Hybrid workforces move AI usage across managed laptops, personal devices, mobile apps, and off-network sessions. Each shift can bypass a different control layer, so the organisation loses visibility when identity, device, and network no longer align. That is why coverage gaps are architectural, not operational noise.
Why Hybrid Workforces Hide AI Control Gaps
Hybrid work is not just a location problem. It changes the control plane for AI usage. A single user may reach an AI service from a managed laptop in the office, a personal device at home, or a mobile app on public Wi-Fi, and each path can trigger different identity checks, device posture rules, and network controls. That is where blind spots form: the same person is no longer seen through one consistent security context.
This is especially risky when AI access depends on secrets, OAuth grants, browser sessions, or cached tokens that survive beyond the device or network that created them. NHIs are often the real enforcement point behind the scenes, so weak visibility into those identities becomes a security gap for the whole AI workflow. NHI research from The State of Non-Human Identity Security shows that only 1.5 out of 10 organisations are highly confident in securing NHIs, which helps explain why hybrid access often outpaces governance. Current guidance from CSA MAESTRO agentic AI threat modeling framework also treats context loss as a core design risk, not a side effect.
In practice, many security teams encounter these blind spots only after a token, session, or third-party integration has already been abused, rather than through intentional testing.
How It Works in Practice
Hybrid AI access breaks down because security controls are usually distributed across identity, endpoint, and network layers, but AI workloads move across all three. A managed laptop may satisfy device compliance and conditional access, while a personal device may only satisfy an identity prompt. A mobile app might skip browser controls entirely, and an off-network session may never pass through a corporate proxy. The result is not one obvious failure but a chain of partial visibility.
The operational problem becomes sharper when the AI system uses autonomous or agentic features. If an AI agent can call tools, retrieve data, or request actions on behalf of a user, static RBAC alone is too blunt. Best practice is evolving toward runtime decisions based on context, task, and risk, which is why frameworks such as Anthropic Project Glasswing and CSA MAESTRO emphasise intent-aware control paths. In that model, access is granted as JIT credentials, short-lived tokens, or scoped workload identity, not as standing secrets that survive all day. That aligns with the NHI principle in Ultimate Guide to NHIs — Standards: issue the minimum credential needed for the task and revoke it automatically when the task ends.
- Use workload identity for the AI service or agent, not just the end user.
- Evaluate authorisation at request time, not only at login.
- Limit secrets lifetime so tokens from a home device cannot persist into later sessions.
- Log both user context and NHI activity so the chain of action remains auditable.
That is why hybrid controls need to treat identity continuity as a design requirement, not a convenience feature. These controls tend to break down when the same AI workflow is accessed through unmanaged endpoints and consumer apps because the organisation loses a single authoritative policy point.
Common Variations and Edge Cases
Tighter device and session controls often increase friction, so organisations have to balance user experience against the need for reliable AI visibility. That tradeoff is especially real in bring-your-own-device programs, field work, contractor-heavy teams, and customer-facing apps where full device management is not always possible.
There is no universal standard for this yet, but current guidance suggests three common patterns. First, if the AI system is mostly interactive, use strong step-up authentication plus short session TTLs. Second, if the AI system is autonomous, prefer workload identity, JIT issuance, and policy-as-code controls that can be evaluated at runtime. Third, if the AI service connects to third-party tools, treat OAuth grants and API keys as critical NHIs and monitor them continuously. That matters because NHIs are often the hidden layer behind hybrid access, and research on the DeepSeek breach shows how exposed secrets can scale into broad data exposure when governance is weak. The same lesson appears in the Schneider Electric credentials breach: once credentials escape their intended boundary, location-based controls no longer matter.
Hybrid workforces are therefore not just a remote-access issue. They create divergent trust paths that demand Zero Trust Architecture, NHI rotation discipline, and runtime authorisation that can follow the workload wherever it runs.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 and OWASP Agentic AI Top 10 address the attack and risk surface, while NIST AI RMF set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Non-Human Identity Top 10 | NHI-03 | Hybrid work increases secret sprawl and stale credentials. |
| OWASP Agentic AI Top 10 | A1 | Autonomous AI needs runtime controls, not static session trust. |
| NIST AI RMF | AI risk management must account for shifting human and workload context. |
Assess hybrid access risk across governance, mapping, measurement, and monitoring.
