RunAs Radio cover image

RunAs Radio

Least Privilege in 2025 with Bailey Bercik

Jan 8, 2025
Bailey Bercik, a Senior Product Manager on Microsoft Security's Identity Team, dives into the evolving landscape of least privilege and permission management in 2025. He discusses how Entra Permissions Management can streamline unused permissions, making security more manageable. The impact of AI on permissions—both its risks and potential benefits—is explored, emphasizing the need for careful oversight. Bailey also details strategies for refining permissions in AI contexts and advocates for robust monitoring to prevent misuse, ensuring effective privilege management.
39:05

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

  • The integration of AI in managing permissions necessitates a proactive approach, ensuring effective oversight to minimize overprivileged access and security risks.
  • Organizations should focus on tailored permission management through advanced tools like Entra Permissions Management, balancing security and usability in multi-cloud environments.

Deep dives

Understanding Least Privilege

Recognizing the significance of least privilege is critical in modern cybersecurity. The conversation highlights that achieving a perfect security setup is unrealistic, as both administrators and users are prone to mistakes. Instead of striving for perfection, organizations should focus on practical security measures that balance protection with usability. Emphasizing defense in depth and the use of compensating controls can lead to more effective security without the unrealistic pressure for flawless execution.

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
App store bannerPlay store banner