Notifications
Clear all
Topic starter
24/06/2026 7:10 pm
TL;DR: Unmanaged and unmonitored credentials leave identity teams operating with incomplete governance and remediation context, as SPHERE’s Intelligent Discovery 2.0 focuses on privileged account visibility across cloud and on-premises systems. Hidden privileged access is now an identity hygiene problem, not just a visibility gap.
NHIMG editorial — what this means for NHI practitioners
Questions worth separating out
Q: How should security teams handle privileged accounts they cannot fully inventory?
A: Treat unknown privileged accounts as governance exceptions, not background noise.
Q: Why do unmanaged privileged accounts create such a large IAM risk?
A: Because IAM cannot certify, monitor, or remove access that is not in scope.
Q: What signals show that privileged account governance is not working?
A: Common warning signs include accounts with no named owner, admin access that never expires, inconsistent visibility across cloud and on-premises systems, and recurring findings that are never closed.
Practitioner guidance
- Create a privileged account inventory baseline Establish a single inventory that covers cloud, on-premises, and application-specific privileged accounts, then reconcile it against directory, PAM, and platform logs to surface hidden accounts.
- Map named ownership to every privileged account Do not accept an admin or service account into the governance model until a named owner is assigned and can attest to its business purpose, monitoring status, and removal path.
- Separate standing privilege from justified admin use Flag persistent privileged access that lacks a time-bound rationale, then route it into remediation workflows before the next recertification cycle.
What's in the full announcement
SPHERE's full article covers the operational detail this post intentionally leaves for the source:
- How Intelligent Discovery 2.0 maps privileged accounts across cloud and on-premises systems in practice
- What standing privilege analysis and ownership mapping look like in a real identity hygiene workflow
- How real-time compliance insights are presented for remediation and governance teams
- Why the vendor positions SaaS and self-hosted deployment options for different operating models
👉 Read SPHERE's article on Intelligent Discovery 2.0 and privileged account visibility →
Privileged account discovery gaps: what IAM teams are missing?
Explore further
25/06/2026 4:20 am
Hidden privileged access is a governance failure before it becomes a security incident. When privileged accounts are outside the inventory, they are outside the review cycle, the ownership model, and often the remediation path as well. That means identity teams are not managing access risk, they are managing a subset of what they can see. The implication is simple: incomplete discovery produces incomplete governance.
A few things that frame the scale:
- 88.5% of organisations acknowledge that their non-human IAM practices lag behind or are merely on par with their human identity and access management efforts, according to The 2024 Non-Human Identity Security Report.
- 23.7% of organisations share secrets through insecure methods such as email or messaging applications, which shows how quickly privileged access governance degrades when ownership and handling rules are weak.
A question worth separating out:
Q: Who should be accountable for orphaned privileged accounts?
A: Accountability should sit with the business or technical owner closest to the system, not with the discovery tool or the security team alone. Security can surface the exposure, but only an accountable owner can approve removal, attest necessity, or accept risk in a controlled way.
👉 Read our full editorial: Privileged account blind spots leave identity governance incomplete
