The management of identity, access and security considerations for services, APIs, automation and more has become a large sector in the last 3 years.
It is an area we covered in our Machine Identity 101 article last year as well as a discussion on the subtitles between machine and workload identity early this year.
There is also another subtle discussion in this area – that of the terms being used. We ran another anecdotal community poll recently, asking whether this area of service IAM should be termed as “workload identity” or the more emerging “non-human identity”. N=38 responded with a pretty clear case for using the acronym NHI.
Clearly this is not a definite nor complete view of the world, but as always, provides us with a signal to listen to.
The Case for Workload Identity
| Pro | Con |
|---|---|
| Older term – so more well known? | Term used for other things – associated with business automation |
| Broad and can cover services, APIs, chat-bots, robotic process automation and more | Being broad, may result in generic capabilities and difficult to deploy across heterogeneous ecosystems? |
The Case for Non-Human Identity
| Pro | Con |
|---|---|
| New and focused – provides a way to educate the market | Requires education for industry on capabilities and use cases |
| Amplifies need to think about IAM without people | An acronym – amplifies complexity and creates technical barrier to knowledge |
Of course a comparison between two terms, supports the assumption that the terms can potentially be used interchangeably and don’t necessarily support different or divergent use cases.