How Xerox Took Control of Their NHIs
In this Ask-Me-Anything session, we sat down with Mike Hildebrandt, Entra ID/Hybrid Directory Services Delivery Manager at Xerox, to hear how his team tackled the growing risks tied to Non-Human Identities. From a manual, time-intensive process to gaining real-time visibility with Astrix, Mike shared what real-world NHI remediation looks like—and what others can learn from it.
“You know, we can see, hey, this application has seven permissions—three of them aren’t used at all. One of them is high risk, but it can be replaced with this permission or this permission. Those are the things you can’t really put a price on. That type of visibility and comprehensive view into our environment has really helped take us much further, much faster.”
Key highlights:
Getting ahead of the risk curve: Mike discussed the reality that gaps in NHI visibility aren’t just a possibility—they’re inevitable targets. The sooner you act, the more you can avoid costly incidents.
Proving the ROI internally: For teams just beginning to evaluate NHI risks, Mike shared how to frame the conversation around tangible business impact—from data loss to reputational harm.
Moving beyond spreadsheets: What once took full-time employees and contractors weeks of manual work is now surfaced automatically in Astrix—complete with unused permission alerts and risk-based recommendations.
Least privilege in practice: With Astrix, the team gained clear insights into what permissions were actually used—allowing them to confidently reduce scope without breaking automation workflows.