Common infrastructure and digital factory security in manufacturing

At a glance

What this is: This is an analysis of how common infrastructure supports the digital factory model and why identity, access, and connected operations are now central to manufacturing productivity and resilience.

Why it matters: It matters because manufacturing teams must govern shared access across people, systems, and machines without increasing downtime, credential sharing, or operational disruption.

By the numbers:

• 57%, e than half of manufacturers, 57%, experienced a ransomware attack in the past 12 months.
• 61% of manufacturing security incidents result in business disruptions lasting several days.

👉 Read Imprivata's analysis of common infrastructure and digital factory security

Context

Common infrastructure is the layer that lets manufacturing teams connect people, systems, machines, and data across a digital factory. The security question is not whether the factory is becoming more connected, but whether identity and access controls are keeping pace with that connectivity.

In manufacturing, shared access patterns, shift work, contractor use, and IT and OT convergence create a broad attack surface. That makes identity governance central to both uptime and safety, because the same access paths that improve productivity can also spread ransomware, delay recovery, or expose operational systems.

The article's starting point is typical for modern manufacturing: digital transformation is being driven by productivity pressure, but the security model is still catching up to the operational model.

Key questions

Q: How should manufacturers govern access in a digital factory?

A: Manufacturers should govern digital factory access as a shared identity problem across people, systems, machines, and facilities. That means mapping every privileged path, removing shared credentials where possible, and tying access approval, review, and revocation to operational roles and shift changes. The goal is attributable access that supports uptime without creating hidden lateral movement paths.

Q: Why do shared credentials create risk on the factory floor?

A: Shared credentials weaken accountability and make it harder to detect misuse, especially in shift-based or contractor-heavy environments. When one login is used by many people, incident response cannot determine who accessed what, and offboarding cannot reliably remove all exposure. That turns a convenience measure into a persistent governance gap.

Q: When should manufacturers prioritize passwordless access?

A: Manufacturers should prioritize passwordless access when passwords, badge sharing, or repeated logins are creating friction and reducing accountability. In connected environments, stronger authentication is most valuable where physical entry and system access overlap, because it lowers the chance that a single compromised secret can affect both operations and security.

Q: What should security teams do after a manufacturing ransomware event?

A: Security teams should first identify which identities, shared systems, and OT connections enabled the spread, then remove any standing access that made recovery harder. They should also reassess whether the same access model is still in place across plants, contractors, and maintenance workflows, because repeat disruption usually reflects repeatable governance failure.

Technical breakdown

Common infrastructure in the digital factory

Common infrastructure is the shared physical, digital, and organizational foundation that lets manufacturing systems operate as one connected environment. In practice, this means production systems, warehouse access, identity controls, and data flows are no longer isolated. The benefit is better visibility and faster operational feedback. The risk is that a failure in one shared layer can affect multiple sites, functions, or processes at once. In manufacturing, the architectural value of common infrastructure is inseparable from the governance burden it creates.

Practical implication: treat shared infrastructure as a governed control plane, not just an efficiency layer.

Identity and access control across IT and OT

The article points to identity management and access control as foundational to modern manufacturing security. That matters because IT and OT convergence removes the old separation that once limited blast radius. When shared systems and network-connected equipment are accessed through weak or duplicated credentials, the same account can become a path into both business systems and operational environments. NIST-aligned manufacturing security depends on knowing who or what has access, why access exists, and how that access is removed when roles change.

Practical implication: map manufacturing access by identity type and enforce least privilege across both IT and OT.

Digital identity on the factory floor

The factory floor adds a physical identity layer to cyber governance. Badge systems and shared credentials are brittle in shift-based environments because they make accountability unclear and encourage credential sharing. The article highlights passwordless and biometric approaches as ways to strengthen authentication, reduce reliance on shared secrets, and improve accountability. The technical point is not that biometrics replace governance, but that stronger authentication reduces the likelihood that floor access becomes a low-friction route into higher-risk systems.

Practical implication: replace shared floor credentials with stronger individual identity proofing and authentication.

Threat narrative

Attacker objective: The attacker aims to disrupt manufacturing operations, widen the effect of compromise across connected systems, and create costly downtime.

1. Entry begins through connected manufacturing environments where shared infrastructure and weak identity controls can give attackers access to operationally meaningful systems.
2. Escalation occurs when compromised access crosses the boundary between IT and OT, letting attackers move from a user-facing foothold into production-adjacent systems or shared equipment.
3. Impact follows as ransomware or disruption spreads across the connected factory, delaying production, limiting recovery, and extending downtime across several days.

Breaches seen in the wild

• Cisco DevHub NHI breach — IntelBroker exploited exposed Cisco credentials, API tokens and keys in DevHub.
• Schneider Electric credentials breach — exposed credentials gave attackers access to Schneider Electric Jira, exfiltrating 40GB.

Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.

