Microsoft Agent 365: Strengthening AI Security
Le brief IA que les pros lisent chaque soir
Les 7 actus IA du jour, décryptées en 5 min. Gratuit.
Inclus dès l'inscription : notre sélection des meilleurs guides & comparatifs IA.
Choisis ton rythme
Gratuit · Pas de spam · Désabonnement en 1 clic
Microsoft recently unveiled Agent 365, a centralized dashboard designed to help IT teams monitor and manage AI agents within enterprises. This tool aims to provide visibility into the permissions and security risks associated with these agents, in order to prevent them from becoming internal threats to corporate systems.
Rapid Proliferation of Machine Identities
One of the major challenges companies face is the rapid proliferation of machine identities compared to human users. On average, 82 machine identities are created for every human user, often with high network access privileges. This proliferation poses a significant governance and security challenge for Chief Information Officers (CIOs) and Chief Information Security Officers (CISOs).
Critical Need for Visibility and Control
The speed at which new AI agents are deployed creates an urgent need for visibility and control. Without a clear understanding of what these agents are doing or even their existence, it becomes impossible to manage them effectively. To illustrate the magnitude of this problem, an analogy with air traffic is used: when airplanes were few, pilots could navigate visually. Today, with a crowded sky, air traffic control is essential to avoid chaos.
Agent 365: A Unified Control Dashboard
Microsoft's Agent 365 functions like an air traffic control center for AI agents. It allows for the coordination of agents that often operate discreetly within corporate networks. According to Vasu Jakkal from Microsoft, without such a dashboard, IT and security teams lack adequate visibility and protection, especially since these teams often work in silos. She emphasizes that understanding existing agents, their behavior, access, and potential security risks is crucial.
Identity and Access Management
Agent 365 introduces identity and access controls for AI agents. With Microsoft Entra Agent ID, each agent is assigned a unique identity, similar to an employee badge. This system allows for tracking agent activity, managing permissions, and preventing exposure of sensitive data. The Agent Registry, integrated into the Microsoft Admin Center, maintains an inventory of agents, thereby facilitating their management and security.
Agent 365 provides centralized visibility into all AI agents managed within an organization, including those developed by Microsoft and those from the partner ecosystem. Through this mechanism, IT teams can track, observe, and analyze the performance, usage, and activity of agents through detailed reports and agent mapping.
Enhanced Identity and Access Controls
Within Agent 365, Microsoft Entra Agent ID assigns each AI agent a unique identity within the corporate environment. This is akin to a badge for AI agents. Identity protection and conditional access policies extend existing controls, ensuring secure and effective management of AI agents.
Brief IA — L'actualité IA en français
L'essentiel de l'actualité de l'intelligence artificielle, décrypté et expliqué chaque jour.