Okta Elevates Enterprise Security with New Identity Security Posture Management Features
In an age where artificial intelligence is becoming increasingly prevalent in the workplace, securing these technological innovations is paramount. Okta has recently introduced Agent Discovery within its Identity Security Posture Management (ISPM). This new feature is designed to help organizations identify shadow AI, uncover hidden identity risks, and address misconfigurations of both known and unknown agents. By mapping the potential impact, companies can better manage the agents involved in their AI workflows.
Importance of Identity Discovery
As organizations navigate the complexities of modern technology, they are encountering a significant accountability gap. The term “shadow IT” is evolving into what is being termed “shadow AI.” According to a recent report from Gartner, 69% of organizations either suspect or have confirmed that employees are using prohibited generative AI tools. This trend raises concerns, with predictions suggesting that by 2030, over 40% of enterprises will face security or compliance issues directly tied to unauthorized shadow AI.
This lack of visibility is primarily fueled by the democratization of agent creation, allowing employees to easily provision digital workers. The proliferation of agent builder platforms exacerbates the situation, leading to inadequate IT supervision over how employees utilize unvetted tools that employ OAuth grants to leak data outside the security perimeter.
Bringing Shadow AI Under Enterprise Control
Agent Discovery plays a crucial role in identifying OAuth consents and locating agents that operate on unsanctioned platforms or through unvetted agent builders. By exposing these connections at their source, organizations can gain insights into AI tools infiltrating their environment, before they develop into complex app-to-app integrations or backend API connections.
By integrating with popular web browsers like Google Chrome, Agent Discovery captures real-time signals that illustrate the relationship between the Client App (the AI tool) and the Resource App (the data source). It raises alerts when unknown agents utilizing unsanctioned tools acquire permissions to sensitive data, detailing the specific permissions and scopes granted, and unmasking unauthorized applications that evade security evaluations.
“When employees introduce their own AI agents into the workplace, it creates a perilous blind spot where unregulated tools interact with enterprise data and systems,” elaborated James Simcox, Chief Operations and Product Officer of Equals Money. “Organizations must engage in continuous discovery to ascertain which agents exist, who is responsible for them, and what data they can access. The emergence of solutions like Agent Discovery brings the much-needed visibility and governance to manage shadow AI before it poses security or compliance threats.”
Once identified, organizations can bring these agents under control by registering them as recognized, managed identities within Okta, deploying secure policies, and assigning human owners to oversee them.
Future Directions
As the risks extend from unsanctioned platforms to managed AI/ML environments and large language models (LLMs), Okta plans to enhance its continuous discovery capabilities to monitor these critical AI landscapes. This initiative will empower security teams to transform sanctioned, high-risk identities into regulated assets.
