I recommend this podcast on security permissions which has come up as a topic on our community roundtables.

If your AI isn’t permission-aware, it’s not ready for the enterprise. AI can accelerate productivity, but without the right controls, it risks exposing your most sensitive content. In this episode, Ben Kus, CTO of Box, and ​@Meena Ganesh Box Box Senior Product Marketing Manager, unpack why Secure Retrieval-Augmented Generation (RAG) is essential.

Together, they explore how permission-aware AI works, why role-based access isn’t enough, and what it takes to protect data before it’s ever retrieved.

Key moments to listen for:

(00:00) Why AI poses a real risk to enterprise data

(01:40)  What can go wrong when RAG ignores permissions

(03:11) How Secure RAG actually works

(04:58)  Why role-based access isn’t enough

(08:51) The TLDR