Millions of employees use Okta to access applications and other services every day.
Soon, AI agents may need the same access. Okta CEO Todd McKinnon said the company is looking at ways to ensure security as humans potentially shift digital responsibility to AI agents.
He advocated a kind of kill switch if or when things go awry.
In an interview with The Verge’s “Decoder” published Monday, McKinnon described AI agents as a new class of digital workers, agents that can access systems, move data, and perform actions across an enterprise’s software stack. Companies are increasingly experimenting with AI agents to automate workflows, build software, and even handle physical tasks.
This kind of power requires strict parameters, McKinnon said.
“You need a system to track agents, define their roles, define their permissions, define what they can connect to and do,” he said, adding that companies will also need the ability to “pull the plug” if an agent misbehaves.
Okta’s proposal doesn’t completely end AI agents. Instead, he argues, the kill switch minimizes agents’ access to sensitive data.
Harish Pari, Okta’s senior vice president of AI security, told Business Insider that the risks are already apparent.
“Every organization is deploying AI agents,” he said. “But to actually do their jobs, agents need access to sensitive systems and data, which creates new attack vectors.”
Okta says that while productivity increases, the risks are just as significant and require thoughtful boundaries, including a big red button. On March 15, the company published a press release titled “Blueprint for the Secure Agent Enterprise.” In it, Okta said companies using AI should be able to “immediately revoke access from any system to contain risk.”
The framework also requires real-time enforcement of data sharing permissions, human approval of risky actions, and detailed audit logs that track all agent decisions and access attempts.
Octa is not alone. In early 2024, California Sen. Scott Wiener proposed an AI regulation bill that would require companies to build in failsafes. The bill had the support of AI advocate Elon Musk until Gov. Gavin Newsom vetoed it later that year.
Still, McKinnon told the Decoder it’s important for private companies to build their own failsafes.
“Things are going to go wrong, and there are going to be issues and threats and quick injections,” he said, explaining that it’s important to prevent agents from accessing data during a crisis. “It’s like taking a machine off the network.”