By Byron V. Acohido
As enterprise adoption of generative AI accelerates, safety groups face a brand new identification dilemma — not simply extra customers and gadgets, however a rising swarm of non-human brokers and autonomous methods requesting entry to delicate property.
Associated: Prime 10 Microsoft Copilot dangers
On the identical time, conventional identification and entry administration (IAM) instruments are buckling underneath the strain of cloud sprawl, decentralized architectures, and fixed change.
The end result? An pressing want for a better method — one which helps groups see, perceive, and act on who has entry to what, throughout human, non-human, and AI identities, in actual time.
For this Q&A, we engaged Jim Alkove, co-founder and CEO of Oleria and former Chief Belief Officer at Salesforce. Alkove breaks down why identification is the brand new battleground — and the way a usage-aware, unified identification platform might help CISOs regain visibility and management.
LW: GenAI instruments like Copilot are reworking workflows — but in addition introducing new access-related dangers. The place are the blind spots displaying up most?
Alcove: AI co-pilots like Microsoft Copilot are surfacing a important hole: extreme entry permissions and sprawling knowledge publicity. Previously, staff couldn’t simply discover the whole lot that they had entry to, so some threat stayed hidden. Now, GenAI makes that entry seen — and harmful.
These instruments honor present permissions, which supplies organizations a false sense of safety. The issue isn’t that AI breaks the foundations — it’s that the foundations had been too unfastened to start with.
It’s an actual blocker. A latest Gartner survey discovered that 40% of IT managers have paused GenAI deployments over safety considerations. The foundation of all of it? Extreme, invisible entry. Attending to least privilege — and conserving it — is the one option to transfer ahead.
LW: What’s the core identification downside Oleria is fixing — and why now?
Alcove: Id actually has develop into the most important safety problem we face at the moment. The numbers are staggering — greater than 80% of breaches now stem from identification points. And it’s not simply human customers anymore. In lots of enterprises, non-human identities — issues like service accounts, automation scripts, and AI brokers — outnumber individuals by 80 to 1.
The issue is that the majority legacy instruments simply weren’t constructed to deal with this. They nonetheless depend on static snapshots and handbook evaluations, which merely can’t sustain with the tempo or complexity of contemporary environments.
That’s why we constructed Oleria from the bottom up with a very completely different method. At its core, our platform provides safety groups real-time readability and management, with out slowing innovation. It’s designed that can assist you see precisely who — or what — has entry to what, how that entry is getting used, and whether or not it poses a threat.
We unify identification knowledge from in every single place — cloud platforms, HR methods, SaaS apps, even homegrown instruments — and map it right into a single, dynamic entry graph. That provides you a dwell image of your total identification panorama.
From there, we constantly monitor utilization patterns to identify points that conventional instruments typically miss — like dormant accounts, creeping privileges, or weak MFA setups.
And at last, we assist groups take significant motion. You’ll be able to automate clean-up duties, implement least privilege as issues change, or simply ask Oleria Copilot one thing as particular as, “Who hasn’t used their admin rights within the final 30 days?” and get a solution you’ll be able to act on instantly.
LW: You speak about unifying posture, governance, and detection. What does that allow that siloed instruments miss?
Alcove: Conventional IAM instruments grant entry — however they not often enable you govern it over time. You get fragmented snapshots that miss key dangers.
By combining governance, posture, and detection into one system, Oleria provides safety groups an entire, real-time image. We join all identification knowledge into one graph and layer utilization intelligence on prime.
That integration lets groups spot dormant entry, dangerous permissions, and misconfigurations as they occur — and act instantly.
LW: Safety groups are sometimes overwhelmed by identification alerts. How are you serving to prospects lower by means of the noise?
Alcove: Safety groups don’t want extra alerts. They want solutions.
Oleria supplies real-time context. We monitor habits throughout identification sorts and flag anomalies — issues like unused privileges, privilege creep, and coverage violations.
With Oleria Copilot, you’ll be able to simply ask: “Which service accounts haven’t been utilized in 30 days?” and get a exact, actionable reply.
It’s all about serving to groups focus — and transfer — sooner.
LW: Non-human and AI identities are exploding. What must evolve to safe them?
Alcove: Non-human identities — service accounts, scripts, AI brokers — outnumber people 80 to 1 in lots of orgs. And most of them are invisible, over-permissioned, and unmanaged.
These identities typically don’t have any proprietor. They function within the background, with an excessive amount of entry and too little oversight.
As AI quickens the creation of machine identities, this downside will solely develop. Organizations want NHI-specific governance: possession, utilization monitoring, and lifecycle controls.
That’s what we assist allow — steady discovery, monitoring, and remediation. As a result of securing these identities isn’t optionally available. It’s the way you put together for a future the place machines function at scale.
LW: Compliance mandates round AI and knowledge entry are rising quick. How can firms keep forward?
Alcove: Compliance can’t be a checkbox train anymore. Firms want audit-ready visibility — and the power to show least privilege at any second.
Oleria helps try this by eliminating handbook evaluations and displaying entry in actual time. You get on the spot solutions to powerful questions: “Who can see this dataset?” “Which AI brokers accessed it final week?”
That sort of transparency is what regulators — and your board — will anticipate going ahead.
LW: What does the way forward for identification seem like — and the way ought to CISOs put together?
Alcove: The long run is adaptive, steady, and AI-powered. Static snapshots aren’t sufficient.
CISOs want platforms that supply real-time intelligence and may reply at machine velocity. Which means usage-based visibility, steady enforcement, and good automation.
We’re constructing Oleria to be that platform — so groups can transfer sooner than the threats.
Acohido
Pulitzer Prize-winning enterprise journalist Byron V. Acohido is devoted to fostering public consciousness about methods to make the Web as non-public and safe because it should be.
(LW supplies consulting companies to the distributors we cowl.)
