Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

Secure by design: what it means for IAM teams now


(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 9773
Topic starter  

TL;DR: Secure-by-design fails when security is bolted on after deployment, with the MGM help desk attack and passwordless, passkeys, and transparency used to show why identity verification and phishing-resistant controls matter, according to Bitwarden. The practical lesson is that identity governance must be built into system design, not treated as a late-stage control layer.

NHIMG editorial — based on content published by Bitwarden: Secure by design is part of the foundation, not an addition

By the numbers:

Questions worth separating out

Q: How should security teams stop help desk social engineering from becoming an access path?

A: Treat the help desk as part of the identity control plane.

Q: Why do secure-by-design programmes fail when identity controls are added too late?

A: They fail because access patterns, fallback routes, and user expectations are already fixed in production.

Q: How do passkeys change identity risk for organisations?

A: Passkeys remove password reuse and reduce phishing exposure, but they shift risk into enrollment, device trust, recovery, and lifecycle management.

Practitioner guidance

  • Map every account recovery path to an access control owner Document who approves recovery, what proof is required, and which fallback channels are allowed before any login change goes live.
  • Move phishing-resistant authentication into the default standard Prioritise passkeys or equivalent phishing-resistant methods for users who can support them, then define enrollment and recovery as governed lifecycle steps rather than optional convenience features.
  • Test security claims against operational evidence Ask teams to show standards alignment, vulnerability handling, and cryptographic process documentation before approving new authentication or support workflows.

What's in the full article

Bitwarden's full article covers the operational detail this post intentionally leaves for the source:

  • The panel’s first-hand discussion of secure-by-design decision-making in product and infrastructure teams.
  • Specific examples of how password managers, passkeys, and biometric prompts change real user workflows.
  • The original commentary on social engineering, security theatre, and why transparency matters in practice.

👉 Read Bitwarden's discussion on secure by design, passkeys, and identity verification →

Secure by design: what it means for IAM teams now?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 9257
 

Secure by design becomes an identity governance test the moment support workflows can be abused. The article’s MGM example shows that technical strength at the platform layer does not matter if identity recovery is weak. Help desk resets, fallback channels, and exception handling are now part of the control surface, not administrative convenience. IAM teams should treat every recovery path as production access.

A few things that frame the scale:

  • Only 5.7% of organisations have full visibility into their service accounts, according to Ultimate Guide to NHIs.
  • 79% of organisations have experienced secrets leaks, with 77% of these incidents resulting in tangible damage, according to Ultimate Guide to NHIs.

A question worth separating out:

Q: Who should own security evidence for authentication and recovery workflows?

A: IAM, PAM, and application owners should jointly own the evidence because authentication is only as strong as the supporting process. Teams should be able to show standards alignment, documented recovery paths, and clear revocation logic. That evidence is what distinguishes real security from security theatre.

👉 Read our full editorial: Secure by design is now an identity governance issue



   
ReplyQuote
Share: