diff --git a/doc/releases/migration-guide-4.1.rst b/doc/releases/migration-guide-4.1.rst
index 836d20d79b57..848b6d502558 100644
--- a/doc/releases/migration-guide-4.1.rst
+++ b/doc/releases/migration-guide-4.1.rst
@@ -677,6 +677,15 @@ LoRa
   additional ``user_data`` parameter, which is a void pointer. This parameter can be used to reference
   any user-defined data structure. To maintain the current behavior, set this parameter to ``NULL``.
 
+Secure Storage
+==============
+
+* Store backends no longer automatically enable their dependencies through ``select`` or ``imply``.
+  Users must ensure that the depencies are enabled in their applications.
+  :kconfig:option:`CONFIG_SECURE_STORAGE_ITS_STORE_IMPLEMENTATION_SETTINGS` previously enabled NVS
+  and settings, which means the NVS settings backend would get used by default if ZMS wasn't
+  enabled. (:github:`86181`)
+
 Stream Flash
 ============
 
diff --git a/samples/psa/its/overlay-secure_storage.conf b/samples/psa/its/overlay-secure_storage.conf
index 3473ae389101..9265b38ccc7c 100644
--- a/samples/psa/its/overlay-secure_storage.conf
+++ b/samples/psa/its/overlay-secure_storage.conf
@@ -8,3 +8,9 @@ CONFIG_MBEDTLS_PSA_CRYPTO_C=y
 CONFIG_MAIN_STACK_SIZE=3072
 
 CONFIG_SECURE_STORAGE=y
+CONFIG_SECURE_STORAGE_ITS_STORE_IMPLEMENTATION_SETTINGS=y
+CONFIG_SETTINGS=y
+CONFIG_SETTINGS_NVS=y
+CONFIG_NVS=y
+CONFIG_FLASH=y
+CONFIG_FLASH_MAP=y
diff --git a/samples/psa/persistent_key/overlay-secure_storage.conf b/samples/psa/persistent_key/overlay-secure_storage.conf
index 3473ae389101..9265b38ccc7c 100644
--- a/samples/psa/persistent_key/overlay-secure_storage.conf
+++ b/samples/psa/persistent_key/overlay-secure_storage.conf
@@ -8,3 +8,9 @@ CONFIG_MBEDTLS_PSA_CRYPTO_C=y
 CONFIG_MAIN_STACK_SIZE=3072
 
 CONFIG_SECURE_STORAGE=y
+CONFIG_SECURE_STORAGE_ITS_STORE_IMPLEMENTATION_SETTINGS=y
+CONFIG_SETTINGS=y
+CONFIG_SETTINGS_NVS=y
+CONFIG_NVS=y
+CONFIG_FLASH=y
+CONFIG_FLASH_MAP=y
diff --git a/subsys/fs/nvs/Kconfig b/subsys/fs/nvs/Kconfig
index 208be140f221..48915c2f048e 100644
--- a/subsys/fs/nvs/Kconfig
+++ b/subsys/fs/nvs/Kconfig
@@ -6,8 +6,8 @@
 config NVS
 	bool "Non-volatile Storage"
 	depends on FLASH
+	depends on FLASH_PAGE_LAYOUT
 	select CRC
-	select FLASH_PAGE_LAYOUT
 	help
 	  Enable support of Non-volatile Storage.
 
diff --git a/subsys/secure_storage/Kconfig b/subsys/secure_storage/Kconfig
index 11e78a7dbd2c..86c589e81a4f 100644
--- a/subsys/secure_storage/Kconfig
+++ b/subsys/secure_storage/Kconfig
@@ -65,7 +65,6 @@ endif
 
 menuconfig SECURE_STORAGE_ITS_STORE_MODULE
 	bool "ITS store module"
-	imply FLASH # for FLASH_HAS_DRIVER_ENABLED
 	help
 	  The module that handles the storage/retrieval of the ITS data to/from NVM.
 	  Zephyr's ITS implementation calls into it.
diff --git a/subsys/secure_storage/Kconfig.its_store b/subsys/secure_storage/Kconfig.its_store
index 05ebf72ca8f6..5cf1512caf68 100644
--- a/subsys/secure_storage/Kconfig.its_store
+++ b/subsys/secure_storage/Kconfig.its_store
@@ -14,7 +14,7 @@ config SECURE_STORAGE_ITS_STORE_IMPLEMENTATION_ZMS
 	depends on FLASH_HAS_DRIVER_ENABLED \
 	 && $(dt_path_enabled,$(DT_ITS_PARTITION)) \
 	 && $(dt_node_has_compat,$(dt_node_parent,$(DT_ITS_PARTITION)),fixed-partitions)
-	select ZMS
+	depends on ZMS
 	help
 	  This implementation of the ITS store module makes direct use of ZMS for storage.
 	  It needs a `secure_storage_its_partition` devicetree chosen property that points
@@ -31,9 +31,7 @@ config SECURE_STORAGE_ITS_STORE_IMPLEMENTATION_SETTINGS
 	     && $(dt_node_has_compat,$(dt_node_parent,$(DT_SETTINGS_PARTITIION)),fixed-partitions))\
 	  || ($(dt_path_enabled,$(DT_STORAGE_PARTITION)) \
 	      && $(dt_node_has_compat,$(dt_node_parent,$(DT_STORAGE_PARTITION)),fixed-partitions)))
-	imply FLASH_MAP
-	imply NVS
-	select SETTINGS
+	depends on SETTINGS
 
