Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

Standing privilege in PAM: are your controls still keeping up?


(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 9773
Topic starter  

TL;DR: Traditional PAM strategies still rely on standing privileges, manual rotation, and visibility gaps that attackers can turn into ransomware footholds, according to Infisical’s analysis. The real shift is from managing permanent access to removing persistent privilege and making credentials invisible to users.

NHIMG editorial — based on content published by Infisical: Privileged Access Management Best Practices: Beyond Traditional Security

By the numbers:

  • Every 11 seconds, another organization falls victim to a ransomware attack.
  • 64% of valid secrets leaked in 2022 are still valid and exploitable today, proving that detection alone is not enough without automated revocation.

Questions worth separating out

Q: How should security teams reduce standing privilege in production environments?

A: Start with the accounts that can reach production systems, cloud administration, or sensitive data.

Q: Why do service accounts and API keys need PAM controls?

A: Because attackers use non-human identities to move silently once they are compromised.

Q: What do organisations get wrong about credential rotation?

A: They often assume rotation alone solves exposure, when the real issue is whether secrets are still usable during the window before revocation.

Practitioner guidance

  • Remove standing privileges from high-risk admin roles first Inventory permanent administrative grants, rank them by production reach, and replace the top exposures with just-in-time access that expires automatically after the task completes.
  • Bring non-human identities into the PAM control set Apply the same review, scoping, and revocation standards to service accounts, API keys, and machine identities that you already expect for human privileged users.
  • Replace credential checkout with brokered sessions Use session injection and proxied access so operators can perform privileged work without ever handling the underlying secret.

What's in the full article

Infisical's full blog post covers the operational detail this post intentionally leaves for the source:

  • A step-by-step PAM best-practice sequence for replacing standing privilege with time-bound access.
  • Specific operational patterns for handling service accounts, API keys, and machine identities as privileged assets.
  • Concrete monitoring and session-recording approaches for privileged access auditability.
  • Break-glass governance details, including approval, storage, and post-use review practices.

👉 Read Infisical's analysis of modern privileged access management best practices →

Standing privilege in PAM: are your controls still keeping up?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 9257
 

Standing privilege is the failure mode, not merely the control gap. Traditional PAM assumes elevated access can safely remain available between use cases, but that assumption belongs to a slower operational model. Once credentials, service accounts, and admin paths stay live indefinitely, the organisation has already accepted persistent blast radius. Practitioners should treat every always-on privilege as an exposure window that outlives its original business need.

A few things that frame the scale:

  • 64% of valid secrets leaked in 2022 are still valid and exploitable today, proving that detection alone is not enough without automated revocation, according to The State of Secrets Sprawl 2026.
  • 28.65 million new hardcoded secrets were detected in public GitHub commits in 2025 alone, a 34% year-over-year increase and the largest single-year jump ever recorded.

A question worth separating out:

Q: Who should own break-glass account governance?

A: Break-glass accounts should be owned jointly by IAM, security operations, and the system owners who depend on them. That ownership model matters because emergency access must be tested, tightly approved, and auditable without becoming a standing backdoor. Exceptional access needs stronger governance than routine admin access.

👉 Read our full editorial: Privileged access management is moving beyond standing credentials



   
ReplyQuote
Share: