the-lightwriter/iStock/Getty Images Plus via Getty Images
Follow ZDNET: Add us as a preferred source on Google.
ZDNET's key takeaways
IT managers have limited visibility into when users give external apps access to company data.
When those external apps are AI agents, the security risks multiply by orders of magnitude.
Okta has proposed a standard to give organizations more visibility and control over those permissions.
By the end of 2026, many of us will have at least one AI-powered agent doing something behind the scenes on our behalf. Within five years, it could be tens or hundreds of agents. They will not only make decisions about what to do (based on their autonomous observations), but they will connect to multiple sources of data (as well as each other) in order to optimize those decisions and other outcomes.
This future should terrify most organizations that already go to great lengths to protect their digital resources from unauthorized access. As employees are pressured to do more with the help of AI, they'll look to launch these agents and grant them access to whatever corporate resources are necessary.
Today's credential for such user-provisioned application-to-application access -- known as an OAuth token -- may be woefully unsuited to the task.
... continue reading