At the enterprise level, AI’s value often comes from embedding it into workflows at scale. This shift has given rise to AI-powered non-human identities (NHIs). They can act as tools that summarize meetings, triage service tickets or offer solutions to help ship code faster.
These identities have capabilities far beyond traditional automations, due to AI’s relative flexibility. Security teams are faced with new-found questions, because many NHIs are created and deployed by development and business users on the fly.
The related risks and governance imperatives mean an organization’s biggest NHI vulnerabilities may be found in processes. As for teams tasked with securing a business, implementing controls around NHIs is crucial, especially on the fronts of lifecycle management, least privilege access and adaptive authentication. An AI agent governance framework is crucial to help establish those controls. And that starts with understanding how AI is transforming NHIs.
AI as non-human identities
Back in 2023, Microsoft reported that ‘workload identities outnumber human identities 10:1’. Fast-forward , and the proliferation has increased to a reported 45:1 in DevOps environments. Now, in 2026 that ratio is likely closer to 80:1. Things are moving quickly. With NHIs being used to access and interact with APIs, applications, and systems, the attack surface is widening by the day.
Threats also go beyond simply data exfiltration, IP theft and extortion. AI-powered agents can act on select tasks, and harness access to data that’s often sensitive, personally identifiable and subject to security and compliance regulations. This makes AI-NHIs hard to monitor, govern and secure.
In the face of these challenges, IT and security leaders must move toward a system of risk-based NHI classification. This should include enforced accountability for account creation and management, and integrated approval workflows. To achieve these outcomes, mitigate threats, and maintain AI agent boundaries, the following recommendations are business critical.
Recommendation: AI agent governance
Identity sprawl has been a major threat years before AI’s rise, with exposed credentials leading to multiple high-profile breaches. Enterprises must look toward the lessons from exposed human accounts when managing AI agents and their privileges. That means identifying AI-driven NHIs with persistent, always-on or standing privileges. And then creating policies and controls for any that are controlled or leveraged by Gen AI, designed for the full lifecycle.
IT leaders know you can’t protect what you can’t see. So, an audit is the first place to start taking care of fundamental defenses. The main goal is to build a pre-emptive strategy for securing AI-driven NHIs.
Auditing identities
Directory services are a natural place to start looking for NHIs. Within directories, a common clue is when the number of enabled accounts is higher than the number of employees. Where discrepancies are found, identities should be reviewed to understand identity-related:
-
Types
They may be legitimate service accounts, outdated accounts from past projects, or in a worst-case scenario, unauthorized accounts with excessive access rights
-
Controls
It’s business-critical to identify who is responsible for managing the accounts, whether there are any orphan accounts, and which processes or applications are using the identities
-
Usage
There must be checks to uncover if accounts are active, still open but dormant, or potentially compromised with any anomalous behaviors
NHI discovery and identity: Where to start
Take a systemic approach to discovery, gaining visibility through categorizing NHIs by:
-
Using specialized scanning tools
Designed for checking directories, systems, and applications, building up an overview of current NHIs
-
Maintaining an up-to-date inventory
Centralized and showing all NHIs alongside key attributes such as recording identity names and types (service accounts vs bots), record creation date, last login time, related systems and applications, permissions and access levels, ownership and responsibility details
Recommendation: AI kill switch
Autonomous AI can modify its own code to avoid shutdown. This was shown by an advanced AI model that prevented shutdown with “behavior attributed to the prioritization of efficiency over compliance.”
Compare this behavior to actions taken with a human employee. Human access can be revoked if there’s a company policy violation, or as part of a planned offboarding. Organizations should apply the same approach with an AI agent. For example, if an agent shows behavior that contravenes a policy or is part of a potential compromise.
There needs to be accountability of initial configuration, with the visibility to identify risky or unusual behavior. For example, new accounts that are created and added to admin or privileged groups.
