Start with Identity
Subscribe
Industry vertical

Identity for Manufacturing

Primary requirements
  • Privileged access for OT and industrial control systems
  • Machine identity across connected equipment
  • Workforce and supply-chain federation
  • Segmentation between IT and OT
Regulatory floor
IEC 62443NIST CSFNIS2
Vendors to consider
CyberArkMicrosoft Entra IDKeyfactor

The job identity does in manufacturing

Manufacturing identity is dominated by operational technology and connected equipment, layered on a global workforce and a deep supply chain. The hard problems are controlling privileged access to industrial control systems (ICS) and giving the growing fleet of connected machines, robots, and sensors trustworthy machine identity. Downtime is extraordinarily expensive, so controls must protect without disrupting production.

The regulatory and compliance floor

IEC 62443 is the central standard for industrial control system security, the NIST Cybersecurity Framework guides US practice, and NIS2 raises obligations for important and essential entities in the EU. Increasingly these expectations arrive contractually through customers and insurers, not just regulators.

The threat landscape here

Ransomware that halts production is the nightmare scenario, and it usually enters through stolen credentials and flat networks that let IT compromise reach the plant floor. Unmanaged machine identities and expired certificates cause both security incidents and unplanned downtime. Vendor and contractor access is a frequent entry point.

What good looks like

  • PAM for OT and IT with vaulting, session control, and just-in-time access to plant systems.
  • PKI and certificate lifecycle for connected equipment and workloads, automated end to end.
  • Federated workforce IAM with governed supplier and contractor access.
  • Segmentation so an IT compromise cannot reach the plant floor.

Vendors and fit

Privileged access fits CyberArk and peers; workforce identity fits Microsoft Entra or Okta; machine and device PKI fits Keyfactor and the PKI category.

Common pitfalls

  • Flat networks where a compromised vendor or workstation reaches the plant floor.
  • Unmanaged machine identities and expired certificates causing risk and downtime.
  • Supplier and contractor access granted broadly and never reviewed.

Where it is heading

Smart-factory and IIoT growth will make machine identity and certificate automation central, while NIS2 and ransomware pressure push OT privileged access into formal programs.

Independent, community-driven analysis. Vendor mentions are for identification and commentary only. See the disclaimer.