From Access Control to AI Control: Why Identity Governance Is Key to Scaling AI in the Enterprise

Imagine a company, or a bank, deploys an AI co-pilot to manage financial transactions. This AI co-pilot has access to lots of data, financial transactions, customer information. Then, one morning, an attacker sleeps in a poisoned prompt via a routine email. This AI co-pilot executes that prompt and then, the bank starts facing issues of fraudulent transactions. This is not science or fiction. This is what we are currently facing as we shift from access control to AI control.

My name is Cynthia Akiotu, a cyber security architect. I'm glad to be here today at the TechLead Conference and I'm going to be talking about the shift from access control for managing human users to AI control for managing machine identities, agents, and even humans as well. There's no more news. AI is becoming an active participant in our enterprise. AI, I gave the example of the banking AI being used as a co-pilot in a bank, but that's just one of it. In the health sector, AI now is being used in managing patient information and even giving recommendations on treatment options for patients. What about in the retail sector? Artificial intelligence is being used in managing invoice and even inventory stock up.

Let's talk about enterprise. Currently, we are using AI in drafting emails, scheduling meetings, and lots more. In cyber security today, we have AI deployed in our organization used for trend hunting, managing policies, and configuration, and even giving us remediation and response processes. AI is no more passive. It has become an active participant in our systems. They can now decide, act, and even execute actions on our behalf in our enterprise. This creates a shift for us to think about how we can manage AI, because the question is no more about what AI is being used in our organization, but rather how do we manage the identity and access of AI in our enterprise?

From chat GPT to Microsoft 365 co-pilots, being used in drafting emails, giving us some summaries, generating videos, and lots more. With this transformation and innovation, we also came with broadened exposure in our ecosystem. Generative AI proved to be vulnerable through prompt injection and data manipulation. It could also be corrupted as well, it could also be corrupted as well, and have been tricked to leaking information or being poisoned with data. It led to exposure as well. Exposure of all the loopholes in our enterprise, insecure API, the rise of generative AI also led to the rise of shadow AI in our organizations and enterprise where we cannot even track the use of artificial intelligence in our organization.

What about unpredictable outputs, the hallucination, and biased results as well? At first, this started as something very embarrassing and inconveniencing as well. A chatbot, you request an information from the chatbot and it gives you a totally different response, or you are conducting a research and it gives you a response totally different from your requests. All this broadening the exposure of generative AI, and these loopholes are now also being moved into becoming our virtual teammates converging into agents.

Who knows, maybe we will start writing and giving agents offer letters. These agents can act independently, independent of the human user, take actions, execute actions, and they are persistent, working around the clock, 24-7 hours a day, even when users or humans are sleeping. What about the opacity of agents? Well, we do not even know the context in which these agents are working or running. Interconnectedness. These agents can connect with several APIs, several CRM systems, working agents, multi-agents, agents to agents working together. All these have given rise to situations where agents cannot gain access to sensitive information over permissioned rights into our resources.

Interconnectedness. These agents can connect with several APIs, several CRM systems, working agents, multi-agents, agents to agents working together. All these have given rise to situations where agents cannot gain access to sensitive information over permissioned rights into our resources, because, for example, as an HR, you give an agent to draft an email, it drafts that email and automatically helps you to send that email, while also getting access to your inbox and seeing sensitive information that is not meant to see. All this has given us a rethink on how to shift from access control to AI control. Access control guards the door, but now, because AI can reason and make decisions, they are building new hallways, so you give the AI a step and it takes 20 steps forward. So this is why we have to now think of how we can use identity governance, which is the missing link, to be able to see what these agents are doing, what permission they have. So, be able to make agents and use of AI instead of becoming a risk, by a promise in our organisation and enterprise.

Now, without identity governance, how do you know what agents, or who is even assessing resources? What permissions do they have? Without identity governance, how do we know who assessed what data? Before even thinking about what data that was assessed, without identity governance, how do we even know which information is sensitive and non-sensitive? Without identity governance, how do we know who assessed our systems? How do we know if the insider is an agent or a human user? Without identity governance, rules and compliance is just paperwork. So, identity governance is a hub that holds access control, data security, privacy, rules and compliance together. So, this is why we need to involve the use of identity governance in managing AI in our organisation and making it the central hub for these other processes.

Let's move and talk about, as tech leaders, how can we manage this artificial intelligence using identity governance? And here, I introduce you to the playbook for Tech Lead. You can see, I've already said earlier, that identity governance is the hub for managing AI in our organisation. 82% of organisations are already using artificial intelligence agents, and 53% of them are saying they know that these agents are assessing sensitive information, and only 20% can track visibilities of these agents. So now, this is why I introduce you to this playbook, Identify, Secure, Govern and Audit. The Identify, I like to call it visibility of the ghosts. We need to gain access and be able to identify what AI is being used in our organisation. We need to be able to identify what agents are in our organisations, what AI agents are in our organisation, before even knowing what resources are being assessed by these AI agents. That is why Microsoft has introduced the Microsoft Entra Agent ID, where you can gain visibility of agents deployed in your environment, and also invoke policies like Privilege Identity Management to ensure that these agents are not executing actions without proper permission, and they are only doing these actions only when needed at a time-bound process. Talk about security. Securing this process is one of the main tasks of identity governance. Being able to configure conditional access policies, and also introducing data security management for artificial intelligence to be able to track artificial intelligence used in our organisation, how to also track this AI from not divulging sensitive information of our organisations as well.