AI agents are the fastest-growing identity in the enterprise, but they remain largely invisible to traditional security controls. This has created an alarming identity gap that security teams are struggling to close.
In this series, we’ve spoken with Okta customers and product leaders about building a new blueprint for managing and securing their agentic workforce, particularly with solutions like Okta for AI Agents.
But what does it take to bring the blueprint for a secure agentic enterprise to life?
To get answers, we spoke with Accenture, a global systems integrator that helps enterprises deploy Okta solutions. Frameworks for managing agents are in high demand and can’t be deployed fast enough, according to Greg Callegari, a Managing Director in Accenture’s Secure and Responsible AI practice.
"The innovation is moving faster than security," he says. "People are looking for ways to use and deploy agents, and a lot of times the security organization or the security tools are not ready for that."
Bring AI out of the shadows
For most organizations, implementing a security strategy begins with a simple question: Where are my agents?
The rapid, often ungoverned, adoption of AI has led to a significant "shadow AI" problem. A 2025 UpGuard report found that over 80% of employees use unapproved AI tools, introducing unmanaged non-human identities, data exposure, and compliance risks.
"The biggest hurdle and really step one is discovery," Callegari explains. "This requires using a tool like Okta for AI Agents to discover the agents in your organization and the shadow AI that might exist. You can’t govern what you can’t see or you don’t know about."
Maintain control with a ‘kill switch’
Once you can see your agents, you need to be able to control them. Because agents operate with autonomy and at machine speed, a misconfigured or compromised agent can cause significant damage in seconds. This makes the ability to revoke access a non-negotiable.
A centralized "kill switch" helps ensure that if an agent begins to act erratically, its access can be shut off before it can cause widespread harm. This is a fundamental safeguard for any agentic system, according to Callegari.
“If an agent starts hallucinating or going rogue, being able to shut down that agent, remove all of its access, and cut it off from production in seconds is critical,” he says.
Build security in, don’t bolt it on
Discovering agents and controlling them are essential safeguards. However, the most effective security strategy is proactive, not reactive, according to Callegari. The goal is to prevent rogue agents from being created in the first place by providing developers with a secure path to deploy them.
"We’re recommending that organizations start with a secure framework for how to build agents," Callegari says. "Because if you have a secure framework, then every agent starts its lifecycle already registered in your identity governance system."
This approach avoids creating a separate control plane for agents. Instead, it extends the identity fabric organizations already use for their human workforce to their new agentic workforce. It allows them to protect agent connections with least-privilege access and govern agent behavior with access reviews, audit trails, and an instant kill switch.
"Don’t build a parallel universe for agents," Callegari advises. "Use your existing infrastructure and your existing cybersecurity tools, and extend your identity fabric to include agents."
The power of a neutral, standards-based approach
As enterprises build out their AI ecosystems, they will rely on more apps, systems, and vendors. A successful security model must work seamlessly across these different environments. This is where open standards become essential for secure, scalable interoperability.
One such standard is Cross-App Access, which helps trusted agents work across approved apps on a user’s behalf with less friction and more control.
"Cross-App Access is unique because it is an open standard,” Callegari says. “It’s not tied down to a single vendor. It's a universal solution for securing integrations at scale."
An ‘enormous’ opportunity
"The opportunity with agents is enormous. But that's also why the risk is enormous," Callegari says. For enterprises, this new reality also creates a profound sense of déjà vu. The challenge ahead mirrors the one they have spent the last two decades solving.
As Callegari puts it: "Every agent you deploy is a new identity in your enterprise. And most enterprises and organizations have spent the last 20 years locking down human identities."
Fortunately, the path forward does not necessarily require a new security paradigm, but an extension of one that has proven effective. By treating agents as first-class identities within a unified governance platform, organizations can apply the same rigor and control to their machine identities as they do to their human ones, ensuring that security and innovation can advance together.