Organizations should also enforce de-risking processes around AI-driven NHI creation. Especially where they can minimize the threats of privileged users being allowed to create service accounts unchecked. Combine this with the correct configurations of NHIs at the outset, to establish a baseline for consistent management. It should look something like this:
-
Centralized
A centralized, streamlined, controlled process for non-human identity creation is essential. This ensures transparency and consistency when provisioning NHIs. Add metadata to support reporting and transparency, with scripts and group policies for automating password expiries, resets, and security management
-
Secured
Implement guardrails to ensure account creation compliance. This can support PoLP strategies, with only authorized users and processes allowed the privileges required for completing organizational tasks
-
Designated
Use directory services to route NHI management to IT directors, security teams, or helpdesk. Delegation tools can assign ownership and responsibilities without granting excessive or unnecessary entitlements
Approval workflows: An extra security layer
Implement approval workflows when accounts are created. Account creation rights can be delegated to groups, with automation for approved identities and all others needing permissions and privileges. Periodic reviews can be triggered based on expiry dates or idle rules (such as 30 days without activity).
To support the automation, approvals can be standardized with metadata including owner, purpose and expiry. They can be defined using triggers, actions and conditions, along with being made consistent with enforced naming policies. This allows automation to be deployed for managing NHI activation requests at scale, including transferring user data and user files, time-based processes and custom notifications.
Recommendation: Least privilege access
Implementing any NHIs means there must be accountability, responsibility and security. That’s why organizations need to implement:
-
Least privilege controls
NHI access should be limited to individual queries, rather than across the entire database. NHIs should be assigned to groups and inherit permissions from there, to limit excessive or standing privileges
-
Just-In-Time access
NHIs can be granted temporary elevated access, which can be set to expire or be removed automatically based on policies
Authentication in action: Chatbot example
Imagine you have an insurance business, with an AI chatbot to manage initial inquiries. After a customer ID is authenticated, this should automatically unlock access to historical interactions and relevant profile information, such as contact preferences. This should be limited to that customer’s PII only. The AI agent should not have rights to access anyone else’s PII in a given interaction.
NHI impact on security posture
It’s one thing to be aware of your NHIs. It’s another thing to assess and understand based on potential harm levels, with or without adding AI. Consider using these three factors for classifying NHIs:
-
Criticality
Assess how critical each NHI is, based on its access to systems and data, and potential targeting by attackers
-
Sensitivity
Review sensitivity of data being handled by the NHI, and check whether a breach or unauthorized access means a potential compliance failure
-
Potential impact
Analyze the fallout if there’s an NHI compromise, across metrics including financial loss, disruptions to operations and time taken to restore to Business as Usual, and damage to brand and reputation
With this structure in place, you can create risk profiles for the NHIs within your business. Based on NHIs’ levels of data exposure and access, use a 3-tier risk classification:
-
High-risk
Deep access to sensitive data and critical systems
-
Medium-risk
Moderate access and still requiring security to be put in place
-
Low-risk
Limited access
An emerging and widening attack surface
Mismanaged NHIs pose a variety of risks to the enterprise, but there are ways to negate the threats and mitigate the impact. Their autonomy is a benefit but also a potential attack vector, so understanding their role is essential.
IT leaders must find the right balance, and that starts with AI agent governance. Ensuring observability to successfully discover and audit the volume of NHIs. Seeking out any imbalances between numbers of employees vs accounts. And applying tools to gain visibility into inventory ownership and management.
With greater awareness in place, teams must be able to override AI that may try to avoid NHI shutdowns. This calls for the ability to deploy a kill switch, with heightened accountability at the creation stage, with controls and guardrails at configuration stage. At scale, the solution is to customize approval workflows, grant appropriate permissions and ensure a Just-In-Time (JIT) approach when granting privileges.
Automation deployed at scale helps to maintain control over NHIs and AI-NHIs, without adding extra pressure on IT teams. Successful implementation relies on minimizing exposure of privileges, and that means delivering the principle of least privilege, just-in-time access, and advanced authentication. With these measures in place, your organization can secure, de-risk and capitalize on AI-NHIs within an enterprise.
