Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

Model context protocol and A2A: what changes for IAM teams?


(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 9063
Topic starter  

TL;DR: Model Context Protocol and Agent2Agent protocols let foundation models move from answering questions to taking actions across tools and data sources, which Collibra argues raises the stakes for governed data, cross-functional use cases, and approved AI actions. The core issue is no longer model capability alone, but whether identity, data, and task context are controlled before AI systems can act.

NHIMG editorial — based on content published by Collibra: analysis of Model Context Protocol, Agent2Agent, and AI governance

Questions worth separating out

Q: How should security teams govern AI agents that can use enterprise tools?

A: Security teams should govern AI agents as delegated actors, not as simple chat interfaces.

Q: Why do data quality and access governance matter so much for AI systems?

A: Because AI output is only as trustworthy as the data it can reach and the context it is allowed to use.

Q: What breaks when AI workflow approval is left informal?

A: Informal approval breaks accountability.

Practitioner guidance

  • Classify every MCP-connected tool as a governed action endpoint Map each tool the model can reach to its data sensitivity, action type, and approval requirement.
  • Require business-context approval before enabling agent workflows Tie each AI use case to an approved business objective, accountable owner, and permitted action scope.
  • Track agent-to-agent delegation as a governance event Log every handoff between agents, including the source context, destination agent, and resulting action.

What's in the full article

Collibra's full article covers the operational detail this post intentionally leaves for the source:

  • The article expands on how model access to Gmail, JIRA, Confluence, and similar systems changes the control surface for AI.
  • It lays out the author’s own framing of the data and business-case “bookends” that make AI initiatives viable.
  • It provides the original argument for why AI actions taken on behalf of a human must be understood and approved in context.
  • It closes with the source author's perspective on building these controls scalably inside enterprise workflows.

👉 Read Collibra's analysis of Model Context Protocol and AI governance →

Model context protocol and A2A: what changes for IAM teams?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 8499
 

Model Context Protocol creates an action surface, not just a data-access surface. The article correctly shifts attention from model quality to what the model can do once it reaches enterprise systems. That is a governance change, not a tooling upgrade. When a model can send an email, update documentation, or interact with a ticketing system, identity controls must govern the action path as well as the query path. Practitioners should treat MCP integrations as delegated execution points, not passive retrieval connectors.

A few things that frame the scale:

  • 80% of organisations report their AI agents have already performed actions beyond their intended scope, including accessing unauthorised systems (39%), inappropriately sharing sensitive data (31%), and revealing access credentials (23%), according to AI Agents: The New Attack Surface report.
  • Only 52% of companies can track and audit the data their AI agents access, leaving 48% with a complete blind spot for compliance and breach investigation.

A question worth separating out:

Q: What is the difference between retrieval-based AI and action-capable AI?

A: Retrieval-based AI returns information, while action-capable AI can trigger changes in external systems. That difference matters because retrieval can usually be governed with data controls, but action requires identity controls, policy checks, and audit logging. Once a model can act, the security question shifts from answer quality to delegated authority.

👉 Read our full editorial: Model context protocol changes the governance model for AI agents



   
ReplyQuote
Share: