because the environment is relatively stable. Modern cloud systems are not stable. Infrastructure, workloads, and workflows change continuously, and AI systems can request resources or act in real time. That makes broad permanent access hard to justify because the original business need may disappear before the entitlement is ever reviewed. The control problem is not just excess privilege, but privilege that outlives the work it was meant to support.

Practical implication: replace broad persistent privileges with scoped, revocable grants for cloud and agent-driven workflows.

NHI Mgmt Group analysis

Standing access is the wrong default for modern identity behaviour. The article’s core argument is that permanent privilege no longer matches how cloud systems, machine identities, and AI agents actually operate. Standing access was designed for predictable entitlement lifecycles and slower change rates, but these actors work in real time and often need access only for a narrow task window. The practitioner conclusion is straightforward: access governance must be built around event-based authorisation, not durable entitlement.

Access governance and credential custody are now separate control problems. 1Password’s framing of a vault plus an access layer reflects a real architectural split, but the governance lesson is broader than any one vendor. Storing secrets safely does not solve what the identity may do once the secret is used, and task-scoped access does not help if the credential is already proliferating across tools. The practitioner conclusion is that these two controls need independent ownership and evidence.

Machine identities and AI agents collapse the assumptions behind human-paced review cycles. Access review processes were designed for actors whose privilege persists long enough to be observed, certified, and removed. That assumption fails when non-human actors can retrieve data, execute workflows, and release access in near real time. The implication is a rethink of governance cadence, not just a new control to add.

Identity governance is converging on continuous verification across all actor types. The acquisition points to a market where human IAM, NHI governance, and agent governance are moving toward a common operating model: verify continuously, scope tightly, and revoke automatically. That does not erase actor differences, but it does mean the programme boundary between people, machines, and agents is getting thinner. The practitioner conclusion is to align lifecycle, privilege, and audit controls across all three.

Policy needs to move closer to execution if AI-driven access is to stay accountable. The article implies that the next access model must decide not just who can request access, but what that identity can do, under what conditions, and for how long. That is a shift from perimeter-style entitlement management to runtime governance. The practitioner conclusion is to treat runtime policy enforcement as a core identity control, not an add-on.

From our research:

• Only 5.7% of organisations have full visibility into their service accounts, according to Ultimate Guide to NHIs.
• 97% of NHIs carry excessive privileges, increasing unauthorised access and broadening the attack surface.
• Top 10 NHI Issues shows that privilege sprawl, visibility gaps, and rotation failure often appear together, which is why task-scoped access should be evaluated alongside entitlement cleanup.

What this signals

Identity programmes will increasingly be judged on runtime control, not just stored credentials. The practical question is whether your stack can decide, in the moment, what a person, service account, or agent may do and for how long. That will push more teams toward the Ultimate Guide to NHIs style lifecycle thinking and closer alignment with OWASP Non-Human Identity Top 10 priorities.

Task-scoped access is becoming a governance baseline, not a niche control. The market signal here is that entitlement reviews alone are no longer enough when access is requested and consumed dynamically. A useful concept is identity blast radius: the smallest possible scope, duration, and delegation chain that still allows the work to complete, which is what security teams should now optimise for.

The next programme step is to bring NHI lifecycle controls, PAM governance, and AI access oversight into one policy model so review, approval, and revocation work consistently across actor types.

For practitioners

• Map privileged workflows to task-scoped grants Inventory where privileged access is still persistent, then convert the highest-risk workflows to just-in-time grants with automatic revocation at task completion. Prioritise cloud admin paths, production support, and agent-triggered operations where standing access is hardest to justify.
• Separate secret custody from access authorisation Define one control owner for credential storage and another for action authorisation so the vault, token broker, and privilege layer can each be tested and audited on their own terms. This prevents a secure secret store from masking broad downstream access.
• Rework access reviews for non-human actors Stop using human review cadences as the only governance trigger for machine identities and AI agents. Build reviews around lifecycle events such as workload creation, workflow change, and delegation updates so access is assessed when the risk changes, not after it has already shifted.
• Prove revocation completeness in production Test whether temporary access really disappears after use by checking logs, entitlement states, and downstream token validity. If a grant is revoked but the credential remains usable elsewhere, the control has failed at the point that matters.

Key takeaways

• Modern identity governance is shifting from durable entitlements to task-scoped access that can be verified and revoked in real time.
• The biggest gap is not only secret storage, but the mismatch between broad standing privilege and fast-changing machine or agent activity.
• Teams should redesign access reviews, revocation checks, and audit evidence around runtime behaviour rather than human-paced entitlement cycles.

Key terms

• Just-in-Time Privileged Access: A control pattern that grants elevated access only when a task requires it and removes it immediately after use. For non-human identities, the key value is reducing standing privilege while preserving operational speed. It depends on reliable requester validation, scoped approval, and complete revocation evidence.
• Standing Privilege: Persistent access that remains available after the original need has passed. In NHI governance, standing privilege is risky because workloads, pipelines, and AI-driven actions can change faster than access review cycles, leaving broad permissions in place long after the task has moved on.
• Credential Broker: A control layer that releases secrets, tokens, or federated access only to a verified requester and only at the moment of need. The broker reduces secret sprawl by keeping credentials in a protected vault while controlling how they are exposed into execution paths.
• Zero Standing Privilege: An access model where no elevated permission remains permanently active. Instead, access is provisioned on demand, limited to the task, and revoked when the task ends. For non-human identities, it is a practical way to reduce broad, always-on privilege in dynamic environments.

Deepen your knowledge

NHI governance, agentic AI identity, and machine identity security are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are responsible for identity security strategy or NHI governance in your organisation, it is worth exploring.

This post draws on content published by 1Password: 1Password acquires Apono and frames the shift to trusted access. Read the original.