TL;DR: Manufacturing IT teams are being pushed to centralise asset visibility, automate routine service work, and tighten auditability across IT and OT environments, according to Efecte. The practical issue is not automation itself but whether access, workflow, and change control remain governable when service desks handle production-critical systems.
At a glance
What this is: This is an analysis of how manufacturing IT service management tooling changes operational control across IT and OT assets, access workflows, and audit readiness.
Why it matters: It matters because IAM, IGA, PAM, and lifecycle teams increasingly have to govern access and change across production systems, not just office endpoints and human users.
By the numbers:
- Only 5.7% of organisations have full visibility into their service accounts.
- 96% of organisations store secrets outside of secrets managers in vulnerable locations including code, config files, and CI/CD tools.
- 97% of NHIs carry excessive privileges, increasing unauthorised access and broadening the attack surface.
👉 Read Efecte's article on manufacturing IT automation and control
Context
Manufacturing environments are now identity environments as much as they are operational environments. When IT teams manage shop-floor terminals, scanners, printers, MES links, and connected devices from one service layer, the real question becomes whether access, change, and inventory data are accurate enough to support control rather than just convenience.
The article frames automation as a way to recover time and reduce manual work, but the governance issue is broader: every self-service request, automated approval, and low-code workflow creates a traceable identity event. In practice, that means manufacturing IT needs stronger accountability across human access, service identities, and system-to-system handoffs.
The starting position here is typical for industrial IT programmes that have outgrown manual service desk handling but have not yet fully mapped identity governance into operational technology workflows.
Key questions
Q: How should manufacturing IT teams govern access when service desks automate resets and provisioning?
A: They should treat the workflow itself as a governed access path. That means binding approvals to identity lifecycle rules, limiting standing entitlements behind the portal, and logging every grant, reset, and revocation with an auditable owner. If the workflow can create access, it must also be able to expire it cleanly.
Q: Why does asset visibility matter so much for IAM in manufacturing environments?
A: Because access governance depends on knowing what exists, who owns it, and which systems depend on it. In manufacturing, missing terminals, scanners, MES links, or IoT devices can hide privilege paths and make recertification incomplete. Visibility is the control that turns access review from guesswork into evidence.
Q: What do security teams get wrong about low-code apps in industrial IT?
A: They often treat low-code apps as lightweight productivity tools instead of governed systems that can influence access, incidents, and operational change. If an app can approve work, route requests, or expose data used in production decisions, it needs role review, retention rules, and ownership like any other control-bearing application.
Q: How can organisations reduce the risk of stale access in automated service workflows?
A: Use time-bound entitlements, explicit revocation steps, and periodic recertification for any automated path that creates access. The key is to prevent workflow convenience from turning into persistent authority. When a process can provision quickly, it should also be designed to cleanly remove access when the task ends.
Technical breakdown
Why unified asset visibility matters for identity governance
In manufacturing, asset visibility is not just an inventory problem. It is the control layer that tells IAM and operations teams which endpoints, kiosks, scanners, and application dependencies exist, who can reach them, and what change history applies. Without that map, access reviews, audit evidence, and incident scoping all become partial. The same is true for OT-adjacent systems such as MES integrations, where a missed dependency can hide a privileged path into production services. Practical implication: build asset-to-identity relationships into the CMDB or equivalent control plane so access decisions reflect the real environment, not a stale list.
Practical implication: build asset-to-identity relationships into the CMDB or equivalent control plane so access decisions reflect the real environment, not a stale list.
How workflow automation changes access governance
Self-service portals and automated workflows can reduce manual effort, but they also shift where trust is placed. Instead of a technician approving each request, the organisation trusts the workflow logic, the approval model, and the entitlements behind the scenes. That makes workflow design part of access governance, especially for resets, device enrolment, and provisioning. If those workflows are not tied to lifecycle rules, stale access can persist invisibly because the process itself looks efficient. Practical implication: treat automated approval paths as governed access pathways and test them with the same scrutiny used for privileged accounts.
Practical implication: treat automated approval paths as governed access pathways and test them with the same scrutiny used for privileged accounts.
What low-code/no-code means for control boundaries
Low-code and no-code tooling lets IT build operational apps faster, but it also expands who can define business logic that touches service requests, incidents, and access decisions. That matters because the control boundary moves from code review to configuration governance. In industrial settings, even a small form or workflow change can affect incident triage, maintenance scheduling, or the approval record for a device repair. Practical implication: classify low-code apps that influence access or operational change as governed assets and review their data flows, roles, and approvals on a fixed cadence.
Practical implication: classify low-code apps that influence access or operational change as governed assets and review their data flows, roles, and approvals on a fixed cadence.
NHI Mgmt Group analysis
Manufacturing IT automation is an identity governance problem, not just an efficiency project. The article focuses on saving time, but the underlying change is that more access decisions are being expressed through workflows rather than direct human action. That shifts control risk into provisioning logic, approval routing, and asset visibility. Organisations that treat the service layer as a convenience layer miss the fact that it now governs who and what can operate production systems.
Unified visibility is the prerequisite for any credible NHI and IAM control in industrial environments. If scanners, printers, terminals, MES links, and IoT assets cannot be tied back to owners, access paths, and change history, lifecycle governance loses its evidence base. This is especially important where service accounts or integration tokens sit behind operational tooling. The practitioner conclusion is simple: identity governance cannot be complete when the asset graph is incomplete.
