1 00:00:00,000 --> 00:00:09,600 Welcome to the Azure Security Podcast, where we discuss topics relating to security, privacy, 2 00:00:09,600 --> 00:00:13,160 reliability and compliance on the Microsoft Cloud Platform. 3 00:00:13,160 --> 00:00:16,880 Hey everybody, welcome to episode 109. 4 00:00:16,880 --> 00:00:19,720 This week is myself, Michael, with Mark and Gladys. 5 00:00:19,720 --> 00:00:25,120 This week our guest is Bailey, who's here to talk to us about over-permissioning and 6 00:00:25,120 --> 00:00:28,640 how to detect it and remediate using Microsoft Entry Permission Manager. 7 00:00:28,640 --> 00:00:32,400 But before we get to our guest, let's take a little lap around the news. 8 00:00:32,400 --> 00:00:34,600 Gladys, why don't you kick things off? 9 00:00:34,600 --> 00:00:43,520 Yes, I actually wanted to talk about New Star Blizzard, who is a Russian threat actor that 10 00:00:43,520 --> 00:00:47,160 we track, Microsoft tracks. 11 00:00:47,160 --> 00:00:54,320 They're sending spear phishing messages to join a WhatsApp group. 12 00:00:54,320 --> 00:00:55,960 Why do we care about this? 13 00:00:55,960 --> 00:01:00,640 We care about all our customers. 14 00:01:00,640 --> 00:01:08,760 We have provided a blog with a lot of different remediation, for example, or mitigation. 15 00:01:08,760 --> 00:01:14,040 For example, you could use Defender in Android and iOS. 16 00:01:14,040 --> 00:01:18,160 In addition, WhatsApp you could install in Windows. 17 00:01:18,160 --> 00:01:24,960 There's a list of capabilities, including in Defender Antivirus that you could enable 18 00:01:24,960 --> 00:01:30,280 in order to protect WhatsApp customers. 19 00:01:30,280 --> 00:01:36,040 The next news is about Microsoft guidance for zero trust. 20 00:01:36,040 --> 00:01:40,640 Microsoft has been providing guidance for zero trust for many, many years. 21 00:01:40,640 --> 00:01:47,880 Mark keeps talking about all the different changes and additions that we give to the 22 00:01:47,880 --> 00:01:51,480 documents. 23 00:01:51,480 --> 00:01:57,880 Many customers, such as US government, have different strategies that they need to follow. 24 00:01:57,880 --> 00:02:04,880 In order to help customers to align to those specific strategies, in April 2024, Microsoft 25 00:02:04,880 --> 00:02:09,920 released a guidance for aligning to the Department of Defense. 26 00:02:09,920 --> 00:02:16,080 Just now, we just released another guidance that is for aligning for CISA. 27 00:02:16,080 --> 00:02:20,320 My news is around a actually very thematic to today's guest. 28 00:02:20,320 --> 00:02:29,000 Their AI Red team released some white paper on top lessons learned and whatnot for attacking 29 00:02:29,000 --> 00:02:33,440 AI, which is really, really interesting. 30 00:02:33,440 --> 00:02:39,480 Some of it is a bunch of insights that came directly from the paper, but also that made 31 00:02:39,480 --> 00:02:45,200 me think about certain things like just how important it is that you have the intent and 32 00:02:45,200 --> 00:02:48,120 the context for what the heck you're trying to do with an AI. 33 00:02:48,120 --> 00:02:52,640 It's like LLMs are very much a general purpose technology. 34 00:02:52,640 --> 00:02:59,200 You really need to know what your app is supposed to do because you can't just shortcut that, 35 00:02:59,200 --> 00:03:01,360 oh yeah, it's whatever the code does. 36 00:03:01,360 --> 00:03:06,480 We didn't document our code, which is not a great shortcut, but it's somewhat tolerable 37 00:03:06,480 --> 00:03:10,280 when you're talking about classic deterministic code that does the same thing every time, 38 00:03:10,280 --> 00:03:13,200 but AI does something different every time. 39 00:03:13,200 --> 00:03:16,280 It's really, really important to know what the thing is supposed to do so that you know 40 00:03:16,280 --> 00:03:17,760 when it's going off the rails. 41 00:03:17,760 --> 00:03:20,160 Otherwise, you don't know. 42 00:03:20,160 --> 00:03:23,800 Some reinforcements that, hey, attackers are rational and go for the easiest things because 43 00:03:23,800 --> 00:03:26,600 we saw the Red team go for that as well. 44 00:03:26,600 --> 00:03:33,080 This interesting idea of hybrid attacks of essentially, hey, put this in a visual image, 45 00:03:33,080 --> 00:03:38,280 and then you throw text in the visual image that could be a malicious instruction. 46 00:03:38,280 --> 00:03:44,440 There's this interesting multimodal or hybrid angle that you have to watch out for because 47 00:03:44,440 --> 00:03:50,600 of the different modalities that these generative AI models work in. 48 00:03:50,600 --> 00:03:56,080 Lots and lots of interesting discussions, coverage, and documentation of how an LM could 49 00:03:56,080 --> 00:04:04,800 be used and probably has been used in all likelihood to automate scams and whatnot. 50 00:04:04,800 --> 00:04:07,320 Really some interesting stuff in that paper. 51 00:04:07,320 --> 00:04:09,360 There's a link to it in the show notes. 52 00:04:09,360 --> 00:04:10,360 That's all I got. 53 00:04:10,360 --> 00:04:11,360 All right. 54 00:04:11,360 --> 00:04:12,360 For my news, I have two items. 55 00:04:12,360 --> 00:04:17,080 One is following on from last week's news about Azure Confidential Ledger receiving 56 00:04:17,080 --> 00:04:19,880 SOC 2 Type 2 certification. 57 00:04:19,880 --> 00:04:24,000 They've just received ISO 27001 certification as well, validation as well. 58 00:04:24,000 --> 00:04:25,280 That's really good news. 59 00:04:25,280 --> 00:04:29,920 The link that I provide will actually be to the Azure Trust Portal and the documentation 60 00:04:29,920 --> 00:04:30,920 around that. 61 00:04:30,920 --> 00:04:36,080 The other one, which is from my old stomping ground, is Azure SQL database. 62 00:04:36,080 --> 00:04:41,700 They've basically rejigged, actually re-architect is probably an even better word, major portions 63 00:04:41,700 --> 00:04:43,360 of SQL auditing. 64 00:04:43,360 --> 00:04:46,520 Some customers were concerned about the performance of auditing and some customers just don't 65 00:04:46,520 --> 00:04:49,600 even bother turning it on because of the potential performance impact. 66 00:04:49,600 --> 00:04:54,440 Well, they've completely re-architected it, rewritten a bunch of code, and it is now substantially 67 00:04:54,440 --> 00:05:00,180 faster, which really boils down to more people turning SQL auditing on, which is critically 68 00:05:00,180 --> 00:05:05,000 important for determining if there is a breach, what actually went on. 69 00:05:05,000 --> 00:05:08,320 So I tip my hat to the guys in Azure SQL. 70 00:05:08,320 --> 00:05:09,680 So with that, that's the news out of the way. 71 00:05:09,680 --> 00:05:10,680 Let's turn our attention to our guest. 72 00:05:10,680 --> 00:05:18,760 As I mentioned before, Bailey's here to talk to us about some more Entra permissions management, 73 00:05:18,760 --> 00:05:21,000 this time around generative AI. 74 00:05:21,000 --> 00:05:23,640 As you probably know by the title, this is two of four. 75 00:05:23,640 --> 00:05:25,720 We've got two more to go. 76 00:05:25,720 --> 00:05:30,760 Last week we had a quick sort of kickoff, just a brief overview of what the other three 77 00:05:30,760 --> 00:05:32,460 weeks will look like. 78 00:05:32,460 --> 00:05:35,000 So Bailey, thank you so much for joining us this week. 79 00:05:35,000 --> 00:05:37,960 We'd like to spend a moment and introduce yourself to our listeners. 80 00:05:37,960 --> 00:05:39,760 Well, thank you for having me. 81 00:05:39,760 --> 00:05:44,960 My name is Bailey Bursic and I'm a senior product manager working on Microsoft Entra. 