Thoughts

Short updates, quick tips, and musings that aren't quite long enough for a blog post.

How do we maintain granular authorisation boundaries when our serverless agentic workflows increasingly rely on third-party identity fabrics?

The convergence of Gemini Enterprise Agent Platform and Okta’s identity governance signifies a critical shift in how we must approach the security of our AI-powered workforce. We are moving away from traditional, perimeter-based security toward a model where identity is the primary control plane for every agentic interaction. As we architect serverless infrastructures on Google Cloud, the requirement to embed authentication and access controls directly into agent workflows, without resorting to bespoke, unmaintainable code, is no longer optional.

This integration highlights the necessity of centralising visibility and policy enforcement, ensuring that our AI agents operate within the same strict governance frameworks that define our human user access. The fundamental architectural principle here is the transition to "identity-aware" agent operations, where the agent's actions are cryptographically bound and policy-enforced in real time.

To realise this vision on Google Cloud, we must establish three key security pillars:

  • Cryptographic Identity Binding. Every serverless agent action must be tied to a short-lived, cryptographically verifiable token. By mapping Gemini Enterprise Agent Platform identities to Google Cloud IAM and Okta via OIDC/OAuth 2.0 token exchange protocols, we can verify the agent's context (and the delegating user's context) at every invocation boundary without relying on long-lived secrets.

  • Centralised Audit and Visibility. In an agentic workforce, audit logs must capture not just who triggered a workflow, but how the agent made decisions. Feeding token exchange logs, Gateway evaluations, and Cloud Logging streams directly into a centralised SIEM allows security teams to correlate agent behaviour with identity policies, ensuring absolute visibility and compliance.

By treating identity as the ultimate security boundary, we can confidently deploy autonomous agents that respect organisational trust boundaries and scale securely.

0

Are we finally moving beyond the 'Agentic Hype' phase and into the era of operationalised, sovereign agent deployments?

The announcement of the FactSet partnership with Google Cloud underscores a pivotal shift in how we architect AI-native systems. We are moving away from stateless, prompt-response interactions towards long-term, stateful agents capable of managing complex business processes like deal advisory and corporate finance. This evolution requires moving beyond simple LLM implementations and embracing a holistic platform approach that prioritises governance, memory, and, most critically, identity. As we integrate these agents into our existing cloud infrastructure, we must treat them not as ephemeral scripts, but as first-class principals within our identity and access management (IAM) frameworks.

To build reliable agentic systems, we must adhere to three foundational architectural principles that treat security as an inherent property of the agent lifecycle rather than an afterthought.

✔️ Identity-Centric Agent Governance. Agents require a verifiable, unique cryptographic identity to interact securely with cloud resources. By leveraging new Agent Identity principals, distinct from human users and service accounts, we can enforce granular, least-privilege access using Identity-Aware Proxy (IAP). This ensures that even if an agent operates autonomously, its scope of action is strictly bounded by auditable IAM policies.

✔️ Unified Security Policy Enforcement. The integration of Google Cloud with Okta for AI Agents effectively bridges the gap between enterprise identity governance and agentic execution. By delegating real-time authentication to Okta through the Google Agent Gateway, we can enforce uniform security posture across browser-based work, mobile, and desktop environments, ensuring that agentic autonomy does not create unmonitored security gaps.

✔️ Serverless Agent Runtime Orchestration. With the new Agent Runtime capabilities, we must prioritise low-latency, high-scale execution by leveraging sub-second cold starts and long-running operations. Moving agents to a fully managed, serverless platform allows us to decouple our business logic from the underlying infrastructure, effectively treating the 'agent' as the unit of scale and management, rather than the container or VM.

Ensuring these systems remain secure requires a shift towards active observability and guardrails. As we scale, the focus must remain on implementing human-in-the-loop approvals for sensitive, irreversible actions, and leveraging new defensive tools like Agent Gateway to prevent data exfiltration and prompt injection. We are building the connective tissue between our data and the agents that act upon it; our success depends on the rigour of the identity and governance framework we place around those agents today.

0

How does the shift towards persistent, stateful, and autonomous agentic workflows fundamentally change our requirements for perimeter-based security versus identity-centric governance?

