Notifications
Clear all
Topic starter
27/06/2026 1:04 pm
TL;DR: AI tools such as Microsoft Copilot are widening data exposure risks where visibility, permissions, and identity hygiene have not kept pace, and Netwrix says its 1Secure PRO webinar frames DSPM plus ITDR as a single operational model for MSPs. The key issue is not just data discovery, but who and what can reach it, especially as identity scope expands across hybrid environments.
NHIMG editorial — here’s why we think this discussion matters
By the numbers:
- 90% of IT leaders say properly managing NHIs is essential for a successful zero-trust implementation.
- 96% of organisations store secrets outside of secrets managers in vulnerable locations including code, config files, and CI/CD tools.
- Only 5.7% of organisations have full visibility into their service accounts.
Questions worth separating out
Q: How should teams govern AI-assisted access to sensitive data in hybrid environments?
A: Treat AI-assisted access as an access governance problem first, not just a data search problem.
Q: Why do AI tools expose weak identity governance so quickly?
A: Because they can traverse content and permission structures faster than human users, so stale groups, excessive access, and inherited entitlements become visible at scale.
Practitioner guidance
- Map sensitive data to effective access paths Use DSPM outputs to identify where sensitive data lives, then validate which human, service, and application identities can actually reach it across Microsoft 365, file servers, and SQL Server.
- Review inherited permissions before enabling AI search Check broad groups, nested roles, and stale entitlements before Copilot-like tools are allowed to index content that was not designed for wide discovery.
- Correlate identity anomalies with data exposure Feed ITDR alerts into the same triage queue as data posture findings so investigators can tell whether risky behaviour touched exposed content or only probed for it.
What to expect at the briefing
Netwrix's full webinar covers the operational detail this post intentionally leaves for the source:
- How 1Secure PRO is positioned for MSP delivery across multiple customer environments
- The specific Microsoft 365, file server, and SQL Server discovery workflows discussed in the session
- The multi-tenant dashboard and integration workflow with ConnectWise and ServiceNow
- The audit and reporting features used to support compliance and investigations
👉 Register for Netwrix's webinar on unified DSPM and ITDR for AI-era access risk →
DSPM and ITDR for AI access risk: what MSPs need to know?
Explore further
27/06/2026 2:14 pm
Identity and data governance now fail together, not separately. The article reflects a programme reality that many teams still ignore: data exposure becomes operationally meaningful only when identity paths are understood at the same time. DSPM without identity context tells you what is sensitive, but not whether the access is defensible. ITDR without data context tells you who behaved oddly, but not what they could reach. Practitioners should read this as a signal that control ownership across data and identity can no longer be split cleanly.
A few things that frame the scale:
- 97% of NHIs carry excessive privileges, increasing unauthorised access and broadening the attack surface, according to Ultimate Guide to NHIs.
- Only 5.7% of organisations have full visibility into their service accounts, which is why access evidence and entitlement review remain weak in many programmes.
A question worth separating out:
Q: How do teams decide whether AI adoption is increasing security risk or improving control?
A: Look at whether AI adoption is improving the organisation’s ability to explain access. If it reveals unknown permissions, stale identity paths, or audit gaps, the programme is uncovering debt, not improving control. Mature teams use that visibility to tighten governance before scaling usage further.
👉 Read our full editorial: Netwrix 1Secure PRO ties DSPM and ITDR to AI access risk