82 00:05:44,960 --> 00:05:48,720 So I've been at the company for the past six years wearing all sorts of hats. 83 00:05:48,720 --> 00:05:52,760 And now one of the things that I've gotten to work on has been security copilot and a 84 00:05:52,760 --> 00:05:57,720 lot of guidance around how you secure generative AI apps with Microsoft Entra. 85 00:05:57,720 --> 00:06:02,920 So I'm excited to dive a little bit more deeply into it today. 86 00:06:02,920 --> 00:06:09,280 So Bailey, there are several issues that customers should prepare for when using AI. 87 00:06:09,280 --> 00:06:13,680 What is the underlying problem that we're trying to address in this show? 88 00:06:13,680 --> 00:06:19,480 Well, I think the big one that I want to chat with folks about today is over permissioning. 89 00:06:19,480 --> 00:06:23,960 And I know that as security teams, we've probably talked about that a million times, but AI 90 00:06:23,960 --> 00:06:27,800 is just going to shine a big flashlight on that and make it so much bigger when we look 91 00:06:27,800 --> 00:06:31,700 at the sprawl of permissions that folks have inside of their environments. 92 00:06:31,700 --> 00:06:35,920 So really want to dive a little bit more deeply into that, how we can enforce that for the 93 00:06:35,920 --> 00:06:40,000 different applications you might be using and also the permissions that you have for 94 00:06:40,000 --> 00:06:41,880 accounts that we can trim back on. 95 00:06:41,880 --> 00:06:45,720 All right, Bailey, so that's a good sort of brief introduction. 96 00:06:45,720 --> 00:06:51,160 So let me give you a little story about over sharing and over permissioning and so on. 97 00:06:51,160 --> 00:06:56,080 Just in the interest of telling stories and sort of sharing the battle scars. 98 00:06:56,080 --> 00:07:00,600 Many, many moons ago, I was working with a customer and working on some really cool stuff 99 00:07:00,600 --> 00:07:02,800 that they're in healthcare. 100 00:07:02,800 --> 00:07:10,000 And we designed a system for them, designed to be highly isolated to provide data to people 101 00:07:10,000 --> 00:07:11,000 who needed the data. 102 00:07:11,000 --> 00:07:12,800 It wasn't an AI solution by any stretch. 103 00:07:12,800 --> 00:07:18,260 About six months later, I gave a presentation to another customer and I'd inserted a slide 104 00:07:18,260 --> 00:07:22,960 that was from the first customer accidentally. 105 00:07:22,960 --> 00:07:28,620 Luckily I noted it like 30 seconds before giving the presentation and I actually pulled 106 00:07:28,620 --> 00:07:30,160 the slide out. 107 00:07:30,160 --> 00:07:33,800 So I spoke to my manager later that day, I said, hey, just want you to let this happen. 108 00:07:33,800 --> 00:07:37,000 Nothing bad happened, but I want you to know what happened just in case anything happens 109 00:07:37,000 --> 00:07:38,000 at all. 110 00:07:38,000 --> 00:07:40,240 I said, hey, I accidentally slipped a slide in there. 111 00:07:40,240 --> 00:07:41,520 It was from another customer. 112 00:07:41,520 --> 00:07:42,520 It was an accident. 113 00:07:42,520 --> 00:07:46,560 But I pulled it out because I realized before the presentation that this shouldn't be in 114 00:07:46,560 --> 00:07:47,560 there. 115 00:07:47,560 --> 00:07:48,560 So I pulled it out. 116 00:07:48,560 --> 00:07:49,560 So nothing happened. 117 00:07:49,560 --> 00:07:50,560 No harm, no foul. 118 00:07:50,560 --> 00:07:51,560 But I want you to know it happened. 119 00:07:51,560 --> 00:07:55,240 And he said to me, he said, yeah, it's a good job that didn't happen. 120 00:07:55,240 --> 00:07:59,940 Because if it did, we actually literally have a process for handling that sort of over sharing 121 00:07:59,940 --> 00:08:05,120 and over permissioning of data, giving stuff to people who don't need the data. 122 00:08:05,120 --> 00:08:07,800 And it would unfortunately involve the lawyers. 123 00:08:07,800 --> 00:08:08,800 So he said, very good. 124 00:08:08,800 --> 00:08:11,400 I'm very happy it didn't happen. 125 00:08:11,400 --> 00:08:12,800 But if it ever did happen, let us know. 126 00:08:12,800 --> 00:08:15,720 And that way we can pull in the correct processes. 127 00:08:15,720 --> 00:08:23,000 So I imagine you've got similar stories, but more around generative AI and the problems 128 00:08:23,000 --> 00:08:24,000 that we've seen. 129 00:08:24,000 --> 00:08:25,600 No, for sure. 130 00:08:25,600 --> 00:08:27,480 I think the example you brought up was perfect. 131 00:08:27,480 --> 00:08:32,280 And I actually want to steal a story from somebody else who gave the example on a Run 132 00:08:32,280 --> 00:08:35,840 As Radio episode that I'll make sure to share out to you all that we could put in the show 133 00:08:35,840 --> 00:08:37,800 notes for our listeners. 134 00:08:37,800 --> 00:08:42,600 Nikki Chappell, she's a Microsoft MVP and does a lot of work in the purview space. 135 00:08:42,600 --> 00:08:47,840 She had an episode talking about copilot and data governance and AI applications. 136 00:08:47,840 --> 00:08:53,380 And one example she gave was a case study that she led about medical doctors in putting 137 00:08:53,380 --> 00:08:58,960 patient information into chat GPT, which I know for folks can raise a lot of alarm bells, 138 00:08:58,960 --> 00:09:03,800 but similar to the example that you gave, Michael, about how you were, I imagine, going 139 00:09:03,800 --> 00:09:07,080 through crunch time trying to get something out the door for a customer. 140 00:09:07,080 --> 00:09:12,000 And then you're putting some data in there that you might not have or you probably shouldn't 141 00:09:12,000 --> 00:09:18,480 have or in this case, a doctor using an application that at the end of the day, we're all being 142 00:09:18,480 --> 00:09:22,240 told to use AI applications to do our jobs better. 143 00:09:22,240 --> 00:09:25,800 I think that right now, regardless of what industry you're in, you're being told that 144 00:09:25,800 --> 00:09:29,880 AI is the future and by using some of these applications, you need to put them into your 145 00:09:29,880 --> 00:09:32,200 workflow or you might get left behind. 146 00:09:32,200 --> 00:09:38,280 And so I think that in that example, doctors are experts in medical information, but they 147 00:09:38,280 --> 00:09:43,360 might not be experts in data privacy, data governance, and what applications they should 148 00:09:43,360 --> 00:09:44,360 be using. 149 00:09:44,360 --> 00:09:47,160 And I think that's where as some of the IT and security professionals, we need to come 150 00:09:47,160 --> 00:09:51,360 in and think about, okay, how are ways that we can prevent this from happening while still 151 00:09:51,360 --> 00:09:57,000 empowering our users, regardless of what business we're in, for doing their jobs and by doing 152 00:09:57,000 --> 00:09:59,320 that in a safe and secure way. 153 00:09:59,320 --> 00:10:04,680 So Bailey, I'd love to hear your perspective on how do you set up controls here? 154 00:10:04,680 --> 00:10:06,560 How do you make sure there's a defense in depth? 155 00:10:06,560 --> 00:10:11,520 Because there's a lot of potential for mistakes and oversights and something sneaking or essentially 156 00:10:11,520 --> 00:10:16,540 tricking or social engineering, AI or LLM or people. 157 00:10:16,540 --> 00:10:20,160 So tell me how you think about the controls in a scenario like this. 158 00:10:20,160 --> 00:10:24,400 For sure, and I think it's definitely a defense in depth approach that folks will have to 159 00:10:24,400 --> 00:10:25,400 take. 160 00:10:25,400 --> 00:10:29,100 And we can start at the first layer of talking about the actual applications that we're even 161 00:10:29,100 --> 00:10:32,200 going to allow in the environment in the first place. 