Follow ZDNET: Add us as a preferred source on Google.
ZDNET’s Key Takeaways
- AI agents require credentials, increasing enterprise risk.
- 1Password introduces Unified Access to manage both human and AI credentials effectively.
- The platform discovers, secures, and audits credentials across various environments.
As digital transformations usher in new technologies, AI agents have emerged as pivotal players in the workplace. These virtual entities mimic human behavior, carrying out tasks and responsibilities across organizational networks. However, their integration comes with significant challenges, especially in credential management.
Reflecting on a personal experience, I recall my concerns when I left my cat, Sammy, with a caregiver during business trips. Despite trust, I worried about the security of my home and belongings. What if access was misused? Similarly, organizations face increasing anxiety regarding how AI agents manage essential credentials.
Also: Is your AI agent a security risk? NanoClaw aims to contain it.
AI agents must access critical systems, requiring various types of credentials such as passwords, API keys, and access keys. Unfortunately, security practices have lagged, with developers often embedding these credentials directly into their code or prompts.
1Password for AI Agents
This issue hasn’t gone unnoticed. 1Password has recognized these challenges and launched a dedicated solution called Unified Access. This tool provides organizations with a robust method to manage the access complexities posed by AI agents.
Also: AI agents are fast, loose, and out of control, finds MIT study
Unified Access is currently available, excluding an upcoming audit feature. It enables organizations to discover, secure, and audit access for both human and AI identities across their networks.
If you find this akin to Microsoft’s Agent 365 identity management product, you’re not mistaken. With the deployment of AI agents becoming more widespread, managing their identities has become an urgent concern.
AI technology is evolving rapidly, leading to parallel advancements in solutions. New challenges often provoke various companies to address them simultaneously, as seen with credential management for AI agents.
1Password’s approach, while similar in intent to Microsoft’s, is distinct. It focuses on safeguarding credentials, secrets, and machine identities as AI systems engage in real work environments.
Emerging Risks of AI Agents
“AI adoption is transforming our threat model,” stated Heather Cannon, Director of Security at DigitalOcean. This statement encapsulates the issue at hand. David Faugno, CEO of 1Password, echoed her sentiment, noting that these agents now operate within actual production settings.
The challenge grows as AI transitions from experimental tools to vital workers across enterprise environments. These agents execute workflows and connect to infrastructure, often relying on the same credentials used by developers to access internal APIs and enterprise data.
Also: OpenClaw poses security risks: 5 red flags to watch out for
Cannon emphasized the need for visibility into AI systems within their environment. 1Password’s solution aims to provide greater insight and governance, addressing the risks associated with unauthorized AI usage while promoting safe AI adoption.
Identifying Embedded Risks Across Organizations
1Password refers to its platform as a “platform model,” focusing on three essential steps: discovering existing agents and credentials, securing them through a centralized vault, and logging access activity meticulously.
The discovery component seeks to identify vulnerabilities, such as unregulated access to keys and passwords. The platform scans for AI tool usage across various environments and detects exposed credentials, including plaintext files and unsecured SSH keys.
Also: Why enterprise AI agents could evolve into significant insider threats
To execute this discovery process effectively, 1Password requires in-depth access within the organization. Although this is critical to managing AI access, such access presents its own security risks.
Centralized Credential Vault for Secure Management
In an email exchange, Nancy Wang, CTO of 1Password, explained, “Instead of locally storing credentials or embedding them into scripts, they can be securely pulled from the vault when needed.”
The platform centralizes credential storage in a secure vault, eliminating the need for secrets to be hard-coded into prompts, scripts, or config files.
Also: Nvidia’s OpenClaw emphasizes security layers – explore how NemoClaw operates
Wang noted that developers can reference secrets through 1Password instead of directly embedding them in code or environment variables. At runtime, 1Password resolves the request, enforces policy, and issues credentials only to authorized processes, logging each event according to corporate policy.
Integrations with AI Tools and Developer Platforms
Acquiring access to all developer tools is a complex yet necessary task. To ease this process, 1Password is partnering with various tool and enterprise vendors to integrate their offerings directly.
Initial partnerships announced include AI developer tools like Cursor and GitHub, alongside cloud and developer platforms such as Vercel.
“As coding tools evolve, security must be woven into developers’ workflows,” stated Talha Tariq, CISO at Vercel. “Our collaboration with 1Password simplifies secure credential access within familiar environments, allowing developers to remain agile without compromising security.”
Also: AI agents could cause chaos: Research highlights risks of bot interactions
Cursor and GitHub utilize 1Password to enhance security across different development workflows. Extensions are available for their tools, with additional partnerships on the horizon.
Insights from 1Password’s CTO
I had the opportunity to ask several questions to Nancy Wang, 1Password’s CTO, who graciously responded even while on a plane.
Regarding user experience, she mentioned, “The interface remains familiar, extending the functionalities people love into the environments where agents operate through Unified Access.”
I sought clarification on how credentials are managed. She explained, “Agents interact with 1Password in a way that extends the familiar experience into their operational environments. We see agents as a new identity type that requires secure access to act on behalf of users.”
Also: How I seamlessly transitioned my password manager
Wang elaborated, “Agents can retrieve their required credentials from the vault at runtime. This approach avoids embedding secrets directly in prompts, code, or memory.”
Returning to the earlier concerns about credential management, Wang stated, “If credentials need updating, it can be handled within the vault, granting all agents access without individually updating each one.
Overall, 1Password aims to create a centralized and secure repository for credentials within the agentic sphere. While complex, tools like Unified Access and Agent 365 are imperative as we adapt to these new technological realities.
Your Perspective
Are AI agents already part of your organizational workflows, or are you still in the exploration phase? How are you addressing their credential and access management needs? Do you believe that centralized vault solutions like 1Password’s Unified Access and Microsoft’s Agent 365 are progressing in the right direction?
Also: 1Password raises prices: Alternatives to consider
Are you concerned about agents utilizing the same credentials as human developers, or do you see this as manageable with effective tools? How much visibility do organizations truly have concerning their automated systems’ activities? Share your thoughts in the comments below.
For ongoing updates, feel free to follow me on social media. Subscribe to my weekly newsletter and connect with me on Twitter/X at @DavidGewirtz, on Facebook at Facebook.com/DavidGewirtz, on Instagram at Instagram.com/DavidGewirtz, on Bluesky at @DavidGewirtz.com, and on YouTube at YouTube.com/DavidGewirtzTV.