 config SECURE_STORAGE_ITS_STORE_IMPLEMENTATION_NONE
 	bool "No ITS store module implementation"
diff --git a/tests/subsys/secure_storage/psa/crypto/overlay-secure_storage.conf b/tests/subsys/secure_storage/psa/crypto/overlay-secure_storage.conf
index ed84c3043288..b67ceff8969b 100644
--- a/tests/subsys/secure_storage/psa/crypto/overlay-secure_storage.conf
+++ b/tests/subsys/secure_storage/psa/crypto/overlay-secure_storage.conf
@@ -12,3 +12,9 @@ CONFIG_MBEDTLS_PSA_CRYPTO_C=y
 CONFIG_SECURE_STORAGE=y
 # For testing isolation between the different callers of the ITS.
 CONFIG_SECURE_STORAGE_PS_IMPLEMENTATION_ITS=y
+CONFIG_SECURE_STORAGE_ITS_STORE_IMPLEMENTATION_SETTINGS=y
+CONFIG_SETTINGS=y
+CONFIG_SETTINGS_NVS=y
+CONFIG_NVS=y
+CONFIG_FLASH=y
+CONFIG_FLASH_MAP=y
diff --git a/tests/subsys/secure_storage/psa/its/overlay-store_default.conf b/tests/subsys/secure_storage/psa/its/overlay-store_settings.conf
similarity index 77%
rename from tests/subsys/secure_storage/psa/its/overlay-store_default.conf
rename to tests/subsys/secure_storage/psa/its/overlay-store_settings.conf
index e6604bc94b01..b0a2cd493f9d 100644
--- a/tests/subsys/secure_storage/psa/its/overlay-store_default.conf
+++ b/tests/subsys/secure_storage/psa/its/overlay-store_settings.conf
@@ -1,4 +1,9 @@
 CONFIG_SECURE_STORAGE_ITS_STORE_IMPLEMENTATION_SETTINGS=y
+CONFIG_SETTINGS=y
+CONFIG_SETTINGS_NVS=y
+CONFIG_NVS=y
+CONFIG_FLASH=y
+CONFIG_FLASH_MAP=y
 
 # 256 - flags (1) - CONFIG_SECURE_STORAGE_ITS_TRANSFORM_OUTPUT_OVERHEAD (28)
 CONFIG_SECURE_STORAGE_ITS_MAX_DATA_SIZE=227
diff --git a/tests/subsys/secure_storage/psa/its/overlay-store_zms.conf b/tests/subsys/secure_storage/psa/its/overlay-store_zms.conf
new file mode 100644
index 000000000000..7efe611bc0a4
--- /dev/null
+++ b/tests/subsys/secure_storage/psa/its/overlay-store_zms.conf
@@ -0,0 +1,3 @@
+CONFIG_SECURE_STORAGE_ITS_STORE_IMPLEMENTATION_ZMS=y
+CONFIG_ZMS=y
+CONFIG_FLASH=y
diff --git a/tests/subsys/secure_storage/psa/its/testcase.yaml b/tests/subsys/secure_storage/psa/its/testcase.yaml
index bf72516e4b24..d84a14dad84d 100644
--- a/tests/subsys/secure_storage/psa/its/testcase.yaml
+++ b/tests/subsys/secure_storage/psa/its/testcase.yaml
@@ -25,17 +25,17 @@ tests:
       - nrf9161dk/nrf9161
     extra_args:
       - EXTRA_DTC_OVERLAY_FILE=zms.overlay
-      - EXTRA_CONF_FILE=overlay-secure_storage.conf;overlay-transform_default.conf
+      - EXTRA_CONF_FILE=overlay-secure_storage.conf;overlay-store_zms.conf;overlay-transform_default.conf
 
   secure_storage.psa.its.secure_storage.store.settings:
     filter: CONFIG_SECURE_STORAGE_ITS_STORE_IMPLEMENTATION_SETTINGS
     extra_args: "EXTRA_CONF_FILE=\
-      overlay-secure_storage.conf;overlay-transform_default.conf;overlay-store_default.conf"
+      overlay-secure_storage.conf;overlay-transform_default.conf;overlay-store_settings.conf"
 
   secure_storage.psa.its.secure_storage.custom.transform:
     filter: CONFIG_SECURE_STORAGE and not CONFIG_SECURE_STORAGE_ITS_STORE_IMPLEMENTATION_NONE
     extra_args: "EXTRA_CONF_FILE=\
-      overlay-secure_storage.conf;overlay-transform_custom.conf;overlay-store_default.conf"
+      overlay-secure_storage.conf;overlay-transform_custom.conf;overlay-store_settings.conf"
 
   secure_storage.psa.its.secure_storage.custom.store:
     filter: CONFIG_SECURE_STORAGE