Microsoft Treats AI Agents Like Employees With Identity Systems

Microsoft builds infrastructure to manage AI agents at scale

Microsoft has developed a management framework for AI agents that mirrors how companies oversee human employees, complete with digital identities, access permissions, and audit capabilities.

CEO Satya Nadella disclosed the approach during a conversation with Reid Hoffman on the "Possible Podcast," explaining that Microsoft now treats its AI agents as entities requiring formal governance structures. The company assigns each agent specific permissions that define what systems and data they can access, while implementing policies to monitor and control their activities.

"You need to give them identities, you need to give them sandboxes, then you need to set policies to govern them," Nadella said in the episode posted Friday.

The challenge of managing multiple agents simultaneously

Nadella spoke from direct experience about the difficulty of coordinating numerous AI agents. He routinely operates 100 AI coding agents concurrently, and managing them through individual chat interfaces creates significant overhead.

"The cognitive load on me managing this is so high," the CEO acknowledged.

This operational challenge reflects a broader problem facing organizations as they deploy AI agents across their operations. While companies are investing heavily in AI adoption, many have yet to establish clear frameworks for how autonomous agents will integrate with human workflows and existing management structures.

Agent 365 provides governance tools

To address these management needs, Microsoft has created Agent 365, a suite of tools built on existing enterprise products. The system incorporates Entra, Microsoft's digital identity and network access platform, which handles agent authentication and permissions. It also includes Purview, the company's data governance product, which labels and tracks data that AI agents generate.

These tools establish what Nadella described as four pillars for agent management: security, containment, manageability, and observability. The framework aims to give organizations confidence that their AI agents operate within defined boundaries and produce auditable results.

Why it matters

As AI agents move from experimental projects to production systems handling real business processes, the lack of management infrastructure poses serious risks. Without proper identity systems and access controls, agents could expose sensitive data, make unauthorized changes, or operate in ways that violate compliance requirements. Microsoft's approach of adapting enterprise identity and governance tools for AI agents provides a template other organizations can follow as they scale their own agent deployments.

The details were first reported by Business Insider, which also noted that Hoffman announced his departure from Microsoft's board after 10 years to return to what he called "founder mode."