Notifications
Clear all
Topic starter
07/06/2026 9:25 pm
TL;DR: DDIL conditions can cut off identity providers, prompting shared credentials, bypassed controls, and emergency access that undermine Zero Trust, according to Strata Identity. The operational lesson is that authentication, authorization, and session continuity must be designed for interruption before the outage arrives.
NHIMG editorial — based on content published by Strata Identity: identity continuity in DDIL conditions
Questions worth separating out
Q: How should organisations keep access working when the identity provider is unreachable?
A: Organisations should define disconnected operating modes before an outage occurs, with local authentication, limited access states, and explicit reconciliation rules.
Q: Why do DDIL conditions create more identity risk than a normal outage?
A: DDIL conditions create more risk because access decisions still have to happen while the normal identity control plane is degraded or unavailable.
Q: What breaks when identity continuity is not built into resilience planning?
A: When identity continuity is missing, authentication, authorization, and session management all become fragile at the same time.
Practitioner guidance
- Inventory outage-dependent access paths List every application, workforce group, and non-human workload that depends on a single identity provider or continuous cloud reachability.
- Design degraded access states before the outage Define what read-only, limited, or locally authenticated access should look like during disconnected operations.
- Test identity failover, not just infrastructure failover Run exercises that simulate loss of the primary IdP, not only server or network failures.
What's in the full article
Strata Identity's full article covers the operational detail this post intentionally leaves for the source:
- How Identity Continuity works as an orchestration layer across modern and legacy applications.
- Examples of disconnected modes that preserve access when the primary identity provider is unreachable.
- The distinction between planned outages and unplanned disruptions in real operational environments.
- Why islands of trust matter for military and enterprise resilience planning.
👉 Read Strata Identity's analysis of identity continuity in DDIL environments →
DDIL conditions and identity continuity: what IAM teams miss?
Explore further
08/06/2026 9:22 am
Identity continuity is now a core governance requirement, not an availability enhancement. DDIL conditions expose the fact that many identity programmes still assume always-on connectivity to a central control plane. When that assumption fails, teams trade security for operational continuity through shared credentials, bypassed controls, and emergency grants. The implication is that identity governance must be judged by how it behaves during interruption, not only during steady state.
A few things that frame the scale:
- 88.5% of organisations acknowledge that their non-human IAM practices lag behind or are merely on par with their human identity and access management efforts, according to The 2024 Non-Human Identity Security Report.
- 23.7% of organisations share secrets through insecure methods such as email or messaging applications, which shows how quickly continuity pressure turns into control failure.
A question worth separating out:
Q: Who is accountable when teams use emergency access during disconnected operations?
A: Accountability should sit with the identity, application, and operations owners who approve the fallback design, not with the people forced to use it during failure. The governance question is whether emergency access is pre-defined, time-bound, and reconciled after the event. If it is not, the exception becomes part of normal operations.
👉 Read our full editorial: Identity continuity in DDIL conditions is now an enterprise issue
