Notifications
Clear all
Topic starter
25/06/2026 10:43 pm
TL;DR: Hybrid workstation security is increasingly about balancing access speed with control, because shared and remote devices create different identity, audit, and session risks across healthcare, manufacturing, retail, and remote work settings, according to Imprivata. The central issue is that workstation access must now be governed as an identity problem, not just an endpoint problem.
NHIMG editorial — based on content published by Imprivata: Workstation security in hybrid environments
Questions worth separating out
Q: What breaks when workstation access is treated as a device problem instead of a session problem?
A: When workstation access is managed only at the device level, organisations lose visibility into who actually controlled the active session.
Q: Why do shared workstations create more identity risk in regulated environments?
A: Shared workstations compress multiple users, roles, and shifts into one access surface.
Q: How do security teams know whether workstation controls are actually working?
A: They should look for fewer credential-sharing workarounds, consistent session lock and resume behaviour, complete access logs, and policy enforcement that changes based on device trust and location.
Practitioner guidance
- Bind workstation access to session state Require lock, resume, and logout controls that are tied to a verified user session, not just a successful login.
- Separate remote trust from on-site trust Apply stricter device posture checks, MFA, and encryption requirements to remote workstations than to controlled on-premises endpoints.
- Correlate access logs with identity events Centralise workstation audit trails so investigators can see who accessed what, when, and from where across shared and remote environments.
What's in the full article
Imprivata's full article covers the operational detail this post intentionally leaves for the source:
- Step-by-step guidance on tap-in/tap-out authentication for shared workstations in shift-based environments
- Implementation detail for session lock, suspend, and resume workflows across Windows, VDI, and EHR access
- Role-based and location-aware policy examples for reducing friction without weakening access controls
- Compliance-oriented logging and audit features that support regulated healthcare, manufacturing, and retail environments
👉 Read Imprivata's workstation security guidance for shared and remote environments →
Workstation security in hybrid environments: are controls keeping up?
Explore further
25/06/2026 11:23 pm
Workstation security fails when organisations treat the device as the control point instead of the session. Shared and remote environments make the session the real identity boundary because users move, devices are shared, and access must survive shift changes without becoming permanently exposed. The governance problem is not just endpoint hardening, but proving that each session still belongs to the right person at the right moment. Practitioners should reframe workstation governance around session integrity, not device ownership.
A few things that frame the scale:
- From our research: 91.6% of secrets remain valid five days after the targeted organisation is notified, showing a critical gap in remediation procedures, according to Ultimate Guide to NHIs.
- From our research: 97% of NHIs carry excessive privileges, increasing unauthorised access and broadening the attack surface, according to Ultimate Guide to NHIs.
A question worth separating out:
Q: Who should own workstation access governance across IAM, PAM, and endpoint teams?
A: Ownership should sit with identity and access governance, with endpoint teams supporting device posture and platform teams supporting session enforcement. Workstation access crosses human IAM, privileged access, and endpoint control, so accountability has to be shared but clearly assigned. The goal is one operating model for access, audit, and session state.
👉 Read our full editorial: Workstation security and access control in hybrid environments
