Unveiling the Hidden Risks of Non-Human Identities in Cybersecurity

Boston, USA, September 16th, 2024, CyberNewsWire

In a groundbreaking study conducted by Entro Security Labs, the analysis of millions of real-world NHI secrets has uncovered alarming vulnerabilities that underscore the critical importance of strengthening Secrets Management security practices.

Entro Security, renowned for its award-winning Non-Human Identity (NHI) and Secrets Management platform, has released its latest research report titled, "2025 State of Non-Human Identities and Secrets in Cybersecurity". The findings are staggering: 97% of NHIs possess excessive privileges, leading to unauthorized access and expanding the attack surface. Moreover, 92% of organizations are exposing NHIs to third parties, risking unauthorized access if third-party security protocols do not align with organizational standards. Shockingly, 44% of tokens are being recklessly shared or stored on platforms like Teams, Jira tickets, and code commits, putting sensitive information at grave risk of interception and exposure.

Key Insights from the Research:

• For every human identity, there exist an average of 92 non-human identities, intensifying the complexity of identity management and heightening security vulnerabilities.
• 91% of former employee tokens remain active, leaving organizations susceptible to security breaches.
• 50% of organizations onboard new vaults without proper security approval, introducing potential vulnerabilities from the outset.
• 73% of vaults suffer from misconfigurations, paving the way for unauthorized access and data exposure.
• 60% of NHIs are overused, increasing the risk of a single point of failure and widespread compromise if exposed.
• 62% of all secrets are duplicated and stored in multiple locations, leading to unnecessary redundancy and accidental exposure.
• 71% of non-human identities are not rotated within recommended time frames, escalating the risk of compromise over time.

  The comprehensive report by Entro Security Labs sheds light on critical lapses in both human and NHI management, urging organizations to reevaluate their practices to mitigate risks effectively.

  The research methodology integrates quantitative data analysis with qualitative insights derived from industry observations. By leveraging proprietary data, publicly available reports, and input from IT and security professionals, the report provides a holistic view of the cybersecurity landscape.

  To access the full research report on non-human identities and learn more about securing your organization, visit Entro Security’s website.

  About Entro Security:
  

  Entro Security stands as a pioneer in Non-Human Identity Lifecycle Management, Secrets Security, and Non-Human Identity Detection and Response. By offering a proactive approach to managing non-human identities and secrets, Entro ensures robust security measures are in place to safeguard organizations against potential breaches. Headquartered in Boston and endorsed by leading cybersecurity VCs, Entro has garnered recognition as a Cool Vendor by Gartner, Venafi’s Most Promising Machine Identity startup, and a 2023 Globee Awards Winner for Startup Achievement of the Year.

  For further details, visit Entro Security’s official website.

  Contact

  Senior Account Executive
  Hannah Sather
  Montner Tech PR
  hsather@montner.com

  —

  Ready to fortify your organization’s defenses against non-human identity breaches? Take the first step towards robust cybersecurity practices. Embrace the future of secure identity management with Entro Security. Your data’s protection is our priority.