Identity has become one of the harder parts of security to manage. Not because teams are doing anything wrong, but because the world has become rather untidy.
Steven Parker, practice lead for secure identity at CWSI, sees this every week. Organisations are not short of identity tools, policies or good intentions. The challenge is that identity has spread across cloud platforms, SaaS tools, hybrid working, contractors, partners and now AI agents. Many of those identities sit across systems that do not always talk to each other neatly.
That makes simple questions harder to answer. Who has access? What are they doing? Does that access still make sense? And when something changes, who owns the decision?
This blog looks at five identity challenges Steven is seeing most often in the market, and how Microsoft E7 can help organisations bring more control, visibility and governance back into one place.
1. Shadow AI and ungoverned agent identities
The problem
Organisations are moving from generative AI tools into autonomous agents that can take actions across systems. They can schedule tasks, update records, move data and trigger workflows.
Traditional identity tools were built mainly for people and known service accounts. They were not built for software that can make decisions and act on its own. That creates a new version of shadow IT: AI agents running tasks without clear ownership, oversight or accountability.
The business impact
When no one can clearly say which agent did what, and on whose behalf, risk becomes harder to manage. If an agent has more access than it needs, it can reach information it should not see, share or act on. If that access is misused or compromised, the damage can spread further than expected. Quietly, and usually at the least helpful moment
How E7 helps
E7 treats autonomous agents as digital identities in their own right. With Entra Agent ID, non-human identities can be registered, reviewed and managed alongside human users.
Security teams can use agent mapping and dashboards to track behaviour, while lifecycle workflows help manage onboarding, ownership and removal. Each agent can have a human sponsor, and access can be removed quickly if behaviour looks unusual.
2. Uncontrolled access to external AI tools
The problem
People are using AI because it helps them work faster. The challenge is that they’re not always using tools the organisation has approved.
When unverified AI tools enter the workplace, security, privacy and compliance risks can follow. Sensitive information may be shared with systems the organisation has little visibility into and even less control over.
The answer isn’t to block AI altogether. It’s to give people approved tools they can use confidently, while preventing sensitive data from ending up in places it shouldn’t.
The business impact
Unapproved AI tools can create data leakage, compliance and prompt-based attack risks. Sensitive information can leave the organisation quickly, with little visibility and no easy way to bring it back.
How E7 helps
E7’s secure web and AI gateway capabilities apply identity-based controls to web traffic, AI applications and agent workflows.
This helps organisations discover and block unauthorised AI platforms, allow approved tools and inspect traffic for prompt-based threats. The aim is not to stop innovation. It is to make sure AI is used in a way the business can stand over.
3. Identity fraud and impersonation
The problem
Attackers are getting better at impersonation. Deepfakes, AI-written phishing and social engineering aimed at helpdesks have made account recovery a higher-risk moment.
The weak point is often the human interaction. A remote worker needs a reset. A technician calls the service desk. Someone has to decide whether the request is genuine, often under pressure.
The business impact
Helpdesk and account recovery routes are attractive because they depend on judgement. One successful impersonation can hand an attacker access they should never have had.
How E7 helps
E7 includes Verified ID Premium, which supports cryptographic, user-owned verifiable credentials.
Used with Face Check, Entra can compare a real-time, liveness-tested selfie with an authorised corporate photo ID or passport credential. That raises assurance without adding unnecessary friction for genuine users.
4. A fragmented network edge
The problem
Many organisations have added separate SASE, ZTNA and web security tools over time to protect remote users, public sites, on-premises systems and AI services.
Each tool may solve a specific problem. The trouble starts when they all create their own logs, policies and blind spots. Identity activity sits in one place. Network activity sits in another. Investigations become slower than they need to be.
The business impact
Fragmented visibility makes it harder to detect issues, respond quickly and prove what happened. It also adds more tools to licence, integrate and manage. There is a reason security teams have strong feelings about “just one more dashboard”.
How E7 helps
E7 brings identity-aware network security into the Microsoft environment through Entra Private Access and Entra Internet Access.
Entra Private Access can replace legacy VPN approaches for private applications, applying conditional access policies to on-premises resources. Entra Internet Access acts as a secure web gateway, helping inspect outbound user and agent traffic.
Together, they help close the gap between identity and network controls without adding unnecessary complexity.
5. The identity visibility gap
The problem
Many organisations don’t have one clear view of identity activity across people, applications, agents and network traffic.
Logs often sit in separate places, making it harder to spot unusual behaviour or answer basic incident questions, such as who accessed what, from where, and why.
The business impact
Siloed evidence slows response and makes investigations harder to defend. It can also make audits more painful than they need to be.
How E7 helps
E7 brings identity, network and AI activity into a more connected view using Entra Internet Access, Entra Private Access and agent-aware identity signals.
Access events from users, applications and autonomous agents can be logged, correlated and enforced through a single identity plane. That gives teams better session-level visibility and a clearer audit trail.
Why an integrated identity approach matters
These five challenges are closely linked because they’re not separate problems so much as signs of identity being managed in too many places.
When identity tools are fragmented, policies become inconsistent, governance gets harder and operational effort increases. Every gap between systems becomes another place where risk can hide.
A more integrated approach helps bring visibility, governance, automation and security together. E7 supports that by extending familiar identity controls, such as lifecycle management, least privilege, conditional access and audit, across people, applications, agents and other non-human identities.
Bringing identity back together
Identity management is becoming one of the main control points for security, compliance and day-to-day resilience. Organisations that modernise identity now will be better placed to reduce risk, improve efficiency and give people the access they need without creating more work for everyone later.
The ones that get ahead will not necessarily be the ones with the most tools. They will be the ones that bring identity back together.
That starts with understanding where identity stands today. Which controls are working well? Where are policies fragmented? Where is access broader than it needs to be? And where could Microsoft E7 help simplify the picture?
CWSI works with organisations to answer those questions and make identity easier to govern across users, applications, networks and non-human identities.
Talk to an E7 expert to find out where your identity foundations stand, and what to strengthen next.