Notifications
Clear all
Topic starter
07/06/2026 8:17 pm
TL;DR: A Teleport survey of over 200 infrastructure and security decision-makers found 69% believe widespread AI adoption will require major changes to identity management, according to Teleport. The article argues autonomous agents break legacy models built on passwords, API keys, and long-lived secrets, and the governance shift is from static credential control to unified, cryptographic identity with auditable, short-lived access.
NHIMG editorial — based on content published by Teleport: AI Infrastructure Needs an Agentic Identity Framework
By the numbers:
- In a recent Teleport survey of over 200 infrastructure and security decision-makers, 69% said widespread AI adoption will need significant changes to how identity is managed.
Questions worth separating out
Q: How should security teams govern AI agents that can act across multiple systems?
A: Treat each agent as an identity subject with an owner, scope, and lifecycle.
Q: Why do static secrets and long-lived service accounts create extra risk for AI agents?
A: Because agents do not behave like fixed scripts.
Q: What do security teams get wrong about least privilege for autonomous systems?
A: They often set privilege at provisioning time and assume it will remain correct.
Practitioner guidance
- Define the agent as a first-class identity subject. Catalogue every AI system that can initiate actions, select tools, or access production data, then assign an owner, policy boundary, and lifecycle state to each one.
- Eliminate long-lived secrets from agent workflows. Replace static API keys, shared tokens, and reusable passwords with short-lived, cryptographically issued access that is bound to a specific task and execution context.
- Fold agents into the same discovery plane as NHIs. Use one inventory for service accounts, workloads, MCP endpoints, and agents so access review, logging, and offboarding do not depend on which team deployed the actor.
What's in the full article
Teleport's full blog post covers the architectural detail this analysis intentionally leaves at the governance level:
- The framework's proposed identity layer for humans, machines, workloads, and agents in one model
- The design principles behind cryptographic identity, ephemeral access, and real-time auditability
- The vendor's view of how standards-driven reference implementations could be operationalised by platform teams
- The practical packaging of SDKs and integrations for teams evaluating agent deployment patterns
👉 Read Teleport's analysis of agentic identity and production AI readiness →
AI agent identity frameworks: are your controls ready for production?
Explore further
View Full Forum → | NHI Foundation Course → | Our Services →
07/06/2026 10:07 pm
Static identity was designed for actors whose access could be reviewed after issuance. That assumption fails when the actor is autonomous because it can select tools, alter execution paths, and complete actions faster than a review cycle can observe. The implication is that governance must stop treating agent access as a stable entitlement state and start treating it as a transient runtime condition.
A few things that frame the scale:
- Only 52% of companies can track and audit the data their AI agents access, leaving 48% with a complete blind spot for compliance and breach investigation, according to AI Agents: The New Attack Surface report.
- 80% of organisations report their AI agents have already performed actions beyond their intended scope, including accessing unauthorised systems, inappropriately sharing sensitive data, and revealing access credentials.
A question worth separating out:
Q: Who should be accountable when an AI agent exceeds its intended scope?
A: Accountability should sit with the team that owns the agent, its policy boundary, and its access lifecycle. If no one can prove who granted the permissions, how they were limited, and when they expire, then the organisation has a governance gap, not just a technical incident.
👉 Read our full editorial: AI agent identity frameworks need cryptographic trust, not static secrets