Workflow automation creates a standing privilege problem if approvals are not lifecycle-bound. A reset or access grant that is fast but not time-scoped or revocable effectively becomes persistent authority embedded in process logic. That pattern is familiar in NHI governance and becomes more dangerous when it touches production operations. The implication is that the access model must be reviewed as a workflow design issue, not only as a permissions issue.
Low-code operational apps widen the governance surface because business logic becomes part of the control plane. When IT teams build their own incident or fault-recovery apps, they also become responsible for the integrity of the approvals, data retention, and role assignments inside those apps. That creates a new audit and ownership burden for IGA and PAM teams. Practitioners should treat citizen-built operational tooling as governed infrastructure, not shadow convenience software.
Manufacturing programmes need identity controls that span human operators, service accounts, and machine-connected workflows. The same lifecycle discipline applies across all three, but the evidence sources differ. Human approvals, NHI entitlements, and OT-related access records need to converge into one review model if the organisation wants real accountability. For practitioners, the field is moving toward one governance fabric, not separate process islands.
From our research:
- Only 5.7% of organisations have full visibility into their service accounts, according to the Ultimate Guide to NHIs.
- 96% of organisations store secrets outside of secrets managers in vulnerable locations including code, config files, and CI/CD tools.
- For a broader control baseline, the Ultimate Guide to NHIs shows that 97% of NHIs carry excessive privileges, which helps explain why workflow automation needs governance, not just speed.
What this signals
Identity control in manufacturing will increasingly depend on whether teams can connect workflows to real assets and real owners. The operational prize is efficiency, but the governance requirement is traceability. If a portal, low-code app, or automated approval path cannot be tied back to an accountable identity, the organisation will struggle to prove who changed what in production. This is where identity governance becomes a plant reliability issue as much as a security issue.
Only 5.7% of organisations have full visibility into their service accounts, according to the Ultimate Guide to NHIs, which means many manufacturing programmes are still governing automation with incomplete evidence. That figure is the warning signal for teams expanding self-service and workflow-driven operations. The next step is to align service identity visibility with change records, because audit readiness will otherwise lag behind automation.
The practical signal for practitioners is that self-service and low-code initiatives should be assessed as identity expansion programmes. Once those tools can grant access, route approvals, or influence production-related change, they belong in the same governance conversation as PAM, IGA, and lifecycle management.
For practitioners
- Map production assets to identity owners Inventory shop-floor endpoints, scanners, printers, MES connections, and IoT devices alongside the human and non-human identities that can reach them. Use those relationships to support access reviews, incident scoping, and offboarding decisions.
- Bind workflow approvals to lifecycle rules Require reset, provisioning, and access-request workflows to inherit expiry, revocation, and reviewer ownership from the underlying identity record. Automated approvals should not create permanent access by default.
- Review low-code apps as governed assets Classify operational apps that handle faults, requests, or access decisions as control-bearing systems. Review their roles, data paths, and approval logic on the same cadence used for other privileged business systems.
- Separate convenience from authority in manufacturing IT Limit the permissions behind self-service portals so they can route work without becoming implicit administrators of production systems. Where possible, use task-scoped access and log every entitlement change for audit.
Key takeaways
- Manufacturing IT automation increases control needs because workflows now shape who can access production-relevant systems.
- Identity governance in industrial environments depends on linking assets, owners, approvals, and audit records into one control picture.
- Efficiency gains are real, but they are durable only when workflow logic is treated as a governed access surface.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
NIST CSF 2.0, NIST SP 800-53 Rev 5 and NIST Zero Trust (SP 800-207) set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| NIST CSF 2.0 | PR.AC-4 | Workflow access and asset visibility map to identity and access management in production environments. |
| NIST SP 800-53 Rev 5 | AC-2 | Account management is central when portals and workflows create or change access. |
| NIST Zero Trust (SP 800-207) | Zero Trust applies where production systems and service identities need continuous verification. |
Apply Zero Trust principles so manufacturing access decisions are continuously evaluated, not assumed after login.
Key terms
- Workflow-based access control: A governance model where approvals, resets, and provisioning happen through a defined process rather than direct manual administration. In practice, the workflow becomes part of the control plane, so its ownership, expiry rules, logging, and reviewer model matter as much as the permission itself.
- Identity-to-asset mapping: The linkage between a person, service account, or system and the devices, applications, and operational systems it can reach. In manufacturing, this mapping is essential for access reviews and incident response because it shows who or what can influence production-relevant assets.
- Control-bearing application: An application that does more than display information because it can approve work, route requests, or change access. These systems need governance like other privileged tools, since their business logic can directly affect entitlement creation, operational change, and audit evidence.
- Lifecycle-bound entitlement: An access grant that is tied to a task, role change, or business event and can be revoked when that condition ends. This is especially important where automation speeds up access, because convenience without expiry creates persistent authority inside everyday workflows.
What's in the full article
Efecte's full article covers the operational detail this post intentionally leaves for the source:
- Practical examples of how manufacturing teams structure service desk automation around internal processes.
- The specific ways the platform ties asset inventory, workflow, and compliance reporting together.
- How the article positions low-code app creation for operational support teams.
- The vendor's own framing of time savings, deployment speed, and day-to-day IT administration in production settings.
Deepen your knowledge
NHI governance, machine identity security, and identity lifecycle are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are building or maturing an IAM or identity governance programme, it is worth exploring.
Published by the NHIMG editorial team on 2025-10-15.
NHI Mgmt Group — the independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org