Identity Governance Evolution for Agentic Systems
Key Points
- The concept of identity governance began in the 1960s with mainframe users needing to protect files and schedule batch jobs, prompting early questions of “who am I?” and “what am I accessing.”
- By the 1970s‑80s, the rise of networked databases and applications required systematic user provisioning, directory services, authentication, and access control, expanding identity management to both internal employees and external partners.
- Modern identity governance now handles complex ecosystems that include SaaS platforms, firewalls, and remote users, emphasizing continuous verification of who can do what across diverse systems.
- As AI‑driven chatbots and autonomous agents proliferate, we must extend traditional identity governance frameworks to define and control “agentic identities,” ensuring these agents are authenticated, authorized, and governed just like human users.
Sections
- From Mainframes to Agent Governance - The speaker traces the history of identity governance—from early mainframe file protection in the 1960s through networked databases and directories—to argue how these principles can be adapted for governing the identities of modern autonomous agents.
- Agents vs. Traditional System Identities - The speaker explains that autonomous agents are dynamic, non‑human entities with complex interactions and handoffs, contrasting them with the static, deterministic process flows of conventional systems.
- Governance of Autonomous Agent Identities - The speaker outlines a governance strategy that requires assigning each AI agent a unique, verifiable identity and implementing strict access controls to ensure predictable behavior and compliance with regulatory requirements.
- Governance, Isolation, Observability - The speaker emphasizes restricting agents to narrow functions, using segmentation and isolation to limit damage, and ensuring full observability for auditability when deploying enterprise agentic systems.
Full Transcript
# Identity Governance Evolution for Agentic Systems **Source:** [https://www.youtube.com/watch?v=AuV62XbiZcw](https://www.youtube.com/watch?v=AuV62XbiZcw) **Duration:** 00:10:52 ## Summary - The concept of identity governance began in the 1960s with mainframe users needing to protect files and schedule batch jobs, prompting early questions of “who am I?” and “what am I accessing.” - By the 1970s‑80s, the rise of networked databases and applications required systematic user provisioning, directory services, authentication, and access control, expanding identity management to both internal employees and external partners. - Modern identity governance now handles complex ecosystems that include SaaS platforms, firewalls, and remote users, emphasizing continuous verification of who can do what across diverse systems. - As AI‑driven chatbots and autonomous agents proliferate, we must extend traditional identity governance frameworks to define and control “agentic identities,” ensuring these agents are authenticated, authorized, and governed just like human users. ## Sections - [00:00:00](https://www.youtube.com/watch?v=AuV62XbiZcw&t=0s) **From Mainframes to Agent Governance** - The speaker traces the history of identity governance—from early mainframe file protection in the 1960s through networked databases and directories—to argue how these principles can be adapted for governing the identities of modern autonomous agents. - [00:03:04](https://www.youtube.com/watch?v=AuV62XbiZcw&t=184s) **Agents vs. Traditional System Identities** - The speaker explains that autonomous agents are dynamic, non‑human entities with complex interactions and handoffs, contrasting them with the static, deterministic process flows of conventional systems. - [00:06:17](https://www.youtube.com/watch?v=AuV62XbiZcw&t=377s) **Governance of Autonomous Agent Identities** - The speaker outlines a governance strategy that requires assigning each AI agent a unique, verifiable identity and implementing strict access controls to ensure predictable behavior and compliance with regulatory requirements. - [00:09:35](https://www.youtube.com/watch?v=AuV62XbiZcw&t=575s) **Governance, Isolation, Observability** - The speaker emphasizes restricting agents to narrow functions, using segmentation and isolation to limit damage, and ensuring full observability for auditability when deploying enterprise agentic systems. ## Full Transcript
Howdy everyone.
We are interacting more and more and every day with assistants and chatbots and agents.
And with the rise of all these agents and agentic systems,
how do we start thinking about governing agents and how do we express their identities?
To actually address this question, we have to go back a little bit.
And let's do a quick walk through the evolution of identity governance
so that we know how we can then apply that to agentic
identities and agentic agent governance.
Alright, so if we go back actually all the way back to the 1960s,
we had people that were storing on mainframes files that they wanted to store and they wanted, to protect those files.
So they had to start thinking of the concept of who am I and what is it that I'm trying to store.
At the same time we had had timesharing processes or batch applications
where an individual, again, on mainframes, wanted to run jobs in a predetermined time slot.
So who is that person and what is it they were trying to run?
And that's really where we started.
Now, as we move through the 70s and in the 80s, we started seeing more and more databases pop up.
We see applications popping up all over the place.
And these were all on a network.
And across that network, we started having more systems, more data, more people.
So we really had to understand who was in the system.
And what were they trying to do?
So we first had to start talking about how do we provision users?
And once we do that, we put them into a directory.
So we have to know who all of our users are.
And if we know who the users are, we had to started talking about authenticating them.
So we know, do we really know who this individual is?
And then once we knew that, what access did they have to things within our system?
And so we have this whole.
Environment around our enterprise, looking at all the ways that an
individual can interact with the systems and processes within that.
Then of course we had it where we had people now outside
of the enterprise that were coming through a firewall and trying to dial in.
We had to understand who they are and what they're trying to do.
And then we started blocking in SaaS systems that became part of our entire environment.
And again, who are the users?
What can they do?
And this is really the evolution of our modern.
Identity Governance Environment.
Now we have to look at agents.
So they have started to pop up within our systems.
So the first thing that we kind of see happening is that we see a person that's interacting with a chatbot.
It is really a gen AI system, and they interact with data and they bring that back.
