Okta CEO calls for AI agent kill switch.

Okta CEO Todd McKinnon told The Verge companies should be able to revoke AI agents' access with a 'kill switch' to limit access to sensitive data; Okta's March 15 framework recommends instant access revocation, real-time permission enforcement, human approval for risky actions, and detailed audit logs.

Okta's CEO Todd McKinnon said companies should build a way to cut off AI agents' access if they go rogue. He described AI agents as a new class of digital workers that can access systems, move data, and take actions across a company's software stack. Okta published a framework on March 15 called "The blueprint for the secure agentic enterprise" that outlines controls aimed at limiting agents' access to sensitive data rather than ending agent use. Key details: - McKinnon told The Verge that firms need systems to track agents, define roles and permissions, and be able to "pull the plug" if an agent misbehaves. - Okta's framework calls for the ability to revoke access instantly across systems, real-time enforcement of data-sharing permissions, human approval for risky actions, and detailed audit logs of agent activity. - Harish Pari, Okta's SVP of AI security, said the risk is already emerging because agents need access to sensitive systems and data, creating a new attack vector. - The idea of a built-in failsafe has appeared in past policy discussions, including a 2024 California bill that proposed a failsafe requirement and later received a veto. Summary: The proposal is framed as a way to contain risk by limiting what AI agents can access and by enabling rapid revocation of their permissions. Undetermined at this time.