As one of the core tenants of zero trust, least privilege access is probably the least understood and the hardest to reach today. At the highest level, think of least privilege access as providing people – or identities more generally – the access they need to do a job, and for no longer than they need it.

IT, Security, and GRC teams have long held a love-hate relationship with directory groups. Groups enabled companies to scale permissions for a time, but the proliferation of directory groups is now causing major headaches for security.