162 00:10:32,200 --> 00:10:36,840 So in the example I gave previously about using an unapproved AI app, it could be any 163 00:10:36,840 --> 00:10:39,920 application that your employees are going to be using, whatever might be trending in 164 00:10:39,920 --> 00:10:43,720 your industry for folks to leverage, whether it's something creative or something that 165 00:10:43,720 --> 00:10:49,520 they might be inputting financial information into, for example, or medical information. 166 00:10:49,520 --> 00:10:53,640 You would want to have a list of approved AI apps that are relevant to your organization 167 00:10:53,640 --> 00:10:56,380 that would empower your users to do their job better. 168 00:10:56,380 --> 00:10:59,900 But also where you know and you've done the due diligence to see that these applications 169 00:10:59,900 --> 00:11:06,840 are not leveraging your data to then be training data sets for other users to go leverage. 170 00:11:06,840 --> 00:11:12,120 So first of all, looking at can I have an allow list purely for specific applications 171 00:11:12,120 --> 00:11:16,740 within my organization or register certain apps for my organization, making my employees 172 00:11:16,740 --> 00:11:21,100 aware that those are the AI apps that we're going to empower them with. 173 00:11:21,100 --> 00:11:25,860 Another thing to consider with that is going to be the actual permissions that those applications 174 00:11:25,860 --> 00:11:26,860 have. 175 00:11:26,860 --> 00:11:30,440 And I know this is a couple of years old, but I'll be sure to share this out for the 176 00:11:30,440 --> 00:11:31,640 show notes as well. 177 00:11:31,640 --> 00:11:36,720 A colleague of mine, Mark Morsinski, led this initiative where we were talking about, as 178 00:11:36,720 --> 00:11:40,960 he called it, hiding in the clouds, how attackers can use applications for sustained persistence 179 00:11:40,960 --> 00:11:42,240 and how to find it. 180 00:11:42,240 --> 00:11:47,760 And in that series of presentations, we talked about both malicious applications and applications 181 00:11:47,760 --> 00:11:52,160 where they just are over-permissioned and how they can be leveraged if they're compromised. 182 00:11:52,160 --> 00:11:57,360 So to bring that back to what you mentioned, Mark, about, or Mark Simas, the other Mark 183 00:11:57,360 --> 00:12:03,040 in the conversation, is going to be about how we're really looking at is this an application 184 00:12:03,040 --> 00:12:09,260 that folks may be leveraging that is malicious, that is providing that service, but also could 185 00:12:09,260 --> 00:12:14,320 be with poor intent from a bad actor to be leveraging that information and getting information 186 00:12:14,320 --> 00:12:15,400 about your environment. 187 00:12:15,400 --> 00:12:18,960 Or maybe it's just an overly-permissioned AI app that then you're going to have to trim 188 00:12:18,960 --> 00:12:23,240 down and look at ways to make it run more efficiently. 189 00:12:23,240 --> 00:12:24,280 You know, it's funny you should bring that up. 190 00:12:24,280 --> 00:12:26,080 It's not just over-permissioned apps. 191 00:12:26,080 --> 00:12:30,360 I mean, obviously, over-permissioned apps are a big deal, but it's also apps that are 192 00:12:30,360 --> 00:12:31,360 no longer used, right? 193 00:12:31,360 --> 00:12:37,560 I mean, I'm sure many customers, Microsoft included, in fact, we can talk to this because 194 00:12:37,560 --> 00:12:44,880 we've actually published this, but we've removed thousands of unused apps within our own subscriptions 195 00:12:44,880 --> 00:12:48,200 because they just hadn't been used in, I don't know, let's pick a number, six months, nine 196 00:12:48,200 --> 00:12:50,800 months, 12 months, two years, whatever. 197 00:12:50,800 --> 00:12:53,940 And some of those were also over-permissioned. 198 00:12:53,940 --> 00:12:58,520 And so if they could, if an attacker could compromise one of those apps that wasn't being 199 00:12:58,520 --> 00:13:02,640 used and it was over-permissioned, I mean, all sorts of nefarious things could happen, 200 00:13:02,640 --> 00:13:03,640 right? 201 00:13:03,640 --> 00:13:06,440 I mean, I guess that's something that you see as well. 202 00:13:06,440 --> 00:13:10,880 That's exactly what we've been seeing and is super important to be thinking about because 203 00:13:10,880 --> 00:13:14,200 it is something where it just becomes a more attractive target. 204 00:13:14,200 --> 00:13:16,560 And I went to school for software development. 205 00:13:16,560 --> 00:13:19,440 I've been there when you're just trying to get the dang app to work and you're using 206 00:13:19,440 --> 00:13:24,520 all the.star permissions, and then you think, oh, I'll go back later and trim it down. 207 00:13:24,520 --> 00:13:25,520 But you don't. 208 00:13:25,520 --> 00:13:29,200 Or also the apps that are used within your organization and are just stuck there that 209 00:13:29,200 --> 00:13:31,760 you don't know, oh, should we roll this back? 210 00:13:31,760 --> 00:13:33,080 Are people really using it? 211 00:13:33,080 --> 00:13:37,900 But as the IT person, you might be nervous that you're going to disrupt the flow of business 212 00:13:37,900 --> 00:13:38,900 in some way. 213 00:13:38,900 --> 00:13:43,280 So to your point, Michael, looking back at the application usage, are people actually 214 00:13:43,280 --> 00:13:44,280 leveraging this? 215 00:13:44,280 --> 00:13:47,840 Is there another app that we can consolidate with and move people over to? 216 00:13:47,840 --> 00:13:52,840 That way we just don't have to manage so much that if it does get compromised, we would 217 00:13:52,840 --> 00:13:55,720 just have less of a blast radius there. 218 00:13:55,720 --> 00:13:56,720 The problems existed forever. 219 00:13:56,720 --> 00:14:02,480 I mean, it's not just an Azure thing or an AWS thing or a GCP thing or Oracle Cloud thing. 220 00:14:02,480 --> 00:14:09,580 That problem has existed in Windows for a long time where people have ran processes 221 00:14:09,580 --> 00:14:15,840 with higher elevation, which is the ability to do more than it may need to do. 222 00:14:15,840 --> 00:14:18,400 That problem has existed for a long, long, long time. 223 00:14:18,400 --> 00:14:23,840 It's not what happens in Linux with daemons and services and whatnot running as root. 224 00:14:23,840 --> 00:14:26,880 I mean, it's a human computing thing. 225 00:14:26,880 --> 00:14:27,880 Yeah. 226 00:14:27,880 --> 00:14:31,680 Well, the big problem, right, is to Bailey's point, is if you're rolling one of these things 227 00:14:31,680 --> 00:14:37,240 out and it's running elevated, the last thing you want to probably do on a Friday afternoon 228 00:14:37,240 --> 00:14:43,440 is drop its permissions and hope that it works because it's probably not going to work. 229 00:14:43,440 --> 00:14:46,480 Something's probably going to fail spectacularly. 230 00:14:46,480 --> 00:14:48,320 So people just leave it like that. 231 00:14:48,320 --> 00:14:51,520 Then three years later, when you speak to the people involved, you say, well, why does 232 00:14:51,520 --> 00:14:52,520 it run as system? 233 00:14:52,520 --> 00:14:53,520 Well, why does it run as root? 234 00:14:53,520 --> 00:14:56,680 Or why does it run with, as Bailey said, all these dot-star permissions? 