RunAs Radio

Least Privilege in 2025 with Bailey Bercik

Jan 8, 2025

Bailey Bercik, a Senior Product Manager on Microsoft Security's Identity Team, dives into the evolving landscape of least privilege and permission management in 2025. He discusses how Entra Permissions Management can streamline unused permissions, making security more manageable. The impact of AI on permissions—both its risks and potential benefits—is explored, emphasizing the need for careful oversight. Bailey also details strategies for refining permissions in AI contexts and advocates for robust monitoring to prevent misuse, ensuring effective privilege management.

39:05

Creator website

Episode guests

Bailey Bercik

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

The integration of AI in managing permissions necessitates a proactive approach, ensuring effective oversight to minimize overprivileged access and security risks.

Organizations should focus on tailored permission management through advanced tools like Entra Permissions Management, balancing security and usability in multi-cloud environments.

Deep dives

Understanding Least Privilege

Recognizing the significance of least privilege is critical in modern cybersecurity. The conversation highlights that achieving a perfect security setup is unrealistic, as both administrators and users are prone to mistakes. Instead of striving for perfection, organizations should focus on practical security measures that balance protection with usability. Emphasizing defense in depth and the use of compensating controls can lead to more effective security without the unrealistic pressure for flawless execution.

Intro

2min

Innovations in Patent Strategy and Cybersecurity Management

6min

Granular Permissions Management and AI Security

2min

Navigating Permissions Management in AI

6min

Illuminating Security Configurations with AI

3min

Navigating Security Copilot: Features and Challenges

7min

Navigating AI Security: Monitoring and Privilege Management

13min

How is least privilege different in 2025? Richard talks to Bailey Bercik about the ongoing efforts to minimize users, administrators, and applications' privileges in 2025. Bailey talks about the power of Entra Permissions Management to help you see what permissions are going unused on various accounts so that you can tailor rights to individual accounts without things becoming unmanageable. Artificial intelligence is a forcing function for many permission issues, with these new tools potentially creating problems when given unnecessary rights. But those same tools can help you understand where permissions are being underutilized and help protect your systems!

Links

Recorded December 16, 2024

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

RunAs Radio

Least Privilege in 2025 with Bailey Bercik

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Understanding Least Privilege

The Challenges of Granular Permissions

Role of AI in Permission Management

Navigating Organizational Change and Security

Remember Everything You Learn from Podcasts