Notifications
Clear all
Topic starter
08/06/2026 3:59 pm
TL;DR: Operational technology environments are shifting from isolated systems to connected IT, IoT, and cloud architectures, which expands attack surface and raises the need for continuous verification, just-in-time privilege, and monitored remote access, according to SSH Communications Security. The governance problem is no longer network location, but whether every machine, vendor, and session can be trusted only for the exact task and duration required.
NHIMG editorial — based on content published by SSH Communications Security: Operational Technology environments and zero trust security
Questions worth separating out
Q: How should security teams implement just-in-time access for OT environments?
A: Start by mapping privileged tasks, maintenance windows, and approvers for every OT system.
Q: Why does remote vendor access increase risk in industrial environments?
A: Remote vendor access increases risk because it extends trust beyond the plant boundary and often relies on credentials that outlive the session.
Q: What breaks when OT teams keep using permanent privileged accounts?
A: Permanent privileged accounts break the zero trust assumption that access should be granted only when needed and only for a known purpose.
Practitioner guidance
- Replace standing OT admin access with JIT workflows Map every privileged OT path to a task, approver, and expiration condition.
- Issue ephemeral certificates for remote maintenance Phase out reusable SSH keys and static passwords for vendor and engineer access.
- Enforce session monitoring on all third-party connections Record privileged sessions, correlate commands with identity context, and enable immediate termination for risky behaviour.
What's in the full article
SSH Communications Security's full article covers the operational detail this post intentionally leaves for the source:
- How PrivX OT maps JIT access to industrial maintenance workflows without interrupting operations
- The article's protocol-specific support for X.509 and OpenSSH in remote OT authentication
- Details on session monitoring, encrypted tunnels, and policy-based controls for vendor access
- Compliance references and implementation context for IEC 62443, NIS2, and audit-ready reporting
👉 Read SSH Communications Security's analysis of zero trust access for OT environments →
OT zero trust access: what it means for IAM and PAM teams?
Explore further
08/06/2026 5:20 pm
OT zero trust is no longer just a network design choice, it is identity governance for machine-to-machine access. As OT environments connect to IT, cloud, and vendor ecosystems, the trust boundary shifts from the perimeter to the session. That makes access scope, credential lifetime, and session monitoring the core governance variables. Practitioners should treat OT as a controlled identity plane, not a protected subnet.
A few things that frame the scale:
- Systems with least-privileged AI access had a 17% incident rate vs 76% for over-privileged systems, according to The 2026 Infrastructure Identity Survey.
- The same survey found that only 44% of organisations have implemented any policies to manage their AI agents, even though 92% agree governance is critical to enterprise security.
A question worth separating out:
Q: Who is accountable when a third-party OT session is abused?
A: Accountability sits with the organisation that allowed the access path to exist and the governance process that failed to constrain it. In practice, that means IAM, PAM, OT operations, and vendor management must share responsibility for approval, monitoring, and revocation. NIS2 and IEC 62443 both expect traceable control ownership.
👉 Read our full editorial: Zero trust for OT access is now an identity governance problem
