Notifications
Clear all
Topic starter
07/06/2026 8:31 pm
TL;DR: Identity governance tools now have to reduce friction for reviewers and admins, not add more of it, according to ConductorOne. ConductorOne’s December product wrap-up focuses on small UX, review-visibility, scaling, and connector improvements meant to make identity governance easier to use, easier to understand, and easier to scale across existing workflows.
NHIMG editorial — based on content published by ConductorOne: December Product Wrap-Up
By the numbers:
- Only 5.7% of organisations have full visibility into their service accounts.
- 97% of NHIs carry excessive privileges, increasing unauthorised access and broadening the attack surface.
- 80% of identity breaches involved compromised non-human identities such as service accounts and API keys.
Questions worth separating out
Q: How should identity teams reduce friction in access review workflows?
A: Identity teams should remove unnecessary policy complexity, expose review context directly in the workflow, and make campaign status visible enough that admins can act without manual follow-up.
Q: Why do access reviews stall in larger identity programmes?
A: Access reviews stall when reviewers lack context, administrators cannot see bottlenecks, and the workflow forces people to jump between tools to decide.
Q: How can organisations tell if connector coverage is actually sufficient?
A: Connector coverage is sufficient only when it supports the full lifecycle, including provisioning, deprovisioning, reconciliation, and monitoring in downstream systems.
Practitioner guidance
- Simplify access policy authoring Reduce dependence on complex expressions for standard approval patterns and make policy intent visible to reviewers and admins.
- Instrument review campaigns for bottlenecks Track stalled items, reviewer lag, and unfinished work at the campaign level so recertification does not degrade into manual chasing.
- Validate connector enforcement depth Check that integrations support provisioning, deprovisioning, reconciliation, and monitoring, not just account sync.
What's in the full article
ConductorOne's full blog covers the operational detail this post intentionally leaves for the source:
- Release-note level UX changes for policy building, navigation, and table behaviour.
- Expanded campaign dashboard details showing how review bottlenecks are surfaced.
- Connector additions and provisioning or deprovisioning improvements that support implementation.
- Bulk actions, export options, and CLI or infrastructure-as-code workflow specifics.
👉 Read ConductorOne's December product wrap-up on identity governance updates →
Identity governance UX, reviews and integrations: what changed in December?
Explore further
07/06/2026 10:26 pm
Identity governance now competes on usability as much as policy depth. The December wrap-up shows that teams no longer tolerate workflows that require constant context switching, opaque review states, or custom syntax for ordinary access decisions. That is not a cosmetic preference, it is a control-quality issue, because friction creates inconsistency and inconsistency weakens governance. Practitioners should treat usability as part of the control surface, not as a separate product concern.
A few things that frame the scale:
- Only 5.7% of organisations have full visibility into their service accounts, according to Ultimate Guide to NHIs.
- 96% of organisations store secrets outside of secrets managers in vulnerable locations including code, config files, and CI/CD tools.
A question worth separating out:
Q: What is the difference between reviewing access and governing access end to end?
A: Reviewing access checks whether an entitlement still looks acceptable. Governing access end to end means the platform can also enforce lifecycle changes across connected systems when decisions are made. A review without downstream enforcement can document a problem without resolving it, which leaves the access state unchanged.
👉 Read our full editorial: December identity governance updates point to scale, visibility and UX
