I recommend this podcast on security permissions which has come up as a topic on our community roundtables.
If your AI isn’t permission-aware, it’s not ready for the enterprise. AI can accelerate productivity, but without the right controls, it risks exposing your most sensitive content. In this episode, Ben Kus, CTO of Box, and
Together, they explore how permission-aware AI works, why role-based access isn’t enough, and what it takes to protect data before it’s ever retrieved.
Key moments to listen for:
(00:00) Why AI poses a real risk to enterprise data
(01:40) What can go wrong when RAG ignores permissions
(03:11) How Secure RAG actually works
(04:58) Why role-based access isn’t enough
(08:51) The TLDR