Rezertifizierung

Expanded Definition

Rezertifizierung, or recertification, is the recurring verification that an identity’s permissions are still justified by current role, workload, risk, and policy. In NHI operations, that means checking service accounts, API keys, certificates, and agent credentials against actual usage rather than assuming yesterday’s approval still applies. The concept aligns with access governance in NIST Cybersecurity Framework 2.0, where access review and least-privilege discipline are part of resilient identity control.

Definitions vary across vendors when recertification is bundled with attestation, access review, or entitlement review, so practitioners should separate the activity from the workflow tool used to record it. For NHIs, the scope is broader than human IAM because identities can be long-lived, machine-speed, and embedded in pipelines, orchestration systems, or AI agents. That makes evidence quality more important than checkbox approval. The review should ask whether the identity is still needed, whether its scope can be narrowed, and whether rotation or JIT provisioning would remove the need for standing access. The most common misapplication is treating recertification as a calendar-driven approval cycle, which occurs when reviewers rubber-stamp unchanged access without validating actual machine usage.

Examples and Use Cases

Implementing recertification rigorously often introduces operational friction, requiring organisations to weigh stronger assurance against the time needed to investigate each entitlement.

• A platform team reviews a build runner’s token and removes write access to production because the pipeline only needs deployment approval, not repository administration.
• An SRE manager recertifies a service account used by monitoring tools and confirms it should be narrowed to read-only API access after a topology change.
• A security team uses Ultimate Guide to NHIs to benchmark review coverage after discovering that many organisations lack formal offboarding and revocation processes.
• An AI operations lead reviews an agent credential and replaces standing privilege with JIT access because the agent only needs elevated rights during a bounded maintenance window.
• A compliance group aligns quarterly certification evidence with NIST Cybersecurity Framework 2.0 so that access decisions are traceable to policy and business need.

In practice, recertification is most useful when it is tied to inventory accuracy, ownership, and exception handling. Without those inputs, reviewers cannot distinguish stale access from required access, especially in environments where NHIs are created automatically and rarely touched by a human after issuance.

Why It Matters in NHI Security

Recertification is one of the few controls that exposes privilege drift before it becomes a breach. It matters because NHI environments accumulate silent risk: Ultimate Guide to NHIs reports that 97% of NHIs carry excessive privileges, which means a review process is often the only practical way to detect access that has outlived its original purpose. That aligns with NIST Cybersecurity Framework 2.0 expectations for governance, accountability, and least privilege.

For NHI security, recertification is not just about approval records. It helps reveal ownership gaps, stale secrets, overly broad roles, and agents that were deployed for one workflow but later inherited broader authority. It also supports PAM and RBAC decisions by showing when a standing privilege should be removed, reduced, or converted to JIT access under ZTA and ZSP principles. When recertification is skipped, organisations often retain dormant access across code, CI/CD tools, and vaults, making incident response slower and containment harder. Organisations typically encounter the cost of weak recertification only after an account is abused or an audit exposes unexplained privilege, at which point the term becomes operationally unavoidable to address.