Secure OT access and PAM for industrial environments: what changed?

TL;DR: Critical infrastructure teams are being judged on browser-based access, scalability and legacy compatibility, while SSH Communications Security’s PrivX OT was recognized by KuppingerCole in secure remote access for OT and ICS and the same week received an honorable mention in Gartner’s 2025 PAM Magic Quadrant, underscoring how critical infrastructure teams are being judged on browser-based access, scalability and legacy compatibility. The real issue is not analyst recognition, but whether PAM controls can govern distributed OT access without weakening operational continuity.

NHIMG editorial — based on content published by SSH Communications Security: SSH PrivX OT recognition in KuppingerCole’s 2025 Secure OT Access Report

By the numbers:

• 25% of Fortune 100 companies rely on SSH’s solutions.
• 92% of organisations expose NHIs to third parties, raising concerns about supply chain security.
• 97% of NHIs carry excessive privileges, increasing unauthorised access and broadening the attack surface.

Questions worth separating out

Q: How should security teams govern just-in-time access in OT environments?

A: Security teams should govern just-in-time access as a session lifecycle control, not as a one-time authentication event.

Q: Why do legacy industrial systems complicate zero trust access models?

A: Legacy industrial systems complicate zero trust because they were built for stable connectivity, not continuous policy enforcement or per-session identity checks.

Q: What do teams get wrong about browser-based access for OT?

A: Teams often assume browser-based access is inherently safer, when the real question is whether the broker enforces policy at the protocol level.

Practitioner guidance

• Map OT access paths to privilege boundaries Inventory every remote access path into industrial systems, including browser-based sessions, vendor support flows, and protocol relays.
• Verify session teardown across legacy protocols Test whether just-in-time access is actually revoked when the task ends, especially where older OT protocols, jump hosts, or file-transfer workflows are involved.
• Treat the broker as a privileged control point Apply the same review discipline to the mediation layer that you would apply to a PAM vault or bastion host.

What's in the full analysis

SSH Communications Security's full article covers the operational detail this post intentionally leaves for the source:

• The analyst recognition language for PrivX OT in secure remote access for OT and ICS, including the categories cited in the report.
• The vendor’s own description of protocol-agnostic connections, secure file transfer, and just-in-time access in industrial environments.
• The Gartner honorable mention context for PAM and the specific phrasing used around OT and cyber-physical systems.
• The business positioning around critical infrastructure, manufacturing OT security, and digital sovereignty.

👉 Read SSH Communications Security’s analysis of PrivX OT recognition and PAM →

Secure OT access and PAM for industrial environments: what changed?

Explore further

View Full Forum →  |  NHI Foundation Course →