That's great.
This is stuff that's kind of been going on since the early 2000s
as we start evolving agents and getting them more integrated in our system.
But what we're seeing today as we start looking at agentic systems,
is we have a lot of agents that are starting to proliferate
throughout the environment and they're interacting on all sorts of interesting ways.
So what does that mean?
What does it mean from an identity perspective?
Well, in one sense, they're not really human.
I mean, they don't behave completely like a human, but they have a lot of human characteristics.
If we look at non-human identities, so we have individuals that...
Interact with an application, it may pull data, and we build these process flows through our systems,
and there's ways that we connect through APIs and build our processes.
And these are non-human systems, but agents are more autonomous.
They're really not non-humans systems either.
So they're really non-human, they're not nonhuman, so what are they?
So the first thing we kind of need to really talk about is what is the difference with an agent?
And how do they behave differently from what we are used to in our systems?
So the first kind of set of things that we look at when we think about agents
and how they behave different is the first thing that makes them really kind of different is that they are dynamic entities.
They also have complex handoffs.
And they also do complex interactions.
All right, so what does that actually mean?
So if we think about it, if we go back to our environment and the area that we're really kind of used to,
again, we have these process flows that kind of run along the bottom here.
And these are deterministic process flows, and they're reasonably static and structured systems.
We know exactly how the system is gonna act and operate across that process.
But as we start thinking about agents and agentic flows, they're more dynamic.
Yes, you may talk to this agent and get a response back, but this
agent may need to go talk to this agent so you have a complex handoff,
and this agent might need to talk to that to do something.
And then the next time you do a prompt and you say I'm looking for some sort of a business answer,
this agent maybe route over here, which then routes over here and takes some sort of action.
And then next time through it may come down here again and then go this direction.
So it's very dynamic, and there's a lot of different handoffs that happen,
and so this is why they're not really our static process flows,
they're really starting to be unstructured and more dynamic business process flows.
And they're also having to do interactions with systems, with private data,
with personal data, with public data, with sensitive systems.
And so all of this makes all these interactions very complex,
and that's one of the things that makes them very, very different from
how we look at, you know, either human or non-human identities.
The other thing that you have to take into consideration is that they're also adaptive.
And what this means is the flow through is going to be different.
They're going to adapt to the environment.
They are
autonomous systems or autonomic agents, and being autonomic,
they're going to make choices about which direction they need to go
within the parameters that are defined for them to operate.
So it's going to be changing all the time.
Now they still have a task to perform.
They have to decide and they have to make decisions on the fly which path that that's to go.
And we want that to operate in a really Define way to a certain extent
so that we don't get a HAL 9,000 going off and doing things that are rogue, and we don't want them doing
so this is where the governance piece of this starts coming in. So the question is then what is our strategy?
What do we know today about how we want to govern?
Agent identities and agentic systems.
So it kind of comes into a set of things that we wanna make sure we're doing.
The first thing that we do is that we want to make sure that we have a unique identity for agents.
Like I said, they're not really human.
They're not non-human.
I mean, they are non-humans, but they don't behave like our traditional non-human identities.
So they need to be unique.
We need to know that this is an agent.
There's actually.
Government regulatory requirements that actually you have to identify that it's an agent.
So you need to know this.
So this is, you have provision them uniquely
and you have authenticate them, much like you do anything else, but unique to that agent.
So that's the first thing.
Make sure you have a unique identity.
The second piece actually starts getting into access.
When we start thinking about governance and identity governance, how do we do access?
So the first thing that you really need to do is make sure that you have context aware access.
And what this is saying is yes, we have a dynamic nature in the way that these things operate and it's very adaptive.
So when you're providing access to systems and to data and to the parts of your enterprise,
you have to make sure you understand the context of which the agent wants to interact with something.
So that's very important if you're going to allow access or not.
The other thing you need to make is sure is that you also think about ephemeral access.
And this also ties back to the dynamic and adaptive nature of this.
It's always changing.
So the kind of access you had the last time an agen
t operated on something may be different from the next time that it operates.
So you don't keep a consistent access control flowing through.
You really want to change it every time.
So ephemeral really talks about the timing, and it's really just-in-time access.
Every time an agent works through a flow that it is working on in an agentic flow,
you need to evaluate the context of it and do it for that flow only.
If you think of a way human identities work, we pretty much,
you know, we see a lot of role-based access controls and other access control models,
but you pretty much are consistent for a extended period of time of what you're allowed to do.
When we think of agents and agentic systems, that's not the same.
We really wanna evaluate every time an agent is taking an action.
The next thing that we wanna really look at or we want to do as a
strategy when we're governing these things is make sure that we do segmentation
and isolation of our agents.
So what this is really talking to, and then especially as we're emerging and how to govern these,
we look at this agent and what it's allowed to do.
And we really restrict it to a small set of things, right?
This agent can't decide that it's going to go talk over here or talk over there.
It really has the function and task of a pretty narrow space of where it's allowed to operate.
This really reduces the attack service.
It really kind of isolates this.
So if that agent were to be compromised in any way, the system that it can interact with is really limited.
So segmentation and isolation are very important when we start thinking about agents and what they're allowed to do.
And then of course, the final thing that we always want to think about is observability.
Make sure that we know what the agents are doing, what actions they're taking.
We always have transparent observability into those, which makes us audit ready and a lot of other great things.
So if we start looking at where agentic flows and where agents are going,
and we start thinking about how we want to express their identities,
these are the things that you need to be doing today to make sure that you're properly governing
and protecting your enterprise as you start evolving into agentic systems. Thank you.