← Back

Your AI Agents Are Acting As You. Literally.

4 min · April 2026
Originally published on LinkedIn

Your AI agents are acting as you.

Not metaphorically. Literally. When your Copilot agent sends an email, edits a spreadsheet, or queries a database, it does it under your identity. Your credentials. Your permissions. Your audit trail.

Microsoft's Agent 365 launches May 1st. Agents operating "on behalf of" users will use the user's licensed identity. The "AI teammate" scenario — agents with their own mailboxes, their own OneDrives, their own identities — is still in preview. Not GA. Preview. Extended to December 2026 because it isn't ready.

This means every enterprise deploying Copilot agents right now has a gap: autonomous software acting with human permissions, but no human in the decision loop.

RSAC 2026 just confirmed what anyone deploying agents in production already suspected. 70% of recent identity incidents are linked to AI-related activity. The #1 theme at the conference wasn't ransomware or phishing. It was: who authenticates an AI agent?

The security industry has spent 20 years building identity infrastructure for humans. Passwords, MFA, SSO, zero trust — all designed around the assumption that an identity corresponds to a person who can be challenged, verified, and held accountable.

Agents break that assumption.

An agent doesn't respond to MFA prompts. It doesn't have a manager who reviews its access quarterly. It doesn't leave the company and trigger an offboarding workflow. It runs continuously, accumulates permissions over time, and — if compromised — acts at machine speed with human-level access.

I've been building enterprise AI agents for the past year. The governance problem isn't theoretical. It's the thing that kills deployments.

The pattern I keep seeing: a team builds a great agent, proves it works, gets approval to go to production — and then the security review takes longer than the entire build. Not because security is slow. Because the questions they're asking don't have answers yet.

Most teams answer these questions by giving the agent the developer's credentials and moving on. That's not governance. That's a breach waiting for a calendar invite.

The companies that solve agent identity first will deploy faster than everyone else. Not because they have better models. Because they'll be the only ones whose security team says yes.