The era of agentic artificial intelligence (AI) poses new challenges and risks not only for enterprises but also for end users. Its autonomy opens risks as it may go beyond its intended use if left unmanaged.
This is one of the challenges Microsoft Agent 365 hopes to address. With a unified control panel or dashboard, IT security professionals can gain visibility into agents’ activities. This allows them to step in if agents veer away from their intended functions.
“Unmanaged agents may create significant risk, from accessing resources unchecked to accumulating excessive privileges and being misused by malicious actors,” Vasu Jakkal, corporate vice president, Microsoft Security, said in a blog post. “With Microsoft Entra capabilities included in Agent 365, you can secure agent identities and their access to resources.”
Agent 365 can also help IT teams track how many agents they have deployed across Microsoft AI platforms, ecosystem partner agents, and those registered through application programming interfaces (APIs).
One of its important features is the ability to monitor agent behavior, performance, and user metrics. This enables IT teams to determine when human intervention is needed, especially if agents begin to pose security risks.
Microsoft Purview, on the other hand, is designed to provide comprehensive data security and compliance coverage for agents.
“You can protect agents from accessing sensitive data, prevent data leaks from risky insiders, and help ensure agents process data responsibly to support compliance with global regulations,” Jakkal said.
AI inference is another important component of Microsoft Purview. It ensures agents recognize Microsoft 365 data sensitivity labels and follow the same rules as users when handling sensitive data, helping prevent agent-led data leaks.
Communication Compliance also extends to agent interactions to detect and enable human oversight of risky AI communications. This allows organizations to apply their code of conduct and data compliance policies to AI-driven communications.
“With Agent 365, we are extending these enterprise-grade capabilities so organizations can observe, secure, and govern agents and deliver comprehensive protection across agents and users with Microsoft 365 E7,” Jakkal said.