NHI Mgmt Group analysis

Common infrastructure turns manufacturing identity into a shared blast-radius problem. Once people, systems, machines, and data sit on the same connective layer, identity failures no longer stay local to one workflow or site. That is why manufacturing security now depends on governance across the full access graph, not just endpoint or perimeter controls. Practitioners should treat every shared access path as a potential operational dependency.

Identity management is now a production control issue, not only an IT issue. The article is right to connect access control with modern manufacturing security because IT and OT convergence makes identity the bridge between productivity and disruption. NIST CSF-aligned governance matters here, but the practical lesson is simpler: if access cannot be explained, scoped, and removed, it belongs in the failure path. Practitioners should review manufacturing access with that standard, not with legacy system assumptions.

Shared credentials in shift-based environments create accountability debt. Traditional badge models and reused logins were designed for convenience, not for environments where many workers, contractors, and devices share the same physical space. That assumption fails when access needs to be attributable, time-bound, and auditable across production cycles. The implication is that manufacturing programmes must rethink who owns access, how it is proven, and how it is retired when roles change.

Digital factory security increasingly depends on the convergence of identity and resilience. The article's central contribution is showing that productivity and security are not competing outcomes when shared infrastructure is governed well. Resilience improves when access paths are fewer, clearer, and tied to operational context. Practitioners should evaluate whether their modernization plans reduce complexity or simply move it into a more connected risk surface.

Manufacturing now needs an identity model that spans floor access, system access, and machine access. The old separation between physical entry and cyber access no longer holds in connected operations. A passwordless, individually attributable access model reduces friction without sacrificing accountability, but only if it is embedded in lifecycle governance. Practitioners should align identity, operational technology, and safety governance as one programme.

From our research:

• 67% of organisations still rely heavily on static credentials despite the risks they pose to agentic AI deployments, according to the 2026 Infrastructure Identity Survey.
• 69% of security leaders agree identity management must fundamentally shift to address agentic AI systems.
• For a broader view of how identity programmes are changing, see Ultimate Guide to NHIs , Key Research and Survey Results for related research and survey findings.

What this signals

Manufacturing teams should expect digital factory programmes to shift identity governance from a back-office control to an operational dependency. The more shared infrastructure connects plants, warehouses, and administrative systems, the more access reviews, lifecycle controls, and authentication quality become production risks rather than compliance tasks.

Identity blast radius: in connected manufacturing, the real question is how far one compromised or misused identity can travel before it touches uptime. That makes every access decision part of resilience engineering, especially where IT and OT are converging.

With 67% of organisations still relying heavily on static credentials despite the risks they pose to agentic AI deployments, per the 2026 Infrastructure Identity Survey, static secrets remain a warning sign for any programme that still tolerates shared access in physical operations.

For practitioners

• Inventory shared access paths across IT, OT, and floor systems Document every place where one identity can reach production, warehouse, or administrative systems. Classify shared credentials, badge access, service accounts, and contractor access separately so that review and remediation can follow actual operational risk.
• Replace reused floor credentials with attributable authentication Move shift-based and contractor-heavy access away from shared badges and shared passwords. Use individual identity proofing and stronger authentication so that access can be traced to a person and removed when the role changes.
• Tie access reviews to production and maintenance cycles Review who can reach production-adjacent systems at the same cadence as maintenance windows, shift changes, and contractor offboarding. This prevents dormant access from surviving long after the operational need has ended.
• Align modernization projects with resilience metrics Measure whether each digital factory initiative shortens response time, reduces downtime, and improves recovery after security events. If a connectivity project increases operational complexity without improving control, treat it as a governance failure.

Key takeaways

• Common infrastructure can improve manufacturing productivity, but only if identity and access are governed as part of the operational model.
• The data in the article shows that ransomware and downtime are already common enough to make access governance a resilience issue, not a theoretical one.
• Manufacturers should reduce shared credentials, strengthen attributable authentication, and review access around production cycles to limit disruption.

Key terms

• Digital Factory: A digital factory is a manufacturing model that connects people, systems, machines, and data in a shared digital environment. The value is better visibility and faster decisions. The risk is that identity, access, and operational dependencies become tightly linked across the enterprise.
• Common Infrastructure: Common infrastructure is the shared physical, digital, or organizational layer that unifies work across the enterprise. In manufacturing, it can improve coordination and productivity, but it also concentrates risk because one access failure can affect multiple systems, sites, or operational processes.
• Operational Technology: Operational technology is the hardware and software that monitor or control industrial processes and equipment. Unlike traditional IT, OT is directly tied to safety and uptime. That makes access governance especially important because a compromise can disrupt production, not just data.
• Passwordless Authentication: Passwordless authentication verifies identity without relying on reusable passwords. In manufacturing, it can reduce shared secret use on the factory floor and improve accountability. The control is most effective when tied to individual identity proofing and lifecycle governance, not used as a standalone convenience feature.

Deepen your knowledge

NHI governance, agentic AI identity, and machine identity security are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are responsible for identity security strategy or NHI governance in your organisation, it is worth exploring.

This post draws on content published by Imprivata: Common infrastructure and digital factory security in manufacturing. Read the original.