1Password today extended the reach of its Extended Access Management (XAM) platform to include an ability to secure artificial intelligence (AI) agents.
Additionally, 1Password later this year will extend the reach of XAM to unmanaged devices along with a strategic alliance with Drata, a provider of a platform that continuously monitors compliance with multiple regulatory frameworks.
1Password co-CEO Jeff Shiner said collectively these capabilities will make it simpler for cybersecurity teams to seamlessly extend an XAM framework that is already being widely used to manage passwords and credentials.
While it’s still early days so far as adoption of AI agents is concerned, each one will have a unique identity. Unlike humans, however, AI agents will need to be granted permissions to access services more dynamically for limited amounts of time versus the static set of privileges that are typically granted to a human employee, noted Shiner.
Rather than having to adopt and deploy a separate identity access management (IAM) platform for AI agents, 1Password is now making it possible via a software development kit (SDK) to programmatically manage credentials for both AI agents and humans at scale, he added. An Enterprise Password Manager then makes it possible to securely store AI agent secrets in a way that also generates an audit log.
In a similar fashion, 1Password is also extending the reach of XAM to ensure that any corporate application is being securely accessed, regardless of what device is being used. Many end users today, for example, routinely use their smartphones to access both personal and corporate applications. Cybersecurity teams, starting in June, can now rely on XAM to ensure corporate applications are being accessed by authorized end users without impacting any of the personal applications that might also be installed, said Shiner.
Additionally, a 1Password Access Governance tool will be added this Fall that makes it possible to discover usage of shadow IT services, automate access reviews and eliminate wasted spending on redundant applications. At the same time, 1Password will add a unified hub to provide IT and security teams with greater visibility into how applications are being accessed from both managed and unmanaged devices.
Finally, 1Password will also make available in June an App Launcher tool through which end users will be able to access both managed and unmanaged business applications via a single click.
Collectively, those capabilities will enable IT and security teams to enforce policies beyond what might otherwise be feasible, relying solely on single sign-on technologies and mobile device management (MDM) platforms, said Shiner. That’s especially critical in an AI era where the number of shadow services being employed by end users is likely to exponentially increase, he added.
It’s not always clear who within organizations is responsible for authorizing access to applications, but ultimately, it is the cybersecurity team that will be held accountable anytime there is a breach. The challenge, as always, is finding a way to secure access to cloud applications in a way that end users will embrace rather than actively resist.
