How Xerox Took Control of Their NHIs
In this Ask-Me-Anything session, we sat down with Mike Hildebrandt, Entra ID/Hybrid Directory Services Delivery Manager at Xerox, to hear how his team tackled the growing risks tied to Non-Human Identities. From a manual, time-intensive process to gaining real-time visibility with Astrix, Mike shared what real-world NHI remediation looks likeโand what others can learn from it.
โWe can now see that an application has seven permissionsโthree of them arenโt used at all. One of them is high risk, but it can be replaced with this permission or that permission. Those are the things you canโt really put a price on. That type of visibility and comprehensive view into our environment has really helped take us much further, much faster.โ
Key highlights:
Getting ahead of the risk curve: Mike discussed the reality that gaps in NHI visibility arenโt just a possibilityโtheyโre inevitable targets. The sooner you act, the more you can avoid costly incidents.
Proving the ROI internally: For teams just beginning to evaluate NHI risks, Mike shared how to frame the conversation around tangible business impactโfrom data loss to reputational harm.
Moving beyond spreadsheets: What once took full-time employees and contractors weeks of manual work is now surfaced automatically in Astrixโcomplete with unused permission alerts and risk-based recommendations.
Least privilege in practice: With Astrix, the team gained clear insights into what permissions were actually usedโallowing them to confidently reduce scope without breaking automation workflows.