235 00:14:56,680 --> 00:15:01,660 I do realize we're talking about different permission models here, but bear with me. 236 00:15:01,660 --> 00:15:03,440 People just say, well, that's just the way it is. 237 00:15:03,440 --> 00:15:06,800 It just works and don't touch it because it just works. 238 00:15:06,800 --> 00:15:07,800 That's the wrong answer. 239 00:15:07,800 --> 00:15:09,800 It's completely the wrong answer. 240 00:15:09,800 --> 00:15:15,160 If I can do a quick rant on this, because one of the things I've started to appreciate 241 00:15:15,160 --> 00:15:20,880 is the root cause of almost everything in cybersecurity is that security is the security 242 00:15:20,880 --> 00:15:24,920 team's problem, this myth, this false belief. 243 00:15:24,920 --> 00:15:26,440 If the person says, you know what? 244 00:15:26,440 --> 00:15:28,120 It's Friday afternoon. 245 00:15:28,120 --> 00:15:30,680 I'm not going to get blamed if there's a security incident. 246 00:15:30,680 --> 00:15:31,680 That's on the security team. 247 00:15:31,680 --> 00:15:36,760 It doesn't make their Monday to-do list in figuring it out and going in a lab and doing 248 00:15:36,760 --> 00:15:40,320 that hard work because if something goes wrong in security, that's the security team's problem, 249 00:15:40,320 --> 00:15:41,680 not mine. 250 00:15:41,680 --> 00:15:47,640 I think a lot of this is probably also due to that classic misconception and the accountability 251 00:15:47,640 --> 00:15:49,080 is wrong in organizations. 252 00:15:49,080 --> 00:15:53,680 But I'll flip the rant bit back off. 253 00:15:53,680 --> 00:15:54,680 Okay. 254 00:15:54,680 --> 00:15:58,120 My rant on top of yours, Mark, is going to be that I absolutely agree. 255 00:15:58,120 --> 00:16:02,760 I think it's a security team's thing to be looking at, administrating that at the end 256 00:16:02,760 --> 00:16:07,920 of the day, yes, it is so important that we educate our end users, but also it's our responsibility 257 00:16:07,920 --> 00:16:12,400 to empower the business, to do business in a safe and effective way. 258 00:16:12,400 --> 00:16:16,040 Part of this with the introduction of AI apps is great. 259 00:16:16,040 --> 00:16:20,160 Now there is this influx of applications that folks are going to be using. 260 00:16:20,160 --> 00:16:22,160 How could I prevent it from being shadow IT? 261 00:16:22,160 --> 00:16:27,880 How can I prevent it from being inappropriate use cases for data or people just trying to 262 00:16:27,880 --> 00:16:29,560 do their job well? 263 00:16:29,560 --> 00:16:34,840 I think that that's something that we don't need to be reprimanding our users in a negative 264 00:16:34,840 --> 00:16:38,120 way if they are trying to do their best at work. 265 00:16:38,120 --> 00:16:41,920 They're being told that you will be left behind or it's not that AI will take your job, but 266 00:16:41,920 --> 00:16:43,520 somebody using AI will. 267 00:16:43,520 --> 00:16:44,520 Right? 268 00:16:44,520 --> 00:16:48,320 And so to stay competitive in the marketplace, you're going to need to acquire these skills. 269 00:16:48,320 --> 00:16:52,280 At that same time, what are some approved applications we can provide for these users? 270 00:16:52,280 --> 00:16:56,320 What are some controls we can put in place to then restrict some of that sharing and 271 00:16:56,320 --> 00:16:58,240 make sure it's done in a secure way? 272 00:16:58,240 --> 00:17:01,880 But it's absolutely, to your point, Mark, a security team's problem at the end of the 273 00:17:01,880 --> 00:17:02,880 day. 274 00:17:02,880 --> 00:17:03,880 Yeah. 275 00:17:03,880 --> 00:17:06,360 And I actually think, yeah, I think it's actually a little beyond that. 276 00:17:06,360 --> 00:17:11,240 Sorry to do a little bit of a debate here, but I agree, security is the experts, right? 277 00:17:11,240 --> 00:17:13,800 They're the ones that understand the threats and whatnot. 278 00:17:13,800 --> 00:17:17,600 But you can't have one team accountable for one half and the other team accountable for 279 00:17:17,600 --> 00:17:18,600 other half. 280 00:17:18,600 --> 00:17:19,600 Agreed. 281 00:17:19,600 --> 00:17:24,760 Yeah, because it's like, hey, do we blame the lawyers when the business leaders say, 282 00:17:24,760 --> 00:17:26,440 you know, I'm going to do this illegal thing? 283 00:17:26,440 --> 00:17:27,440 And they said no. 284 00:17:27,440 --> 00:17:28,440 Right? 285 00:17:28,440 --> 00:17:29,440 Like, no. 286 00:17:29,440 --> 00:17:33,640 We don't blame the finance people when the CEO spends too much, right? 287 00:17:33,640 --> 00:17:37,520 So we need to be thinking of ourselves in that way, as like you said, an enabler, right? 288 00:17:37,520 --> 00:17:38,520 We're part of the business. 289 00:17:38,520 --> 00:17:39,520 We're here to make them succeed. 290 00:17:39,520 --> 00:17:42,320 But, you know, we have a duty to inform. 291 00:17:42,320 --> 00:17:46,280 And the folks that are making those decisions have a duty to decide and have a balanced 292 00:17:46,280 --> 00:17:48,560 view, just like they think about safety. 293 00:17:48,560 --> 00:17:49,840 They think about cost. 294 00:17:49,840 --> 00:17:51,320 They think about all these other things. 295 00:17:51,320 --> 00:17:53,640 And your app is costing too much money. 296 00:17:53,640 --> 00:17:55,480 Your app is doing something illegal. 297 00:17:55,480 --> 00:17:57,640 Your app is doing something insecure. 298 00:17:57,640 --> 00:18:02,240 And so it's really about building that partnership, but recognizing that we both have to look 299 00:18:02,240 --> 00:18:09,080 at it from both sides and helping make sure that the, you know, this is for senior leaders, 300 00:18:09,080 --> 00:18:14,000 you know, helping making sure the accountability structure drives that right behavior as well. 301 00:18:14,000 --> 00:18:17,120 You know, so going a little bit beyond the scope of AI a little bit. 302 00:18:17,120 --> 00:18:18,120 Absolutely. 303 00:18:18,120 --> 00:18:21,680 And I think since you mentioned finance, I do want to tie it back with another example 304 00:18:21,680 --> 00:18:26,680 that I've heard from customers since there was a story that I heard about an organization 305 00:18:26,680 --> 00:18:28,760 where they were using an AI app internally. 306 00:18:28,760 --> 00:18:33,160 And again, the importance of ever permissioning here, a financial analyst was asking it a 307 00:18:33,160 --> 00:18:36,920 question about some of the data sets they were working with to do some modeling and 308 00:18:36,920 --> 00:18:37,920 forecasting. 309 00:18:37,920 --> 00:18:43,920 And then when they ran that prompt within the AI app, it was giving that analyst information 310 00:18:43,920 --> 00:18:48,400 about a merger and acquisition that was being worked on on the other side of the firm. 311 00:18:48,400 --> 00:18:52,120 So, you know, that's an incident where we're looking at naturally to your point, you know, 312 00:18:52,120 --> 00:18:54,480 there's within reason things we need to look at. 313 00:18:54,480 --> 00:18:59,240 Yes, we need to make sure that insider risk and, you know, those certain events where 314 00:18:59,240 --> 00:19:04,280 people are doing something notably malicious or something where it's outside of that pit 315 00:19:04,280 --> 00:19:05,280 of success, right? 316 00:19:05,280 --> 00:19:08,640 Where they're doing some action where it's like, ah, really, you're doing this silly 317 00:19:08,640 --> 00:19:09,640 thing here today. 