Notifications
Clear all
Topic starter
28/05/2026 11:39 am
TL;DR: Operational technology environments keep privileged access in place longer than enterprise IT usually would, because availability, vendor support, and maintenance windows limit how fast controls can change, according to Delinea. The governance problem is not just access volume but accumulated exception paths, making blast-radius control the practical priority for OT teams.
NHIMG editorial — based on content published by Delinea: Securing privileged access in OT without disrupting operations
Questions worth separating out
Q: How should security teams reduce privileged access risk in OT without causing downtime?
A: Start with the access paths that create the largest blast radius, not the ones that are easiest to change.
Q: When does privileged access in OT become a governance problem rather than an operations issue?
A: It becomes a governance problem when access persists by habit instead of by documented need.
Q: What is the difference between session monitoring and least privilege in OT?
A: Session monitoring shows what an authenticated user did after access was granted, while least privilege limits what that user can do in the first place.
Practitioner guidance
- Map every privileged access path Inventory shared administrator accounts, service accounts, remote vendor tools, jump hosts, and engineering workstation elevation paths.
- Move static credentials into controlled rotation Place privileged credentials under centralized vaulting and enforce rotation schedules that fit plant operations.
- Broker and record remote sessions Require controlled access paths for third-party and internal remote support, with proxied sessions, activity logging, and recording enabled by default.
Teams that can measure account ownership, session evidence, and task-scoped elevation will be able to reduce risk without forcing unsafe standardisation?
👉 Read Delinea's analysis of privileged access control in OT →
Explore further
28/05/2026 11:44 am
Standing privilege is the real OT governance debt. OT teams often treat privileged access as an operational necessity, but persistent elevation is what makes compromise durable. Shared accounts, local admin rights, and vendor exceptions expand the blast radius of routine work. The practical conclusion is that OT security should reduce standing privilege wherever uptime allows, and only preserve it where a documented operational case exists.
A few things that frame the scale:
- 1 in 4 organisations are already investing in dedicated NHI security capabilities, with an additional 60% planning to do so within the next twelve months, according to The State of Non-Human Identity Security.
- 85% of organisations lack full visibility into third-party vendors connected via OAuth apps, which is why unmanaged third-party access remains a governance blind spot in many environments.
A question worth separating out:
Q: Why do OT environments need different privileged access controls than enterprise IT?
A: OT environments often contain long-lived assets, separate identity stores, and narrow change windows that make standard IT access models too disruptive. Controls have to preserve availability and safety while still reducing privilege risk. That usually means using phased rollout, controlled access paths, and compensating controls where immediate remediation is not realistic.
👉 Read our full editorial: Securing privileged access in OT without disrupting uptime
