Notifications
Clear all
Topic starter
28/05/2026 11:36 am
TL;DR: Layoffs, reorganisations, and mergers leave API keys, service accounts, and automation tokens behind, creating orphaned NHIs that persist with old privileges and little ownership context, according to Entro Security. The governance problem is not headcount change itself but unmanaged machine access that outlives the people who created it.
NHIMG editorial — based on content published by Entro Security: Layoffs and Leftovers: When NHIs Outlive Their Owners
By the numbers:
- 1 out of every 1,000 NHIs in enterprise environments is more than 10 years old.
- 1 out of every 1,000 NHIs in enterprise environments is more than 10 years old, while the median employee tenure is just 3.9 years.
Questions worth separating out
Q: How should security teams handle NHIs when employees leave or change roles?
A: Security teams should treat NHI offboarding as part of the employee departure process.
Q: What is the difference between a human offboarding problem and an NHI offboarding problem?
A: Human offboarding removes a person’s login and device access.
Q: When does orphaned NHI access become a material security risk?
A: Orphaned NHI access becomes material when the identity still has valid permissions, can reach production systems, or is tied to sensitive workflows.
Practitioner guidance
- Implement owner-linked offboarding for every NHI Require each API key, service account, and automation token to have a named operational owner, a business purpose, and a retirement condition.
- Inventory inherited identities during M&A intake Create a mandatory identity inventory step before integrating an acquired environment.
- Shorten credential exposure with enforced rotation Set rotation rules for all secrets that authenticate non-human access, especially those embedded in CI/CD and automation.
That is why identity intake, offboarding, and review workflows need to move together, not as separate governance projects?
👉 Read Entro Security's post on layoffs, orphaned NHIs, and leftover secrets →
Explore further
View Full Forum → | NHI Foundation Course → | Our Services →
28/05/2026 11:40 am
Orphaned NHI risk is a lifecycle failure, not a staffing issue. Layoffs, restructures, and acquisitions change who owns the work, but they do not automatically change who can still access systems. That gap exposes the limits of human-centric offboarding. Practitioners should treat every departure as a credential and ownership review event, not just a HR process.
A few things that frame the scale:
- 1 out of every 1,000 NHIs in enterprise environments is more than 10 years old, according to The State of Non-Human Identity Security.
- Only 1.5 out of 10 organisations are highly confident in their ability to secure NHIs, according to The State of Non-Human Identity Security.
A question worth separating out:
Q: Why do mergers and acquisitions make NHI governance harder?
A: M&A increases NHI risk because the acquiring organisation inherits identities created under different controls, naming conventions, and ownership models. Security teams often receive access before they receive context, which makes it harder to separate active business automation from stale credentials that should be retired.
👉 Read our full editorial: Layoffs expose the orphaned NHI problem in enterprise environments