318 00:19:09,640 --> 00:19:13,640 But when somebody's using a tool as intended and it's an approved application, but it's 319 00:19:13,640 --> 00:19:18,640 because of data permissioning that wasn't, you know, appropriately applied, like the 320 00:19:18,640 --> 00:19:23,480 DLP labels there or those application permissions, that can be really difficult when an employee 321 00:19:23,480 --> 00:19:25,600 is earnestly doing their job correctly. 322 00:19:25,600 --> 00:19:26,600 Yeah. 323 00:19:26,600 --> 00:19:32,600 And one of my favorite things, and this is just the human nature aspect of it, is like 324 00:19:32,600 --> 00:19:36,360 favorite questions for users to ask because there's always someone in your org that's 325 00:19:36,360 --> 00:19:39,060 going to ask this, are there layoffs coming? 326 00:19:39,060 --> 00:19:40,880 How much is such and such getting paid? 327 00:19:40,880 --> 00:19:42,720 Like, people will ask that. 328 00:19:42,720 --> 00:19:44,440 You have to plan for that. 329 00:19:44,440 --> 00:19:45,440 Yes. 330 00:19:45,440 --> 00:19:48,520 I think that y'all even mentioned this too on a previous episode. 331 00:19:48,520 --> 00:19:49,520 Oh my goodness. 332 00:19:49,520 --> 00:19:54,220 It was with Andrew McMurray, I want to say, where y'all were talking about that exact 333 00:19:54,220 --> 00:19:59,960 example of, you know, querying salary information where you have the prompts that are a little 334 00:19:59,960 --> 00:20:03,640 bit spicy where it's like, oh, okay, you're asking about that. 335 00:20:03,640 --> 00:20:07,360 Or it could be, you know, completely relevant prompts that somebody could be asking and 336 00:20:07,360 --> 00:20:11,640 then they just get some data back where they're like, whoo, I did not mean to discover, you 337 00:20:11,640 --> 00:20:13,440 know, this bit of information here. 338 00:20:13,440 --> 00:20:17,800 So you know, accounting for both, obviously, and again, you know, if employees are doing 339 00:20:17,800 --> 00:20:22,160 something funky, that is a different conversation to be had about, you know, how you monitor 340 00:20:22,160 --> 00:20:26,520 and administrate that and, you know, take appropriate HR actions there. 341 00:20:26,520 --> 00:20:29,720 But you know, we're really talking about over permissioning and stuff with that. 342 00:20:29,720 --> 00:20:33,880 Or when we're really talking about over permissioning in this context, I do want to focus on some 343 00:20:33,880 --> 00:20:37,900 of the unintentional aspects where the employee is doing the right thing that they've been 344 00:20:37,900 --> 00:20:43,320 told and then something that they get back is incorrect or they might naively be putting 345 00:20:43,320 --> 00:20:49,040 in information and then not realizing the total impact of what they may be doing. 346 00:20:49,040 --> 00:20:54,320 So I want to go back to the security responsibility. 347 00:20:54,320 --> 00:21:05,320 I have talked with many developers, many administrator engineers, and I had discovered that sometimes 348 00:21:05,320 --> 00:21:09,920 they don't think the time before cloud. 349 00:21:09,920 --> 00:21:16,080 When they get these services, they think some of these services are solely for the identity 350 00:21:16,080 --> 00:21:19,320 people, solely for the security people. 351 00:21:19,320 --> 00:21:24,560 And now we are interconnecting many systems together. 352 00:21:24,560 --> 00:21:32,040 So now there's capability for different audience within our organization to be getting information 353 00:21:32,040 --> 00:21:33,720 from these services. 354 00:21:33,720 --> 00:21:41,440 So my question to you is we are talking about who is responsible for the security. 355 00:21:41,440 --> 00:21:49,280 Which services Microsoft offers that can help both administrators, developers to assess 356 00:21:49,280 --> 00:21:54,360 the overprivileged issue, monitor, and even fix the problem. 357 00:21:54,360 --> 00:21:55,360 Oh, my goodness. 358 00:21:55,360 --> 00:21:56,360 Okay. 359 00:21:56,360 --> 00:21:58,520 Thank you, Gladys, because that was the whole purpose of this. 360 00:21:58,520 --> 00:22:00,640 And we were just going on some wild rant about it. 361 00:22:00,640 --> 00:22:05,520 So thank you for bringing us back to the things that folks can do about it. 362 00:22:05,520 --> 00:22:08,480 So some guidance that we've come out with, and that's kind of the purpose of this whole 363 00:22:08,480 --> 00:22:14,720 series is to really break it down, is aka.ms slash secgenai, where we've broken down some 364 00:22:14,720 --> 00:22:18,680 step-by-step practices about how you can go about securing generative AI apps. 365 00:22:18,680 --> 00:22:22,000 But to your point, Gladys, I do want to dive into some of them more deeply that touch on 366 00:22:22,000 --> 00:22:23,800 that over-permissioning aspect. 367 00:22:23,800 --> 00:22:28,320 And then my colleagues, Christina Smith and Sharon Chahal, are going to talk about monitoring 368 00:22:28,320 --> 00:22:31,020 and learning and some governance stuff in the future episodes. 369 00:22:31,020 --> 00:22:34,000 So focused on over-permissioning. 370 00:22:34,000 --> 00:22:39,160 What we've really found success with is Microsoft Entra Permissions Management, which is a tool 371 00:22:39,160 --> 00:22:42,240 that I believe we've had for about two years now. 372 00:22:42,240 --> 00:22:47,280 And for those who aren't familiar, it's a Kim tool or a cloud infrastructure entitlement 373 00:22:47,280 --> 00:22:48,280 management. 374 00:22:48,280 --> 00:22:51,600 So that's C-I-E-M, but it's pronounced Kim like the name. 375 00:22:51,600 --> 00:22:56,480 That term was coined by Gartner in about 2018, referring to a tool that can give you visibility 376 00:22:56,480 --> 00:23:02,620 across multiple clouds and look into really that delta between permissions that identities 377 00:23:02,620 --> 00:23:05,160 are using versus the permissions that are assigned. 378 00:23:05,160 --> 00:23:09,320 And I think, Michael, you mentioned something about that way earlier on when we were talking 379 00:23:09,320 --> 00:23:13,320 about applications that are kind of this vestigial organ in your environment. 380 00:23:13,320 --> 00:23:15,640 And you're like, does anybody really use this? 381 00:23:15,640 --> 00:23:17,880 Are the permissions here really necessary? 382 00:23:17,880 --> 00:23:22,360 There's a lot of dot star or same with the identities as well. 383 00:23:22,360 --> 00:23:26,900 So when we look at people who've stayed with an organization for a long time, we generally 384 00:23:26,900 --> 00:23:31,400 see that the permissions that they have tend to increase over the years that they're at 385 00:23:31,400 --> 00:23:36,880 a company just by nature of them taking on more projects or working on another team. 386 00:23:36,880 --> 00:23:40,960 And then very rarely are those permissions properly revoked and trimmed down and looked 387 00:23:40,960 --> 00:23:42,000 into. 388 00:23:42,000 --> 00:23:47,640 So in order to really shine a flashlight on that and kind of discover what's going on, 389 00:23:47,640 --> 00:23:51,860 within that guide that I mentioned earlier, we talk about how to identify and really break 390 00:23:51,860 --> 00:23:57,160 down some of those permission sets and enter permissions management can look across Azure, 391 00:23:57,160 --> 00:23:58,160 AWS and GCP. 392 00:23:58,160 --> 00:24:03,440 So it's a really neat multi-cloud solution there looking into both your human identities. 393 00:24:03,440 --> 00:24:08,320 So like your admin accounts, privileged accounts, all that stuff, and then your non-human identities. 394 00:24:08,320 --> 00:24:12,240 So that can cover your application identities, for example. 