AI agents are moving into critical enterprise workflows faster than governance frameworks are being built around them, according to new research released by JumpCloud. The company’s Agentic IAM Pulse Report found that 72% of organisations already have AI agents in production, yet 92% reported serious limitations in their ability to scale those deployments safely.
The report said AI agents are already being used in areas such as financial reporting and HR provisioning, where decisions, access rights, and execution controls carry higher operational stakes. Among the findings, 66% of organisations said AI agents have equal or greater system access than human employees, while 38% said agents in business-critical environments receive significantly more access than their human counterparts.
Human-in-the-loop approvals fall from 48% in testing to 29% in key business deployments, while 24% of organisations said agents are allowed to execute high-risk actions with no human supervision at all. The report also points to what it calls an identity explosion: 53% of organisations now manage more non-human identities than human employees, and 23% report a ratio of six to one or higher. JumpCloud said the volume of machine identities is making manual management increasingly unrealistic.
Joel Rennich, senior vice president, product management, JumpCloud, said: “AI agent deployment has officially outrun the controls needed to manage it safely. We are seeing agents operate in sensitive workflows with fragmented identities and more access than human employees, yet they are the least supervised group in the enterprise. Because identity is now the only perimeter left for these agents, organisations must move towards a formal governance model that treats every agent as a first-class, governed identity to turn AI from a liability into a sustainable engine for growth.”
Only 17% of organisations said they have a designated security leader accountable for AI agent actions, while 51% said responsibility in business-critical deployments falls to IT teams alone. More than half, 55%, also said they lack a centralised kill switch to cut AI agent access across all systems.
JumpCloud has made the report available here.
You must be logged in to post a comment.