Notifications
Clear all
Topic starter
12/06/2026 9:26 pm
TL;DR: Oracle Red Bull Racing’s digital operations rely on context-aware access, layered defenses, and rapid testing to keep speed and security aligned across devices, locations, and workflows, according to 1Password’s case study. The lesson for identity teams is that static trust decisions break down when users, endpoints, and access paths move as quickly as the business does.
NHIMG editorial — based on content published by 1Password: Oracle Red Bull Racing balances speed and security with 1Password
By the numbers:
- Only 5.7% of organisations have full visibility into their service accounts.
- 90% of IT leaders say properly managing NHIs is essential for a successful zero-trust implementation.
- 70% of organisations grant AI systems more access than they would give a human employee performing the exact same job.
Questions worth separating out
Q: How should security teams use context-aware access in fast-moving environments?
A: They should base access decisions on device posture, location, network conditions, and session risk, then tighten or expand access as those signals change.
Q: Why do specialised or third-party systems create identity governance gaps?
A: Because many of them sit outside the core SSO and policy stack, so central controls do not fully reach them.
Q: How do you know if access controls are too friction-heavy to work in practice?
A: If users bypass controls, create support churn, or delay work to avoid the policy, the design is too heavy.
Practitioner guidance
- Map access decisions to context signals Use device posture, network location, software state, and session risk to shape access decisions after login, not just at authentication.
- Inventory every edge system and exception path Document specialised tools, vendor platforms, and other systems that sit outside your core SSO and policy stack.
- Test controls against real workflows before rollout Run policy and endpoint changes through live-user simulations, then measure delay, failure rate, and support escalation.
What's in the full article
1Password's full case study covers the operational detail this post intentionally leaves for the source:
- How Oracle Red Bull Racing structures device, login, and workflow oversight across distributed teams.
- Specific examples of the controls used to reduce friction while preserving security in day-to-day operations.
- The team’s approach to monitoring, audit trails, and least-privilege administration in practice.
- Why partner-led access simplification matters when users work at speed across multiple environments.
👉 Read 1Password's case study on Oracle Red Bull Racing's secure access model →
Formula 1 access controls: are your identity checks too static?
Explore further
12/06/2026 11:30 pm
Static trust is the wrong model for fast-moving operations. This case study shows that security decisions must follow the request context, not just the user account. When access is granted once and treated as stable, teams miss the operational reality that devices, locations, and work patterns change continuously. Practitioners should treat trust as a session property, not a login event.
A few things that frame the scale:
- 90% of IT leaders say properly managing NHIs is essential for a successful zero-trust implementation, according to the Ultimate Guide to NHIs.
- Only 20% have formal processes for offboarding and revoking API keys, and even fewer have procedures for rotating them.
A question worth separating out:
Q: Who is accountable when identity controls fail at the edge?
A: Accountability should sit with the team that owns the exception path, not only the central IAM function. If a specialised system or vendor platform is outside the standard stack, its compensating controls, monitoring, and review cadence need a named owner and a clear escalation path.
👉 Read our full editorial: Formula 1 identity security shows why context beats static trust
