5 December 2025

Update Authorization Box: Insight into Security Groups and AI Agents

Keeping data secure starts with knowing exactly who has access to what. For years, Authorization Box from 2-Controlware provided you with insights into user permission risks. However, users are no longer always people, and permissions are increasingly assigned indirectly. 

This makes it harder to see who actually has access to your sensitive data, creating security gaps you might not even 
know exist. 

To keep you ahead, we’ve updated our software to also give you a clear view of risks from Security Groups and AI Agents. 

Insight into Security Groups and AI Agents 

Traditionally, monitoring focuses on the 'normal' user: an employee who logs in and performs specific actions. But what happens behind the scenes? 

Technically speaking, security groups and AI agents behave exactly like users within the system. They acquire permissions, execute tasks, and have access to sensitive functionality. If these are not included in the risk analysis, blind spots form in your security. In our latest update, we made these new types of users visible.

 

What’s New? 

1. Introducing AI Agents  

Recently, AI agents have been introduced to Business Central. They work independently to get things done, which means they need 
their own set of permissions. But how do you know if an agent has accidentally gained access to something sensitive? In our updated monitoring, these agents are now explicitly visible. 

We’ve separated them by license type, letting you quickly distinguish between 
human users and AI, so you can manage your risks without any confusion. 

 

2. Transparency in Security Groups  
Managing permissions with security groups is efficient, but it can obscure compliance insights when combined with regular permission 
sets and organizational roles. After all, exactly which permissions does a user obtain through which group? 

In the new update, we have made this completely transparent: 

  • Direct insight: Security groups are now analyzed for risks, just like users. 

  • The origin of permissions: When reviewing the analysis result of an 
    individual user, you can now see exactly which permissions are 
    assigned directly, which are obtained through membership in a security group, and which come from regular permission sets.     
     

Complete oversight

With these additions, we ensure that your risk analysis is complete. Whether it concerns a new colleague, a smart AI assistant, or a complex permissions structure via groups: you stay in control.

The update is available immediately in the Authorization Box. Do you have questions about how to best interpret these new insights? Feel free to contact us.

To listing

2-Controlware B.V.

Haagsemarkt 1
4813 BA Breda
The Netherlands
+31 (0)76 5019470

VAT NL819640347B01
COC 20142369

2-Controlware Inc.

228 E45th St, #9E
10017 New York
United States of America

Subscribe to our newsletter

Stay up to date with the latest news about our authorization software for Dynamics.