AI agents and automations do not use passwords or MFA, yet they authenticate and access data continuously. Treated like normal users, they become hard to track, easy to over-permission, and difficult to audit.

This session shows Microsoft 365 admins how to apply Zero Trust to non-human identities at scale using Microsoft Entra. You will learn how these identities differ from user accounts, what “good” access control looks like in practice, and how to block risky access before it reaches sensitive resources. We will also cover governance patterns that keep ownership clear and permissions time-bound, so every non-human identity has accountability and built-in review.