About the Book
The Privileged Path — a comprehensive, practitioner-written book on securing privileged access in Microsoft environments.
The Privileged Path
The Privileged Path is a comprehensive book on securing privileged access in Microsoft environments. Written by Andy Kemp, it draws on years of direct implementation experience across enterprise and public sector organisations.
What the book covers
The book follows the same five-pillar structure as the Privileged Path Framework:
- Foundation — identity hygiene, account separation, governance, and the structural decisions that underpin everything
- Control — PIM, Conditional Access, MFA, authentication strength, and least privilege in practice
- Isolation — PAW deployment across physical, virtual, Windows 365, and AVD; tiering; network segmentation
- Operations — break glass, privileged account lifecycle, secure admin processes, and operational discipline
- Validation — monitoring, access reviews, compliance evidence, and continuous assurance
How it differs from vendor documentation
Microsoft’s documentation is comprehensive but vendor-neutral by necessity. It tells you what features exist. It does not tell you:
- Which features to prioritise and in what order
- What the common implementation mistakes are
- How to handle the real-world constraints that every organisation faces
- What “good” actually looks like in practice
- How to build a coherent strategy rather than deploying individual features
The Privileged Path fills this gap with opinionated, experience-based guidance.
Who it’s for
- Security architects and engineers responsible for privileged access
- Identity and access management professionals
- IT leaders who need to understand the full picture
- Consultants working with regulated organisations
- Anyone responsible for Tier 0 security in Microsoft environments
Status
The book is currently in development. Free cut-down versions of key chapters are available as guides on this site.