Identity Governance in a World of Autonomous Agents
The Agents are Coming.
AI is advancing faster than any technology in history. With figureheads making wild predictions about the future of work or life, it can be hard to keep up. While this can feel far out, Agents are already producing real results in production. Reports on vertical and horizontal Agent use cases have emerged, showing us that not only are AI Agents coming—they’re already here.
Agents unlock tremendous automation opportunities that drive business value in ways we’ve never imagined. With that, they’ll also completely change the way we manage data and systems access. In the Enterprise, this will test the limits of identity governance controls and structure.
Identity teams are already struggling. Employees, contractors, and non-human identities, combined with an explosion of distributed systems, have put them in a tough spot. There is no single pane of glass, and the rigidity of traditional tools can make automation feel like a fool’s errand. Throw Autonomous Agents into the mix, and the next five years paint a scary picture.
The Next Wave: AI Agents and the Identity Challenge
Predictions suggest that soon, each person will work alongside 50+ personalized Agents. The workforce will welcome them into their workflows with open arms, hoping to reap the rewards of productivity gain. If this feels like deja vu, that’s because it is–it wasn’t long ago when this happened with SaaS and Cloud. And while security practitioners asked for time to assess the risks, the business marched forward, unphased.
Agents are the next evolution of software. With agents, many of the core platforms and infrastructure we use today will stay relevant. So, why is this an identity crisis? Agents will behave like a hybrid of employees, contractors, and software. In the same way that employees and workloads need to be governed and granted secure access to systems and data, agents will, too. And their complexities will need to be managed.
Inventory & Risk
To govern them, we first need to find them. Without an inventory, how can you begin to ensure that these new workers are operating in accordance with your policies? The problem with Agents is that they reside in multiple locations in the Enterprise. Engineers are building them in AWS, sales teams are building them in Agentforce (Salesforce’s platform for building and managing autonomous agents), and SaaS providers are adding them to your enterprise apps.
Once you’ve left no stones un-turned discovering Agents, Identity Governance issues (among others) begin to rear their ugly heads. What data and systems have they been given access to? And subsequently, what risk have they introduced? Agents’ non-deterministic nature is creating a need for a new risk-scoring framework that takes into account Agent access, privileges, and other important attributes that contribute to the likelihood vs. impact matrix.
Agent Sign-Ins
Agents are different from traditional machine workloads. Yes, they can access systems via API Keys and Service Accounts. But they can also traverse user interfaces. They can beat CAPTCHA to join web conferences and log into file shares, capturing sensitive data that existing audit logging is blind to. If MFA gets in the way, people will happily shut it off despite years of awareness training.
Imagine the nightmare for SecOps teams that have no way of knowing the difference between Agent and worker authentications. The finely tuned detections they put years of work into will be useless. Now, when they call a worker during an investigation, they’ll ask, “Did you just give an Agent access to AWS?” before they can even worry about the suspicion of an attacker.
Accountability
When Agents assume worker identities, we can’t differentiate between human-taken and AI-driven actions. After all, the big deal with Agents is their ability to reason and perform actions. What happens when an Agent does something so wrong that if a Worker performed that same action, it would result in termination?
Not only do we need to be able to tell the difference, but we’ll also need to know which worker’s agent made the mistake. It’s increasingly important to know who was responsible for an Agent so we can inform them about the mistake and help them institute guardrails to ensure it won’t happen again. What does an org chart look like when it consists of more Agents than workers?
Privileges
Privileges have still yet to be solved with human workers. Recent stats show that as much as 95% of privileges go completely unused. Agents perform best when limited to a specific scope. So, how do we approach privilege and access grants with an explosion of Agents?
Unfortunately, ensuring that the access of an Agent aligns with that of their human principal isn’t a very good starting point. Today, privileges are so sprawling that even this approach can allow a worker to ask their agent for data that was hidden in plain sight… The classic example is an HR document with employee salaries that was carelessly ‘shared with the whole organization’ because, in theory, no one would ever find it. Without proper controls in place, Co-pilot rollouts have stalled. To the same tune, Non-Human Identities are often overprivileged, but their deterministic code is a limiting factor. When Agents are given API keys, they’ll test and learn the boundaries of their access, leveraging data and performing actions that their hard-coded counterparts never knew they had. Interestingly, solving this problem reduces the Retrieval Augmented Generation (RAG) context, resulting in better Agent performance and reduced token costs. Could security and the business finally be aligned on this?
Take that to the next logical step, and there’s an obvious need for more ephemeral privileges. Just as limited scope improves performance, when Agents’ strengths are realized, their access may need to expand. Identity teams already lament over the volume of access requests and access reviews. Scaling existing methods 50x is a completely untenable task. Ensuring Agents are offboarded and reduced in scope when their access is no longer needed will be even more critical than doing so with human users.
Fighting Fire with Fire
Throughout the security landscape, you’ll hear a common phrase from forward-thinking practitioners. “We’re fighting AI with AI!” In most cases, they’re referring to the internal use of Agentic automation to combat the increasing number of AI-generated attacks. The same can be true for identity security teams, who need to scale to the business's new demands. But unlike the slough of Agentic SecOps platforms in early development, Agentic Identity platforms haven’t yet caught on. Why? While hackers are early adopters of AI, businesses are still figuring it out.
Imagine a world where every employee has a personalized Governance Agent that can quickly take action when a new Business Agent comes on board or needs to be decommissioned. With a deeply personalized view of the employee’s access patterns, the Governance Agent can ensure access is granted properly and handle the many exceptions that haven’t let us break free of manual processes.
Context is Key in Exception Handling
Traditional identity solutions rely on telemetry alone. Without proper context, exceptions and edge cases have limited automation options in identity security.
But what if you could power your identity operation with the 80% of enterprise data that is unstructured—emails, Slack messages, ServiceNow tickets, expense reports, and calendars—bringing business context into the picture? This enables IGA Agents with contextual automation by eliminating the blindspots that create manual bottlenecks.
The Future of Identity Security
The rise of AI Agents marks a paradigm shift in identity management. These agents are not just another category of non-human identity; they evolve dynamically like employees. Their access needs change, their responsibilities evolve, and their accountability must be clearly defined. Emanate’s Agentic platform connects with the many systems where human and non-human identities are managed, enabling identity governance at a machine scale and dramatically reducing manual workloads.
There’s a new enterprise reality quickly approaching. Every Agent-enabled organization needs to prepare for the security, governance, and risk management of Agents. We’re here to help provide the automation and oversight needed to manage the convergence of human, machine, and Agent identities. As identity security evolves, organizations must adopt a holistic approach that ensures control—without stifling innovation.
