Legacy identity stacks and AI-ready workplaces: what changes now?

TL;DR: Legacy on-premises identity and device tools create visibility gaps, VPN friction, and siloed controls that slow hybrid work and complicate AI adoption, according to JumpCloud. A cloud-native, unified access model shifts the conversation from tool sprawl to identity governance and Zero Trust execution.

NHIMG editorial — based on content published by JumpCloud: Moving Beyond Microsoft for a Modern Workplace

By the numbers:

• 70% of organisations grant AI systems more access than they would give a human employee performing the exact same job.
• Only 44% of organisations have implemented any policies to manage their AI agents, despite 92% agreeing that governing AI agents is critical to enterprise security.
• 69% of security leaders agree identity management must fundamentally shift to address agentic AI systems.

Questions worth separating out

Q: How should security teams modernise identity governance for hybrid work and AI adoption?

A: They should start by removing access paths that depend on fixed office networks or separate admin planes.

Q: Why do legacy identity stacks create more risk in AI-first environments?

A: Legacy stacks fragment authentication, device management, and authorization, so teams cannot see the full context of an access decision.

Q: What do teams get wrong when they lift and shift identity systems to the cloud?

A: They often preserve the same workflows, trust boundaries, and administrative silos in a new hosting model.

Practitioner guidance

• Map every access path that still depends on perimeter assumptions Inventory where users still need VPNs, internal servers, or location-specific routing to reach core applications.
• Unify identity and device policy enforcement Bring directory state, endpoint posture, and authorization into one operational view so administrators can see whether access is safe without switching between disconnected tools.
• Treat AI rollout as an access governance programme Require explicit authentication, device assurance, and authorization rules for any AI tool that touches business systems, then review those controls as part of the rollout plan rather than after deployment.

What's in the full article

JumpCloud's full blog post covers the operational detail this post intentionally leaves for the source:

• How JumpCloud and Google Workspace position cloud-native identity and collaboration together for modern workplace design
• The specific operating model changes behind moving beyond Microsoft-centric legacy architecture
• Practical details on reducing tool sprawl, helpdesk overhead, and access friction in hybrid environments
• How the session frames Gemini Enterprise and other AI tools inside a Zero Trust access model

👉 Read JumpCloud's analysis of moving beyond Microsoft for a modern workplace →

Legacy identity stacks and AI-ready workplaces: what changes now?

Explore further

View Full Forum →  |  NHI Foundation Course →