OT identity silos and local access: what IAM teams need to know

TL;DR: OT environments still rely on local identities, isolated directories and manually maintained access that can outlive HR changes, creating hidden accountability gaps across plants, according to Gathid. The governance problem is not centralisation for its own sake, but visibility that respects operational boundaries while closing stale-access risk.

NHIMG editorial — based on content published by Gathid: OT identity governance in air-gapped operational technology environments

Questions worth separating out

Q: How should organisations govern identity in OT environments without disrupting operations?

A: They should separate visibility from control.

Q: Why do OT access reviews often miss the highest-risk identities?

A: Because reviews are usually anchored to corporate directories, while OT access may live in local systems maintained by engineers.

Q: What do security teams get wrong about bridging IT and OT identity?

A: They often assume the answer is direct integration.

Practitioner guidance

• Inventory every standalone OT identity domain Document each plant, site or facility that maintains its own directory, local accounts or access policy so you can see where corporate lifecycle controls do not reach.
• Model OT access before changing production systems Use an offline twin or equivalent shadow model to review identities, roles and access paths before attempting any sync, policy change or remediation step.
• Reconcile HR events with local OT access Check whether terminations, transfers and role changes are reflected inside site directories, especially where engineers maintain access outside central IAM.

What's in the full article

Gathid's full article covers the operational detail this post intentionally leaves for the source:

• How digital twins are used to model OT identity relationships without touching production systems.
• How knowledge graphs surface redundant access, orphaned accounts and mismatched role assignments across sites.
• How the approach supports auditor and regulator questions about proof of access without forcing OT standardisation.
• How engineers can act on identity findings while preserving air-gap and safety requirements.

👉 Read Gathid's analysis of OT identity governance across air-gapped environments →

OT identity silos and local access: what IAM teams need to know?

Explore further

View Full Forum →  |  NHI Foundation Course →