Notifications
Clear all
Topic starter
07/06/2026 9:25 pm
TL;DR: Least privilege no longer scales across modern SaaS, IaaS, PaaS, and on-prem environments because standing permissions linger after they are needed, creating avoidable risk and business friction, according to ConductorOne. The practical shift is to zero standing privilege, where access is granted just in time, tightly approved, and fully auditable.
NHIMG editorial — based on content published by ConductorOne: Moving Beyond Least Privilege
Questions worth separating out
Q: How should security teams replace least privilege with zero standing access?
A: Start by identifying where access persists after the task ends, then convert those paths to just-in-time grants with automatic expiry.
Q: Why do standing permissions remain such a security problem?
A: Standing permissions create a long-lived window for misuse because access continues to exist after the original need has passed.
Q: How do organisations know whether zero standing privilege is actually working?
A: Look for evidence that high-risk access is granted only for the task, expires automatically, and leaves a complete audit trail.
Practitioner guidance
- Inventory standing access paths Map every human, service account, and operational credential that can perform privileged actions without fresh approval.
- Convert high-risk actions to just-in-time grants Replace persistent access with task-scoped access for admin, deployment, and data-change workflows.
- Bind approvals to specific actions and contexts Use step-up approval for sensitive changes, but tie the approval to the exact system, action, and time window.
What's in the full article
ConductorOne's full blog post covers the operational detail this post intentionally leaves for the source:
- How the vendor frames just-in-time provisioning for production operations and emergency access.
- The access-control workflow details behind step-up approvals and when they should trigger.
- The practical distinction between standing permissions, temporary elevation, and full revocation.
- The author’s implementation perspective on eliminating long-lived access without slowing the business.
👉 Read ConductorOne's analysis of why least privilege no longer scales →
Least privilege vs zero standing access: what IAM teams need now?
Explore further
08/06/2026 9:22 am
Least privilege has become a governance assumption, not a control objective. The model was designed for environments where access could be predicted and maintained with relative stability. That assumption fails in modern enterprises because identities, apps, and permissions change continuously, so the problem is no longer ideal design but stale access persistence. Practitioner conclusion: stop treating least privilege as a static end state and start treating it as a moving target.
A few things that frame the scale:
- 91.6% of secrets remain valid five days after the targeted organisation is notified, showing a critical gap in remediation procedures, according to Ultimate Guide to NHIs.
- Only 5.7% of organisations have full visibility into their service accounts, which explains why standing access survives long after the business task is over.
A question worth separating out:
Q: Who should own the shift from least privilege to zero standing access?
A: Ownership should sit with identity, security, and platform teams together because the change affects entitlement design, workflow approvals, and logging. IAM defines the access model, PAM governs high-risk elevation, and infrastructure teams enforce the operational boundaries. Without shared ownership, standing access tends to reappear in exception paths.
👉 Read our full editorial: Least privilege is broken: why zero standing access wins now
