Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

AI in IT operations: what it means for identity and security


(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 9079
Topic starter  

TL;DR: AI is already improving tier-one support, deployment work, and scripting for IT teams, but it also forces a rethink of identity and access governance as AI agents begin calling services and handling sensitive data, according to JumpCloud. The practical shift is from treating AI as a productivity layer to governing it as an access-bearing actor.

NHIMG editorial — based on content published by JumpCloud: The Human Element of AI in IT: Upskilling, Security, and Strategic Problem Solving

Questions worth separating out

Q: How should security teams govern AI-assisted IT workflows without losing control of access?

A: Start by treating AI-assisted workflows as identity-managed paths, not as informal productivity aids.

Q: Why do AI-driven operations challenge zero trust assumptions in IT?

A: Zero trust assumes the control plane can continuously verify the actor that is making the request.

Q: What do IAM teams get wrong about AI in IT operations?

A: They often treat AI as a faster interface rather than as a new access pattern.

Practitioner guidance

  • Map AI-enabled workflows to real identity subjects Identify whether each workflow is executed by a human, a workload, or an AI-assisted process, and document which systems it can reach.
  • Separate approval, execution, and audit ownership Require a clear owner for each stage of an AI-assisted action so that human intent, machine execution, and security review are not collapsed into one account or one log stream.
  • Review zero trust assumptions around AI-mediated access Check whether existing zero trust controls assume a stable human user at the keyboard.

What's in the full article

JumpCloud's full blog post covers the operational detail this post intentionally leaves for the source:

  • The podcast discussion with Joel Rennich and Bradley Chambers on how AI is changing IT work
  • Examples of AI-assisted support and scripting use cases that frame the productivity argument
  • The source conversation's deeper discussion of security, zero trust, and human oversight
  • The career and upskilling angle for IT professionals adapting to AI-driven workflows

👉 Read JumpCloud's discussion of AI's impact on IT security and upskilling →

AI in IT operations: what it means for identity and security?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 8508
 

AI is turning IT productivity tooling into an identity governance problem. The article treats AI as a force multiplier for support, deployment, and scripting, but the security consequence is more important than the productivity gain. Once AI can initiate service interactions or influence operational decisions, it starts to behave like an access-bearing actor. Practitioners should read this as a shift in programme scope, not just a tooling upgrade.

A few things that frame the scale:

  • 70% of organisations grant AI systems more access than they would give a human employee performing the exact same job, according to The 2026 Infrastructure Identity Survey.
  • Only 44% of organisations have implemented any policies to manage their AI agents, despite 92% agreeing that governing AI agents is critical to enterprise security.

A question worth separating out:

Q: Who should be accountable when AI-assisted IT actions affect production systems?

A: Accountability should sit with the team that owns the workflow, not with the AI tool itself. The human sponsor, the platform owner, and the security function all need defined responsibility for approval, scope, and review. If no one can name the accountable owner, the access model is too weak for production use.

👉 Read our full editorial: AI is reshaping IT identity governance and zero trust controls



   
ReplyQuote
Share: