By Byron V. Acohido
As enterprise adoption of generative AI accelerates, safety groups face a brand new id dilemma — not simply extra customers and units, however a rising swarm of non-human brokers and autonomous programs requesting entry to delicate property.
Associated: Prime 10 Microsoft Copilot dangers
On the identical time, conventional id and entry administration (IAM) instruments are buckling below the strain of cloud sprawl, decentralized architectures, and fixed change.
The end result? An pressing want for a better method — one which helps groups see, perceive, and act on who has entry to what, throughout human, non-human, and AI identities, in actual time.
For this Q&A, we engaged Jim Alkove, co-founder and CEO of Oleria and former Chief Belief Officer at Salesforce. Alkove breaks down why id is the brand new battleground — and the way a usage-aware, unified id platform may help CISOs regain visibility and management.
LW: GenAI instruments like Copilot are remodeling workflows — but additionally introducing new access-related dangers. The place are the blind spots displaying up most?
Alkove: AI co-pilots like Microsoft Copilot are surfacing a vital hole: extreme entry permissions and sprawling knowledge publicity. Up to now, staff couldn’t simply discover the whole lot they’d entry to, so some danger stayed hidden. Now, GenAI makes that entry seen — and harmful.
These instruments honor present permissions, which provides organizations a false sense of safety. The issue isn’t that AI breaks the foundations — it’s that the foundations had been too free to start with.
It’s an actual blocker. A latest Gartner survey discovered that 40% of IT managers have paused GenAI deployments over safety issues. The basis of all of it? Extreme, invisible entry. Attending to least privilege — and preserving it — is the one approach to transfer ahead.
LW: What’s the core id drawback Oleria is fixing — and why now?
Alkove: Identification actually has turn out to be the most important safety problem we face in the present day. The numbers are staggering — greater than 80% of breaches now stem from id points. And it’s not simply human customers anymore. In lots of enterprises, non-human identities — issues like service accounts, automation scripts, and AI brokers — outnumber folks by 80 to 1.
The issue is that the majority legacy instruments simply weren’t constructed to deal with this. They nonetheless depend on static snapshots and guide opinions, which merely can’t sustain with the tempo or complexity of recent environments.
That’s why we constructed Oleria from the bottom up with a very totally different method. At its core, our platform provides safety groups real-time readability and management, with out slowing innovation. It’s designed that will help you see precisely who — or what — has entry to what, how that entry is getting used, and whether or not it poses a danger.
We unify id knowledge from in all places — cloud platforms, HR programs, SaaS apps, even homegrown instruments — and map it right into a single, dynamic entry graph. That provides you a stay image of your total id panorama.
From there, we repeatedly monitor utilization patterns to identify points that conventional instruments usually miss — like dormant accounts, creeping privileges, or weak MFA setups.
And eventually, we assist groups take significant motion. You possibly can automate clean-up duties, implement least privilege as issues change, or simply ask Oleria Copilot one thing as particular as, “Who hasn’t used their admin rights within the final 30 days?” and get a solution you’ll be able to act on instantly.
LW: You discuss unifying posture, governance, and detection. What does that allow that siloed instruments miss?
Alkove: Conventional IAM instruments grant entry — however they not often assist you govern it over time. You get fragmented snapshots that miss key dangers.
By combining governance, posture, and detection into one system, Oleria provides safety groups a whole, real-time image. We join all id knowledge into one graph and layer utilization intelligence on high.
That integration lets groups spot dormant entry, dangerous permissions, and misconfigurations as they occur — and act instantly.
LW: Safety groups are sometimes overwhelmed by id alerts. How are you serving to clients minimize by the noise?
Alkove: Safety groups don’t want extra alerts. They want solutions.
Oleria supplies real-time context. We monitor habits throughout id varieties and flag anomalies — issues like unused privileges, privilege creep, and coverage violations.
With Oleria Copilot, you’ll be able to simply ask: “Which service accounts haven’t been utilized in 30 days?” and get a exact, actionable reply.
It’s all about serving to groups focus — and transfer — quicker.
LW: Non-human and AI identities are exploding. What must evolve to safe them?
Alkove: Non-human identities — service accounts, scripts, AI brokers — outnumber people 80 to 1 in lots of orgs. And most of them are invisible, over-permissioned, and unmanaged.
These identities usually haven’t any proprietor. They function within the background, with an excessive amount of entry and too little oversight.
As AI hastens the creation of machine identities, this drawback will solely develop. Organizations want NHI-specific governance: possession, utilization monitoring, and lifecycle controls.
That’s what we assist allow — steady discovery, monitoring, and remediation. As a result of securing these identities isn’t non-compulsory. It’s the way you put together for a future the place machines function at scale.
LW: Compliance mandates round AI and knowledge entry are rising quick. How can corporations keep forward?
Alkove: Compliance can’t be a checkbox train anymore. Firms want audit-ready visibility — and the flexibility to show least privilege at any second.
Oleria helps do this by eliminating guide opinions and displaying entry in actual time. You get on the spot solutions to robust questions: “Who can see this dataset?” “Which AI brokers accessed it final week?”
That sort of transparency is what regulators — and your board — will anticipate going ahead.
LW: What does the way forward for id appear to be — and the way ought to CISOs put together?
Alkove: The longer term is adaptive, steady, and AI-powered. Static snapshots aren’t sufficient.
CISOs want platforms that provide real-time intelligence and may reply at machine velocity. Which means usage-based visibility, steady enforcement, and sensible automation.
We’re constructing Oleria to be that platform — so groups can transfer quicker than the threats.
Acohido
Pulitzer Prize-winning enterprise journalist Byron V. Acohido is devoted to fostering public consciousness about methods to make the Web as personal and safe because it must be.
(LW supplies consulting companies to the distributors we cowl.)
