TL;DR: AI factories move AI development on-premises or into hybrid data centres, giving organisations more control but also shifting responsibility for access management, auditing, and privileged control onto internal teams, according to Delinea. The critical gap is that high-performance AI environments can amplify unmanaged service identities, shadow AI, and over-privileged access faster than standard IAM processes can keep up.
NHIMG editorial — based on content published by Delinea: Secure AI factories with NIST HPC guidelines, NVIDIA architecture, and Delinea controls
By the numbers:
- Only 5.7% of organisations have full visibility into their service accounts.
- 97% of NHIs carry excessive privileges, increasing unauthorised access and broadening the attack surface.
Questions worth separating out
Q: How should security teams govern service accounts in AI factories?
A: Security teams should treat service accounts in AI factories as high-value non-human identities with clear owners, scope, and expiry dates.
Q: Why do AI factories increase the risk of privilege creep?
A: AI factories increase privilege creep because performance-sensitive clusters encourage broad operational access, temporary exceptions, and account reuse across jobs and tools.
Q: What breaks when AI workloads run outside zone-based controls?
A: When AI workloads run outside zone-based controls, access becomes too broad to audit and too easy to reuse.
Practitioner guidance
- Inventory every machine identity in the AI factory Build a register for service accounts, scheduler identities, AI microservices, and control-plane credentials.
- Enforce zone-specific privilege boundaries Map access, management, compute, and storage zones to separate roles and deny direct cross-zone access unless the request is explicitly approved and logged.
- Rotate keys and principals for automated services Automate credential rotation for Kerberos principals, keytabs, and service credentials used by AI pipelines.
What's in the full article
Delinea's full blog covers the implementation detail this post intentionally leaves at the architectural level:
- The NIST SP 800-234 control mapping for AI factories, including account management, authentication, auditing, and user-installed software controls.
- The zone-by-zone operating model for access, management, compute, and storage boundaries in an AI factory.
- How Delinea applies Kerberos, AD integration, and privileged session management across Linux-based AI clusters.
- The specific session recording, logging, and service account automation features used to support administration and forensic review.
👉 Read Delinea's analysis of NIST controls and identity security for AI factories →
AI factories and identity controls: are your guardrails ready?
Explore further
AI factories expose identity sprawl as an infrastructure design flaw, not just an access issue. When AI moves in-house, the number of accounts, service principals, and elevated operational paths grows faster than traditional governance processes can inventory. That makes the identity layer the control plane for the whole factory. Practitioners should treat unmanaged machine identities as a design defect, not a cleanup task.
A few things that frame the scale:
- 97% of NHIs carry excessive privileges, increasing unauthorised access and broadening the attack surface, according to the Ultimate Guide to NHIs.
- 71% of NHIs are not rotated within recommended time frames, increasing the risk of compromise over time, according to the Ultimate Guide to NHIs.
A question worth separating out:
Q: Who is accountable when an AI factory identity is misused?
A: Accountability sits with the organisation running the AI factory, because it owns the identities, the access paths, and the logging controls. NIST-style zoning and strong authentication help define responsibility, but they do not create it. If a service account, admin account, or control-plane credential is misused, the missing control is usually lifecycle ownership and auditable privilege boundaries.
👉 Read our full editorial: AI factories expose identity gaps that cloud AI hid