395 00:24:12,240 --> 00:24:16,720 Yeah, I just realized we're doing a bit of inside baseball here. 396 00:24:16,720 --> 00:24:19,120 A lot of people may not know what dot star means. 397 00:24:19,120 --> 00:24:20,800 Oh my goodness, we are. 398 00:24:20,800 --> 00:24:25,200 I know, so why don't you spend a couple of moments and just talk about that. 399 00:24:25,200 --> 00:24:26,200 Oh my goodness. 400 00:24:26,200 --> 00:24:31,720 So way back when, and excuse me if I do butcher this because I have not been doing software 401 00:24:31,720 --> 00:24:36,080 development in like over like maybe seven, eight years. 402 00:24:36,080 --> 00:24:40,200 But back when I was in school for it, when we're talking about a dot star permission 403 00:24:40,200 --> 00:24:46,880 that might be looking into all of the permission sets that may fall under a category. 404 00:24:46,880 --> 00:24:49,520 So it could be, and I'm making this up, so don't quote me on it. 405 00:24:49,520 --> 00:24:52,860 If you look into our permissions and you're like, Bailey, that's not one. 406 00:24:52,860 --> 00:24:59,360 So to define those dot star permissions, if we're familiar with the terms like read, write, 407 00:24:59,360 --> 00:25:03,880 like those CRUD permissions, create, read, update, delete, instead of enumerating each 408 00:25:03,880 --> 00:25:07,080 of those, you could just do dot and then the little asterisk. 409 00:25:07,080 --> 00:25:10,400 And then that could mean that you're doing all of those or anything that would fall under 410 00:25:10,400 --> 00:25:11,400 that category. 411 00:25:11,400 --> 00:25:16,280 Or at least that's what I remember from being a software developer like eight years ago. 412 00:25:16,280 --> 00:25:20,200 It's been some time, but that would be what I mean with the dot star permissions. 413 00:25:20,200 --> 00:25:22,960 And as a software developer, you just want the dang thing to run. 414 00:25:22,960 --> 00:25:26,120 So you do all of them and then you're like, huh, the code works. 415 00:25:26,120 --> 00:25:29,880 And then you say to yourself that you'll go back and trim it down to actually get to least 416 00:25:29,880 --> 00:25:33,120 privilege and very rarely do you actually do that. 417 00:25:33,120 --> 00:25:34,120 Okay. 418 00:25:34,120 --> 00:25:37,880 So we've talked about some of the stuff like, for example, the entry permissions management. 419 00:25:37,880 --> 00:25:41,120 So let's go back to our little scenario for a moment, especially the healthcare environment. 420 00:25:41,120 --> 00:25:44,640 So you got like doctors and no doctors or not doctors, I should say. 421 00:25:44,640 --> 00:25:46,840 Because I have access to medical data. 422 00:25:46,840 --> 00:25:51,720 Perhaps you want to go one step further than that and have like cardiologists and I don't 423 00:25:51,720 --> 00:25:53,280 know, something different. 424 00:25:53,280 --> 00:25:57,760 I'll let you come up with something with a different title. 425 00:25:57,760 --> 00:26:03,800 So how do we make sure that a cardiologist, for example, sees their data and an administrator 426 00:26:03,800 --> 00:26:09,360 in the environment doesn't see the cardiologist data and a cardiologist doesn't see the financial 427 00:26:09,360 --> 00:26:10,360 data? 428 00:26:10,360 --> 00:26:11,360 How do we do that? 429 00:26:11,360 --> 00:26:15,720 Like give me some examples of how sort of bottom up how we would actually solve that 430 00:26:15,720 --> 00:26:16,720 problem. 431 00:26:16,720 --> 00:26:17,720 Yeah. 432 00:26:17,720 --> 00:26:19,840 So there's a few ways and this could apply to any business. 433 00:26:19,840 --> 00:26:23,760 So if you're listening to this and you're like, oh my goodness, I don't work in healthcare. 434 00:26:23,760 --> 00:26:28,240 It could apply to if you're in retail, financial services, any sort of organization where you 435 00:26:28,240 --> 00:26:31,280 have a lot of different job functions. 436 00:26:31,280 --> 00:26:33,540 We may first look at our privileged roles. 437 00:26:33,540 --> 00:26:37,240 So if we're thinking about our IT workers in any business, right, those are going to 438 00:26:37,240 --> 00:26:43,480 be our administrators that may have access to, you know, create new user accounts, make 439 00:26:43,480 --> 00:26:49,840 updates to things and do some stuff that would be perhaps equivalent to root access, right? 440 00:26:49,840 --> 00:26:55,200 So something that might be a bit stronger in terms of actual identity or administrative 441 00:26:55,200 --> 00:26:56,200 changes. 442 00:26:56,200 --> 00:26:57,760 That would be one category we're looking at. 443 00:26:57,760 --> 00:27:01,540 And when we're thinking about those permission sets, then if they're using something like 444 00:27:01,540 --> 00:27:07,800 copilot, for example, which copilot has access to all of the, or copilot is able to work 445 00:27:07,800 --> 00:27:08,860 in context. 446 00:27:08,860 --> 00:27:13,480 So if you have a certain permission set, then another user does not have that same permission 447 00:27:13,480 --> 00:27:14,480 set. 448 00:27:14,480 --> 00:27:18,480 So let's say we have somebody who works in IT at an organization, they're an admin, and 449 00:27:18,480 --> 00:27:21,720 then somebody who works in marketing on the other side of the company. 450 00:27:21,720 --> 00:27:25,400 If they run the same prompt and copilot, they're going to get different information back because 451 00:27:25,400 --> 00:27:29,120 of their different privileges that they have and the different things that they can do 452 00:27:29,120 --> 00:27:30,580 within the environment. 453 00:27:30,580 --> 00:27:35,440 On top of that, you know, not just the actual privileges for the identity, we're also looking 454 00:27:35,440 --> 00:27:38,640 at some of the data that people have access to. 455 00:27:38,640 --> 00:27:43,820 So that could be the DLP and the different sensitivity labeling, or if I have access 456 00:27:43,820 --> 00:27:47,720 to a file set and you don't, how we would go about querying that. 457 00:27:47,720 --> 00:27:51,920 And then another layer we can look at is the actual applications that I have access to 458 00:27:51,920 --> 00:27:53,920 that you do not have access to. 459 00:27:53,920 --> 00:27:59,480 So if I work in IT for a hospital, perhaps I shouldn't have access to, you know, play 460 00:27:59,480 --> 00:28:04,520 around with or run a medical specific app because during my day to day at work, I'm 461 00:28:04,520 --> 00:28:06,840 not putting in medical information. 462 00:28:06,840 --> 00:28:11,080 So if I'm like going to my my apps page, for example, or whatever application portal you 463 00:28:11,080 --> 00:28:15,760 use, that should not be something that surfaced up to me or that I'd be able to leverage. 464 00:28:15,760 --> 00:28:20,400 Same with the marketing team, they may be, you know, using an AI tool to create new images. 465 00:28:20,400 --> 00:28:24,040 Maybe we could trim that down where in your example, Michael, a cardiologist might not 466 00:28:24,040 --> 00:28:26,040 need to be doing that on their day to day. 467 00:28:26,040 --> 00:28:30,920 And that just further reduces that risk of perhaps patient information or something that 468 00:28:30,920 --> 00:28:35,000 we wouldn't want to have input into an AI model, but by allowing them to use certain 469 00:28:35,000 --> 00:28:38,040 tools that are appropriate for their job function. 470 00:28:38,040 --> 00:28:40,080 Does that kind of answer the question you had there? 471 00:28:40,080 --> 00:28:41,480 Yeah, I think it does. 472 00:28:41,480 --> 00:28:42,480 All right. 