Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

Access governance for digital sovereignty: what changes for IAM teams?


(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 12212
Topic starter  

TL;DR: Omada says deeper cooperation with adesso is aimed at helping regulated organisations improve identity control, compliance traceability, and faster implementation of IAM and IGA in hybrid environments, while reducing risk from orphaned and overprivileged accounts, according to Omada. The underlying message is that sovereignty, not just administration, is now a programme design requirement.

NHIMG editorial — based on content published by Omada Identity: adesso and Omada deepen access governance for digital sovereignty

Questions worth separating out

Q: How should teams govern access across human and machine identities?

A: Teams should use one governance model for all identity types, then adjust controls for how each identity is created, used, and retired.

Q: Why do orphaned and overprivileged accounts remain such a security risk?

A: They remain risky because they create access that no one actively owns and that may exceed the current business need.

Q: How do identity programmes support digital sovereignty in practice?

A: They support digital sovereignty by proving the organisation can control, explain, and change access across systems without depending on ad hoc workarounds.

Practitioner guidance

  • Rebuild entitlement ownership around lifecycle events Link provisioning, movers, leavers, and periodic recertification to named business owners so access cannot survive without accountability.
  • Prioritise orphaned and overprivileged account cleanup Inventory accounts with no clear owner, stale access, or privileges that exceed task scope.
  • Insert identity architecture reviews before cloud and AI delivery Require IAM, IGA, and privileged access design to be signed off before new cloud or AI programmes go live, especially where tokens, workload identities, or delegated access will be used.

What's in the full article

Omada's full article covers the operational detail this post intentionally leaves for the source:

  • How the adesso and Omada partnership is positioned for enterprise and public-sector delivery in the DACH region
  • The business rationale for expanding partner-program access and implementation resources
  • The specific benefits Omada describes for compliance, efficiency, and digital sovereignty programmes
  • The company perspective on why identity management is being tied to cloud and AI initiatives

👉 Read Omada Identity's article on the adesso partnership and identity governance →

Access governance for digital sovereignty: what changes for IAM teams?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 11787
 

Access governance is now a sovereignty control, not a back-office workflow. The article is right to place identity at the centre of digital sovereignty because access is where policy becomes operational reality. When identity controls are weak, the organisation may still be compliant on paper but lacks practical control over data, systems, and change. For IAM and IGA teams, the programme objective is therefore control assurance, not just administration.

A few things that frame the scale:

  • 97% of NHIs carry excessive privileges, increasing unauthorised access and broadening the attack surface, according to Ultimate Guide to NHIs.
  • Only 5.7% of organisations have full visibility into their service accounts, according to Ultimate Guide to NHIs.

A question worth separating out:

Q: What should organisations prioritise first in IAM and IGA modernisation?

A: They should prioritise entitlement ownership, lifecycle revocation, and recertification before expanding feature scope. Those controls reduce immediate exposure from stale access and give the organisation a reliable base for cloud and AI adoption. Once ownership and revocation are dependable, more advanced automation becomes safer to introduce.

👉 Read our full editorial: adesso and Omada deepen access governance for digital sovereignty



   
ReplyQuote
Share: