Rethink privileged access for machines

Peter Senescu argued on May 14 that privileged access management programs need to be rebuilt around machines and AI agents, not just human administrators, in a SecurityBoulevard article. Senescu wrote that cloud services, software pipelines, containers and autonomous agents now perform a large share of sensitive activity inside enterprise environments. He said older identity and privileged access models were built for a smaller set of known users and relatively static systems, a pattern he said no longer matches modern infrastructure. Microsoft and Google are already documenting that broader identity model in their cloud platforms. Microsoft says workload identities are identities assigned to software workloads such as applications, services, scripts and containers so they can authenticate to other services. Google says workloads can use service accounts, federated identities, managed workload identities and, for agentic workloads, agent identities tied to the lifecycle of the agent. (securityboulevard.com) ### Why are machines being treated like privileged users now? Senescu wrote that the most active “users” in many organizations are systems, not employees. Applications call APIs, pipelines deploy code, containers start and stop, and services authenticate to one another continuously, he said, with each interaction depending on some form of privileged access. He added that many of those identities remain lightly governed, with embedded credentials, shared secrets and inconsistent lifecycle management. (learn.microsoft.com) Microsoft’s documentation uses similar language, separating human identities from machine or non-human identities. It says workload identities represent software workloads, while device identities cover desktops, mobile devices and internet-connected equipment, placing both under the machine-identity category. ### What changes when AI agents start taking actions on their own? Senescu wrote that AI adds another layer because agents are moving beyond assistance into independent action, including retrieving data, executing workflows and making decisions. (securityboulevard.com) Those agents require access to systems and services, often with elevated privileges, he said, changing the nature of access from a security standpoint. (learn.microsoft.com) CyberArk made a similar case in an October 2025 blog post by Nick Curcuru. Curcuru wrote that AI agents now perform tasks such as resetting passwords, approving workflows, pulling HR data and orchestrating cloud infrastructure — work that previously required a human with privileged access. He said AI agents “hold credentials, trigger workflows, and make their own decisions,” and argued they should be governed as privileged identities. (securityboulevard.com) ### What are companies being told to do differently? Senescu’s article urged companies to treat non-human identities as first-class subjects of governance. That means inventorying service accounts and other machine identities, reducing reliance on embedded or shared secrets, using shorter-lived credentials and improving attribution so security teams can tell which machine or agent took which action, according to the article. (cyberark.com) Google’s cloud documentation describes one version of that shift. It says Workload Identity Federation lets workloads use identities authenticated through an external identity provider to generate short-lived credentials, while managed workload identities bind strongly attested identities to Compute Engine and Google Kubernetes Engine workloads. It also says agent identities are a more secure way to manage agent access than service accounts because they are Google-managed, attested and tied to the lifecycle of the agent. (securityboulevard.com) ### Where does that leave older IAM and PAM programs? Senescu wrote that the issue is no longer limited to password vaulting and policy checks for human administrators. He said the scope now extends into workload identity, secrets management and monitoring of machine-level activity across distributed environments. Microsoft’s guidance reflects that operational shift by pointing to managed identities and service principals for tasks such as giving GitHub Actions access to Azure subscriptions or allowing services to reach Azure resources without developers handling credentials directly. (docs.cloud.google.com) ### What should readers watch next? Google’s current IAM documentation says agent identities are available for agentic workloads and are designed to be tied to the lifecycle of those agents, while Microsoft’s workload identity guidance continues to define machine identities as a distinct security domain. (securityboulevard.com) Senescu’s May 14 article places those platform changes inside a broader push to redesign privileged access programs around non-human actors that now operate across cloud and automation stacks. (learn.microsoft.com)