Get ahead of agent sprawl: manage and govern AI agents at scale

Recently, my team and I had the opportunity to meet with clients from diverse sectors like finance, retail, telecommunications, and the public sector, all discussing the adoption of AI agents. From these conversations, a few important themes emerged. While we’re witnessing rapid growth in AI agent adoption, it’s crucial to incorporate governance from the very beginning, ensuring that it’s tailored for the swift rise of these agents. Many customers see agents appearing in their admin portal, but they lack accountability, lifecycle management, and proper access controls, raising serious security risks.

Without clearly defined ownership and access boundaries, risks can escalate rapidly without any transparent insights into what these agents can access or what actions they can perform.

From an identity standpoint, agents can authenticate, access various resources, and take action. According to the Secure Access in the Age of AI report, security leaders must look for ways to manage, govern, and protect agent identities with the same level of diligence as they do for human identities, especially as they scale across the organisation. Unlike traditional applications, agents don’t fit neatly into existing categories. Sometimes they act as assistive agents, while at other times, they behave more independently. As models and workflows evolve, these agents can develop new abilities, impacting what they can achieve over time.

Without a distinct agent identity, customers find it challenging to answer crucial questions such as:

• Which agent identity is active?
• What resources can it access?
• What actions has it taken?

These questions highlight a significant gap in traditional identity management. As agents assume more responsibilities across various workflows, treating them merely as applications or extensions of a user’s identity is no longer effective. Agents should be recognised and managed as primary identities. Microsoft Entra Agent ID establishes a solid identity foundation that applications and platforms can seamlessly integrate with, allowing agents to authenticate, access resources, and be governed with familiar identity controls.

When platforms connect with Entra as their identity provider, organisations gain better visibility into which agent is acting, what it can access, and how its permissions adapt as models and workflows change. Based on this foundation, Microsoft Entra Agent ID is centred around three key pillars, helping organisations manage AI agents on a large scale, govern agent identities and their lifecycle, and protect agent access to resources.

Organisations consistently grapple with the initial hurdle of gaining visibility into the AI agents functioning within their environment. Our research shows that 80% of leaders believe AI agent usage has surged in the past year, highlighting the necessity for a clear overview of which agents exist across the organisation. Microsoft Agent 365 is designed specifically to act as the control hub for AI agents, directly addressing the challenges of agent management. With Microsoft Agent 365, organisations can streamline the management of AI agents within their environment. Its agent registry provides a comprehensive inventory of all active agents, including those from Microsoft and other partners.

To ensure clarity, when you start using AI agents, here’s a quick guide to managing them:

1. Set up an agent registry to track all active agents.
2. Regularly audit agent permissions and capabilities.
3. Designate a responsible individual for each agent.
4. Establish a review process for ongoing monitoring.
5. Remove access for agents that are no longer needed.

Get complete visibility across all agents within your organisation, including those built with Microsoft AI platforms, agents from our ecosystem partners, and any agents you register yourself.

Central to Microsoft Entra Agent ID is the agent blueprint. The agent identity blueprint acts as a reusable template for creating agents. It outlines how agents are built, authenticated, and governed, while still allowing individual agents to be managed independently when necessary. This blueprint enables security teams to apply consistent access controls for each agent created from it.

Once your agents are operational, a significant challenge organisations encounter is governing agent identities effectively at scale. As teams experiment with deploying agents in different environments, agent numbers can multiply quickly, often without consistent oversight or retirement processes.

To manage identities effectively, automated lifecycle management is essential to counter agent sprawl. This entails assigning a dedicated sponsor for every agent, enforcing policies on how agents should be created and reviewed, and automatically revoking access when agents are no longer active. Without these automated controls, inactive agents can linger and retain access even after their purpose has ended, which raises security concerns and adds to administrative challenges.

Microsoft Entra Agent ID assists organisations in implementing identity governance practices throughout the entire agent lifecycle, from creation to decommissioning, ensuring agent growth remains purposeful, logged, and manageable as environments expand and grow complex.

Entra Agent ID supports structured governance by allowing organisations to:

• Identify orphaned agents and ensure accountability by having a responsible human for every agent, maintaining oversight even when staff move on from the organisation.
• Automate agent lifecycle management from creation to deactivation to help prevent agent sprawl.
• Ensure access to agents is purposeful, traceable, and time-limited with the use of access packages.

Identify unused agents and automate sponsor assignments.

Another significant concern organisations face is maintaining operational control as agents evolve. Our recent whitepaper, Protect Identities in the Era of AI, indicates a sharp increase in identity-based attacks as companies adopt cloud and AI technologies. As agents gain new skills and interact with a wider range of resources, organisations must be assured that access remains secure and adaptive.

Entra Agent ID extends familiar identity controls to agents, empowering organisations to:

• Implement Conditional Access policies specifically designed for agents, enforcing requirements based on agent identity and access.
• Automatically block agent access when risk signals are detected, such as spikes in sign-in attempts or unusual resource access patterns.

Apply Conditional Access for agents: Ensure Conditional Access policies are implemented with tailored security attributes and assessments of agent compromise risks.

Enterprise environments vary greatly, with organisations developing agents across Microsoft platforms as well as a wide variety of non-Microsoft frameworks and tools. To cater to this diverse landscape, the Microsoft Agent 365 SDK enables developers to enhance agents built with any agent SDK or platform, facilitating enterprise-ready identity management, observability, security, and governed access to Microsoft 365. By integrating with Microsoft Agent 365, the SDK assists organisations in onboarding and managing agents from any source while applying consistent management and identity controls.

For more information about Microsoft Entra Agent ID and how it helps organisations secure access for AI agents, feel free to explore further.

 – Ngozi Nwoko, Director of Product Marketing, IDNA

Related resources:

 Learn more about Microsoft Entra