Subscribe to the Non-Human & AI Identity Journal

Forums
The Non-Human & AI ...
NHI, AI & IAM Suppo...
Segregation of duti...
 
Notifications
Clear all

Segregation of duties in IT security: where IAM teams still slip

 
    Last Post
  RSS

 NHI Mgmt Group
(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 5324
Topic starter 12/06/2026 1:05 am  

TL;DR: IT segregation of duties reduces fraud, privilege abuse, and error propagation by separating account creation, approval, monitoring, and response across different people, according to Zluri. The deeper issue is that many identity programmes still rely on checks and balances after access has already concentrated too far.

NHIMG editorial — based on content published by Zluri: Security & Compliance How IT Segregation of Duties Helps Strengthen IT Security

Questions worth separating out

Q: How should security teams implement segregation of duties in access governance?

A: Start by identifying the high-risk workflows where one identity could request, approve, and execute the same change.

Q: Why do toxic role combinations create more risk than simple overprovisioning?

A: Because overprovisioning increases scope, while toxic combinations remove challenge.

Q: How do organisations know whether segregation of duties is actually working?

A: Look for evidence that requests, approvals, execution, and review are truly independent.

Practitioner guidance

  • Define toxic duty combinations List incompatible actions for access creation, approval, monitoring, administration, and incident response.
  • Separate approval from execution Ensure that no identity can both approve a sensitive request and carry out the resulting administrative change.
  • Review privileged roles for hidden overlap Inspect database administrators, system administrators, and security operators for overlapping responsibilities that remove challenge from the process.

What's in the full article

Zluri's full article covers the operational detail this post intentionally leaves for the source:

  • Detailed SoD examples across user access management, vendor management, and IT security workflows.
  • Expanded discussion of how automated IGA platforms support access review and certification operations.
  • Practical reporting and integration capabilities used to surface SoD violations and compliance gaps.
  • The article's own framing of how SoD fits broader internal control and audit programmes.

👉 Read Zluri's article on how segregation of duties strengthens IT security →

Segregation of duties in IT security: where IAM teams still slip?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
Topic Tags
zluri identity-governance segregation-of-duties privileged-access access-reviews
Forum Jump:
  Previous Topic
Next Topic  
Related Topics
Topic Tags:  zluri (606) , identity-governance (1595) , segregation-of-duties (46) , privileged-access (217) , access-reviews (177) ,
Share:

#1 Authority in NHI Education, Research and Advisory, empowering organizations to tackle the critical risks posed by Non-Human Identities (NHIs), including AI Agents.

Get in Touch

Quick Links

Legal & Policies

©2025 NHIMG. All right reserved.