The transition from stateless conversational bots to stateful, multi-agent orchestrations, as seen with the evolution of the Gemini Enterprise Agent Platform, requires us to rethink the standard serverless architectural model. We are moving beyond simple function execution to persistent, 24/7 background agents that require their own distinct identity, lifecycle management, and verifiable context. This architectural pivot, which leverages the Agent Runtime for long-running operations and memory-banked persistence, effectively moves the security boundary from the network perimeter to the identity of the agent itself. By integrating Okta’s identity governance with Google’s Gemini Enterprise Agent Platform, we gain the ability to map every agentic action back to a verified human owner, effectively bridging the gap between legacy enterprise IAM policies and modern, autonomous AI execution environments.

Adopting these advanced patterns demands a shift in how we approach secure execution and authorisation, moving towards a framework where security is embedded in the agent's identity rather than just the service account. We must treat AI agents as first-class principals within our IAM infrastructure, enabling granular control over the data and systems they access, thereby minimising risk while maximising the utility of agentic automation.

✔️ Cryptographic Agent Identity (SPIFFE Compliance). Moving beyond static service accounts, we are deploying agents with unique, cryptographically protected identities based on the SPIFFE standard. This ensures that every action, whether autonomous or user-directed, is fully auditable and verifiable, preventing unauthorised privilege escalation within our Google Cloud environment.

✔️ Context-Aware Governance via IAP and Agent Gateway. By utilising Identity-Aware Proxy (IAP) integrated with the Agent Gateway, we enforce access policies that go beyond network boundaries, evaluating real-time contextual signals such as device health, location, and the specific Model Context Protocol (MCP) attributes of the request. This creates a robust "air traffic control" system for our AI ecosystem, ensuring that only approved tools and agents interface with our critical data backends.

✔️ Human-in-the-Loop (HITL) for Sensitive Orchestration. We are implementing Unified Access Policies (UAP) that mandate human approval for high-risk operations, effectively neutralising the risk of autonomous "runaway" agents. This integration with Okta ensures that even when an agent operates in a background session, its capabilities are strictly bound by the permissions of its linked human owner and our organisational risk posture.

The convergence of Gemini Enterprise Agent Platform and Okta IAM offers a path towards a truly hardened, secure-by-design environment where agents act not as black boxes, but as governed, accountable participants in our enterprise workflows. We are effectively maturing from "testing" agentic potential to "productionising" high-stakes autonomous systems.

Given our current trajectory towards full autonomy in our CRM and data pipelines, how are we planning to audit the "intent" of agents that utilise long-term memory banks to make decisions based on historical data rather than just real-time input?

0

AI agents aren’t the risk. Unmanaged identity is.

They’re accessing systems, making decisions, and acting on behalf of users.

I’m proud to share that today, Okta is closing the security gap with the launch of Okta for AI Agents. We're bringing governance, control, and security to the agentic era. Check it out now! #OktaSecuresAI

0

What happens when AI agents outnumber your employees?

This question needs serious attention now. With Google Cloud partnering with Thoma Bravo to bring AI capabilities to over 115 companies and Technogym rolling out Gemini Enterprise on a global scale, the number of non-human identities is growing rapidly.

This presents a significant identity challenge because traditional IAM solutions weren’t designed for this emerging, autonomous workforce. Many of these AI agents behave unpredictably, unlike typical service accounts, which challenges established security frameworks.

Here’s what I’m observing:

✔️ Continuous Operation: AI agents don’t simply “log in” and stay put. They run around the clock, making independent decisions and interacting with multiple APIs. Security needs to focus on ongoing, real-time authorisation, not just a single checkpoint.

✔️ Probabilistic Behaviour: The next action an AI agent takes is often not predetermined, influenced by both its training data and live inputs. Authorising such unpredictable actions demands a dynamic risk evaluation approach.

✔️ The Governance Gap: Often, human identities are managed within Okta and workload identities within Google Cloud, but there’s frequently a disconnect between the two. Without an integrated view, governing AI agents that cross both environments becomes complex.

Bridging the governance of Okta’s human identities with Google Cloud’s workload capabilities is essential. This integration strengthens security across the evolving landscape of automated agents.

If you can’t estimate how many AI agents are operating in your cloud environments today, it’s a clear signal to revisit your identity strategy. 🚀

#IdentitySecurity #GoogleCloud #Okta #AI #IAM #ZeroTrust #CloudSecurity

0