473 00:28:42,480 --> 00:28:43,480 So let's be brutally honest. 474 00:28:43,480 --> 00:28:48,160 We've sort of gone all over the map, including three separate rents. 475 00:28:48,160 --> 00:28:52,640 So why don't we just bring our listeners back to a centered position? 476 00:28:52,640 --> 00:28:56,760 Bailey, why don't you start from the very top, the most gross level protection, work 477 00:28:56,760 --> 00:29:02,600 your way all the way down to the bottom, explaining what the different protections are, and then 478 00:29:02,600 --> 00:29:03,600 with some examples. 479 00:29:03,600 --> 00:29:04,600 Absolutely. 480 00:29:04,600 --> 00:29:09,160 Sorry, I got passionate there with some of the ranting, but to bring it home for our 481 00:29:09,160 --> 00:29:12,400 listeners, if they, you know, tuned out a little bit doing something else and are really 482 00:29:12,400 --> 00:29:16,080 wanting those key takeaways from an over permissioning perspective. 483 00:29:16,080 --> 00:29:19,720 If we're really starting out with, you know, the explosion of AI apps in your environment 484 00:29:19,720 --> 00:29:25,720 and not wasting a good, instead of a crisis, not wasting a good opportunity to go about 485 00:29:25,720 --> 00:29:31,360 doing some of these good security best practices, we could start, you know, at the furthest 486 00:29:31,360 --> 00:29:34,380 out layer for looking at those network access controls. 487 00:29:34,380 --> 00:29:38,380 So what can we block for our users versus allow just straight up? 488 00:29:38,380 --> 00:29:43,160 So in that initial example that we led with that Nikki Chappell spoke about on Brunez 489 00:29:43,160 --> 00:29:47,640 Radio, her work with looking at medical doctors and putting patient information into chat 490 00:29:47,640 --> 00:29:52,160 GPT, what can we just all out block that for your business makes sense? 491 00:29:52,160 --> 00:29:56,160 And of course, you know, we're looking at different risk tolerance that organizations 492 00:29:56,160 --> 00:29:59,960 may have different industries and things that you approve of versus not approve of. 493 00:29:59,960 --> 00:30:04,760 So if it makes sense for you to go ahead and just block it, that might be helpful for your 494 00:30:04,760 --> 00:30:08,360 end users to know what's allowed versus not allowed, empowering them to make the right 495 00:30:08,360 --> 00:30:14,580 decision and also giving you a little bit of less stuff to go ahead and have to administrate. 496 00:30:14,580 --> 00:30:18,680 Of course, though, if you are going to allow access to certain applications, go ahead and 497 00:30:18,680 --> 00:30:24,280 create an allow list or nudge your users towards some approved AI applications where you know 498 00:30:24,280 --> 00:30:28,160 that the data they would be putting in is not going to be trained in models that may 499 00:30:28,160 --> 00:30:31,920 be used by other organizations or used publicly. 500 00:30:31,920 --> 00:30:36,200 So that application access approved deny is going to be a big one. 501 00:30:36,200 --> 00:30:40,600 Then we're looking at, okay, those applications that you've allowed in your environment, 502 00:30:40,600 --> 00:30:42,660 what permissions do they have? 503 00:30:42,660 --> 00:30:47,280 What can we trim back on if they do have, as we, you know, had a bit of inside baseball 504 00:30:47,280 --> 00:30:54,200 earlier on those dot star or just those overprivileged applications where it could be that this application 505 00:30:54,200 --> 00:30:59,760 is very helpful for users, but it just doesn't need all those permissions to run, especially 506 00:30:59,760 --> 00:31:02,120 if it's an internally developed app. 507 00:31:02,120 --> 00:31:06,760 Reach out to your developers and see if we can trim that down and stop, you know, all 508 00:31:06,760 --> 00:31:07,760 of those permissions. 509 00:31:07,760 --> 00:31:12,320 That's something that within enter permissions management, you'd be able to view on those, 510 00:31:12,320 --> 00:31:15,560 what we label as workload identities or non-human identities. 511 00:31:15,560 --> 00:31:20,480 You'd be able to see if that application is truly using those permissions and trim 512 00:31:20,480 --> 00:31:22,280 that down accordingly. 513 00:31:22,280 --> 00:31:25,760 Something else that we mentioned earlier is kind of those vestigial organs of applications. 514 00:31:25,760 --> 00:31:29,760 So also if you're seeing, hey, there's this AI app that we've approved and we have in 515 00:31:29,760 --> 00:31:33,680 our environment, but nobody has used it within the past 90 days. 516 00:31:33,680 --> 00:31:36,100 Of course, check to make sure that it's not a seasonal app. 517 00:31:36,100 --> 00:31:40,400 So if you're in retail, something that may be very popular around the holiday season, 518 00:31:40,400 --> 00:31:44,400 if you're in finance, maybe during tax and audit season, people may be using that app 519 00:31:44,400 --> 00:31:45,500 more heavily. 520 00:31:45,500 --> 00:31:48,960 Use your best judgment for your business, of course, and the seasonality there. 521 00:31:48,960 --> 00:31:53,560 But you could look at removing that application altogether and then just removing a possibility 522 00:31:53,560 --> 00:31:57,660 for if a bad actor were to compromise that application, what they would be able to do 523 00:31:57,660 --> 00:32:01,680 in your environment because it wouldn't even exist. 524 00:32:01,680 --> 00:32:05,960 Then another thing that we may be looking at is the permissions for the actual objects 525 00:32:05,960 --> 00:32:08,080 that that application may be accessing. 526 00:32:08,080 --> 00:32:13,520 So certain examples of if we're leveraging an AI app like Copilot, for example, where 527 00:32:13,520 --> 00:32:18,480 I may want to look up different documents that I've collaborated with coworkers on 528 00:32:18,480 --> 00:32:21,720 or different information that may relate to a project. 529 00:32:21,720 --> 00:32:24,840 Let's say I put in a prompt and I want to look at what's coming new or what's on the 530 00:32:24,840 --> 00:32:29,040 roadmap for a certain year within the context of what I'm working on. 531 00:32:29,040 --> 00:32:32,000 And then all of a sudden it tells me about a product launch on the other side of the 532 00:32:32,000 --> 00:32:33,520 company I shouldn't know about. 533 00:32:33,520 --> 00:32:35,960 That's where that DLP labeling comes into place. 534 00:32:35,960 --> 00:32:40,360 And it's very helpful when we're looking at what's restricted access for certain groups, 535 00:32:40,360 --> 00:32:45,480 what might be something confidential versus for public consumption or for consumption 536 00:32:45,480 --> 00:32:47,720 across other parts of the company. 537 00:32:47,720 --> 00:32:51,160 Trimming down on those privacy labels will be important there. 538 00:32:51,160 --> 00:32:54,880 And then lastly, when we're looking at the actual human identity. 539 00:32:54,880 --> 00:32:59,680 So this is going to be if we're looking at the privileges that users have. 540 00:32:59,680 --> 00:33:02,480 So that might be an administrator permission. 541 00:33:02,480 --> 00:33:06,760 If we're looking at creating users or creating different resources. 