Home / Blog / NHI & Machine Identity

Machine Identities Outnumber Humans 45-to-1. Most MSPs Don’t Govern Any of Them.

Cybersecurity May 5, 2026 By Eero Nevaluoto · 5 min read

Pull a count of every active access token, API key, service-account credential, OAuth grant, and Cloud-Run-job identity in your environment. Then count your employees. The first number is, on average, 45 times larger than the second. In cloud-native shops it’s 80:1.

Those numbers come from the Cloud Security Alliance’s 2026 NHI & AI Security report. The same report finds that 78% of organizations have no formal policy for AI-identity creation, scoping, or deprovisioning. 92% don’t trust their legacy IAM to govern AI agents. A new vendor category — Non-Human Identity (NHI) governance — emerged in the last six months: Astrix, Entro, GitGuardian, Aembit, Oasis Security each raised significant Series A or B rounds in Q1 2026.

The category is real because the gap is real. And almost none of those vendors sell through MSPs. Their customers are direct enterprise security teams. The mid-market firms an MSP serves are buying nothing.

Why this matters now and not last year

The reason the ratio is changing isn’t that humans are leaving. It’s that AI agents are arriving. Each agent has its own identity. Most have multiple identities — one for the model API, one for each tool the agent calls, one for the storage layer, one for the audit log. A single multi-step agent workflow can spawn 20+ machine identities for what looks like a single business action. None of those identities is a human. None of them rotates on the schedule your IAM expects. Most of them outlive the engineer who created them.

Compounding factors specific to 2026:

  • Anthropic’s MCP standard accelerated agent-tool wiring. There are now over 17,000 indexed MCP servers, each typically requiring its own credential to connect.
  • 30+ public CVEs against MCP since GA, several involving JWT leakage from stdio-mode servers that defaulted to no authentication.
  • EU AI Act Article 50 (effective 2 August 2026) and TRAIGA (enforceable since 1 January 2026) raised the documentation requirements for AI-system identity and access controls.
  • The 2026 SEC cybersecurity disclosure rules require timely reporting of material incidents — and a breached machine identity that exfiltrates data is, by every reasonable read, material.

What governance actually means here

Some of this work is straightforward. Inventory every machine identity, label it (which agent, which tenant, which workflow), set rotation policy, set expiry, log every authentication, alert on anomalous behavior. The hard part is operating that across the dozens of platforms a typical mid-market environment uses: Microsoft Graph, Google Workspace, AWS, Azure, GCP, every SaaS, every CI/CD pipeline, every internal tool.

That’s an MSP problem more than a single-vendor problem. Astrix and Oasis cover meaningful slices, but neither sells the integration with the M365, NinjaOne, BlackPoint, SentinelOne, and Mosyle stack that a 50-500 employee firm actually runs. The MSP fills that gap by stitching the pieces together and operating them as a single coherent system.

What we’re shipping at Intelligent IT

Two products in our AiT family are the operational answer.

AiT Coord is the cross-project agent orchestrator. Every agent acting on a managed environment authenticates via a short-lived JWT signed with an RS256 key in Google Secret Manager. Tenant ID is a claim. The orchestrator verifies on every call. Every agent action lands in an audit table with idempotency keys. NHI sprawl — the perimeter problem 78% of organizations admit they don’t govern — collapses to one verifiable signing key per environment.

AiT SOC Sentinel watches the agents themselves. Anomalous tool-call patterns generate investigative alerts. Cross-tenant attempts trigger immediate kill-switches. Privilege-escalation requests outside business hours route to designated on-call. The OWASP LLM Top 10 attack classes have specific detection rules tied to them, with the alert fanning out to the same SOC pipeline that already handles your endpoint and email security.

Together: tenant-scoped identity, audit-trailed every-call, kill-switchable in seconds, integrated with the rest of the security stack we already manage for the client. That’s the MSP-channel version of NHI governance, and we run it on our own MSP first.

What you should ask your current MSP this week

  1. How many active machine identities are in my tenant right now — not approximately, exactly?
  2. What’s the rotation schedule for each, and where is the audit log of the last rotation?
  3. If a single identity is compromised, what’s the kill-switch latency and how do I trigger it?
  4. How do you detect cross-tenant access attempts, and where would the alert fire?
  5. Show me the OWASP LLM Top 10 detection rules wired to my SOC.

If the answer to question one is "approximately" rather than a number, the rest of the answers follow predictably.

NHI governance is part of our AI-native MSP stack

It runs on the same Trust Portal your auditors use. One pane, one set of credentials managed correctly, one set of metrics that move. Free 30-minute architect call to walk it.

See the AI security stack →

The bottom line

The perimeter moved. It’s no longer the firewall, no longer the endpoint, no longer the email gateway. It’s the credential graph: tens of thousands of machine identities a typical 50-500 employee firm doesn’t know it has. NHI governance is the new table-stakes work, and the market just split into vendors who sell direct (won’t serve mid-market) and MSPs who can stitch the pieces together. We’re the second category. We run it on ourselves first.