542 00:33:06,760 --> 00:33:11,480 And again, if we're talking about AI ads that are going to have the same permissions that 543 00:33:11,480 --> 00:33:14,140 that user has when they're leveraging them. 544 00:33:14,140 --> 00:33:18,840 If we're able to trim down on the permissions that user has, then we're reducing the possibility 545 00:33:18,840 --> 00:33:23,600 of something intentionally perhaps going wrong or unintentionally going wrong if the user 546 00:33:23,600 --> 00:33:27,640 is leveraging a prompt that may not be appropriate for them. 547 00:33:27,640 --> 00:33:31,480 So in order to trim down on some of those privileges for those identities, that's where 548 00:33:31,480 --> 00:33:34,440 a tool like Enter Permissions Management could come into play. 549 00:33:34,440 --> 00:33:38,360 Where we're again able to look at that difference between the permissions that that user is 550 00:33:38,360 --> 00:33:40,600 actually using versus what they're assigned. 551 00:33:40,600 --> 00:33:43,200 And we can get super granular in the tool. 552 00:33:43,200 --> 00:33:45,040 They call it down to the task layer. 553 00:33:45,040 --> 00:33:52,520 When we're looking at if I'm actually doing a specific task within that permission set. 554 00:33:52,520 --> 00:33:57,000 And if you can get as bespoke as you'd like, if you're looking at two colleagues. 555 00:33:57,000 --> 00:34:02,880 So if Alice and Bob are both security administrators, but Alice is using more permissions during 556 00:34:02,880 --> 00:34:07,920 her day to day versus Bob, you could create a bespoke role for Alice or for folks on Alice's 557 00:34:07,920 --> 00:34:08,920 team. 558 00:34:08,920 --> 00:34:13,840 So of course go as course as you would like or as granular as you would like depending 559 00:34:13,840 --> 00:34:18,520 on your tolerance and also the amount of time you have to pour into something like that. 560 00:34:18,520 --> 00:34:22,840 But it's just a few different ways that you can take a defense in depth approach to securing 561 00:34:22,840 --> 00:34:25,040 your AI applications. 562 00:34:25,040 --> 00:34:28,880 So Bailey we're on episode two of four in this little mini series. 563 00:34:28,880 --> 00:34:32,440 Can you give us a bit of a preview of what's to come? 564 00:34:32,440 --> 00:34:36,320 We are and what a great little mini series it is. 565 00:34:36,320 --> 00:34:38,640 So I am the second episode. 566 00:34:38,640 --> 00:34:40,880 I got to cover a bit of over permissioning. 567 00:34:40,880 --> 00:34:41,980 And then we have two more. 568 00:34:41,980 --> 00:34:46,440 So one is going to cover governance and that's going to be led by Christina Smith who does 569 00:34:46,440 --> 00:34:50,300 a lot of our governance work within the product group for Entra. 570 00:34:50,300 --> 00:34:54,360 And so she's going to be talking about those join or move or lever scenarios of what you 571 00:34:54,360 --> 00:34:59,200 can trim down, how you're looking at reviewing, who has access to what and going a layer deeper 572 00:34:59,200 --> 00:35:01,160 than I did in that area. 573 00:35:01,160 --> 00:35:04,600 And then we're going to close it out with Sharon who's going to talk about monitoring 574 00:35:04,600 --> 00:35:05,600 and learning. 575 00:35:05,600 --> 00:35:08,520 So you know the fact that okay you've done all of this once. 576 00:35:08,520 --> 00:35:11,940 What do you do for the future to make sure that you know things stay in a good way? 577 00:35:11,940 --> 00:35:15,920 You don't have too much drift and you're able to monitor if something funky happens in your 578 00:35:15,920 --> 00:35:16,920 environment. 579 00:35:16,920 --> 00:35:17,920 Very cool. 580 00:35:17,920 --> 00:35:20,520 Okay so why don't we bring this episode to an end. 581 00:35:20,520 --> 00:35:25,720 Bailey as you know we always ask our guests for one final thought. 582 00:35:25,720 --> 00:35:29,280 So if you have one final thought to leave our listeners with what would it be? 583 00:35:29,280 --> 00:35:32,440 I do and I'm a fan of the show so I've heard about the final thoughts before. 584 00:35:32,440 --> 00:35:35,420 So I've been ready and excited for this. 585 00:35:35,420 --> 00:35:39,440 My big final thought that I want to leave listeners with and I think Mark Simoes mentioned 586 00:35:39,440 --> 00:35:43,080 this toward the beginning of our episodes, stealing my thunder there. 587 00:35:43,080 --> 00:35:45,680 But that this is a lot of just the basics all over again right. 588 00:35:45,680 --> 00:35:50,000 I think that you know for a very long time we've been talking about over permissioning, 589 00:35:50,000 --> 00:35:53,600 how we can clean stuff up, how we can look at least privilege and these defense in depth 590 00:35:53,600 --> 00:35:59,920 strategies and so a lot of admins and security folks I think you know the conversation around 591 00:35:59,920 --> 00:36:03,960 AI applications and these AI tools is new and fresh. 592 00:36:03,960 --> 00:36:07,880 But a lot of it is just going to be that it's going to surface up when we're doing the basics 593 00:36:07,880 --> 00:36:10,940 incorrectly or doing the basics not so well. 594 00:36:10,940 --> 00:36:15,480 And so this is a great opportunity to be able to really enforce those basics within the 595 00:36:15,480 --> 00:36:19,560 business and be able to empower your users to leverage AI apps. 596 00:36:19,560 --> 00:36:24,000 So you know to kind of close it out and put a little bow on it, it's that this is just 597 00:36:24,000 --> 00:36:29,400 another example of when you need to do the basics really well especially in regard to 598 00:36:29,400 --> 00:36:31,040 AI applications. 599 00:36:31,040 --> 00:36:38,920 You know it's funny I think doing the basics is one of the most common final thoughts. 600 00:36:38,920 --> 00:36:41,520 The other one that's really common is to use multifactual authentication which I would 601 00:36:41,520 --> 00:36:42,840 argue is just the basic anyway. 602 00:36:42,840 --> 00:36:43,840 So yeah. 603 00:36:43,840 --> 00:36:44,840 Well it's good. 604 00:36:44,840 --> 00:36:45,840 Yeah. 605 00:36:45,840 --> 00:36:49,720 And these are the things that I think you know people tend to chase all the sparkly 606 00:36:49,720 --> 00:36:54,160 new stuff and I think that this is an example of a sparkly new thing that is going to force 607 00:36:54,160 --> 00:36:59,280 people back to you know the basics where it's the same thing as anything else where you 608 00:36:59,280 --> 00:37:02,560 know brush your teeth, get eight hours of sleep, you know eat during the day, drink 609 00:37:02,560 --> 00:37:03,560 water. 610 00:37:03,560 --> 00:37:07,440 Like these are all some really basic stuff that can be boring but you know it's important 611 00:37:07,440 --> 00:37:08,440 to do. 612 00:37:08,440 --> 00:37:09,440 Yeah. 613 00:37:09,440 --> 00:37:10,440 I couldn't agree more and don't forget the sunscreen. 614 00:37:10,440 --> 00:37:11,440 All right. 615 00:37:11,440 --> 00:37:14,000 So with that let's bring this episode to an end. 616 00:37:14,000 --> 00:37:15,480 Bailey thank you so much for joining us this week. 617 00:37:15,480 --> 00:37:19,440 I know you're really busy so we all appreciate you taking the time out. 618 00:37:19,440 --> 00:37:23,160 And to all our listeners out there we hope you found this episode interesting. 619 00:37:23,160 --> 00:37:28,480 Don't forget this is the second of four so make sure you tune in for the next two episodes. 620 00:37:28,480 --> 00:37:30,400 Stay safe and we'll see you next time. 621 00:37:30,400 --> 00:37:33,960 Thanks for listening to the Azure Security Podcast. 622 00:37:33,960 --> 00:37:40,760 You can find show notes and other resources at our website azsecuritypodcast.net. 623 00:37:40,760 --> 00:37:45,560 If you have any questions please find us on Twitter at Azure Setpod. 624 00:37:45,560 --> 00:38:12,560 Background music is from ccmixtor.com and licensed under the Creative Commons license.