Okta CEO advocates for AI agents' emergency shutdown

Every day, countless employees utilise Okta to access various applications and services.

In the near future, AI could also need similar access. Okta's CEO, Todd McKinnon, shares that the company is considering how to ensure security as people may delegate digital tasks to AI agents.

He recommended having a form of shutdown mechanism if situations become uncontrolled.

In a session on The Verge's "Decoder," released on Monday, McKinnon portrayed AI agents as a fresh category of digital workers—capable of accessing systems, handling data, and executing actions across a company's software infrastructure.

Organisations are progressively trying these AI agents for workflow management, software creation, and even some manual duties.

This amount of authority requires set boundaries, McKinnon stated.

"It's crucial to monitor them, specifying their responsibilities, permissions, and connections, while also having a method to disconnect them if they become erratic," he added.

According to Okta's plan, AI agents wouldn’t cease to exist, but their access to critical data could be significantly reduced through a shutdown mechanism.

Harish Pari, a senior vice president focused on AI security at Okta, informed Business Insider that the danger is now appearing.

"Every company is initiating AI agents," he mentioned. "For these agents to operate effectively, they need access to protected systems and information, thus creating a new avenue for attacks."

Although the increase in efficiency is a positive aspect, Okta emphasizes that the risks are just as noteworthy and require careful handling, including a major shutdown button.

On March 15, the company released a press statement titled "The plan for a secure agent-based enterprise." Okta stated that businesses using AI should "have the ability to immediately revoke access across all systems to manage risk."

The strategy also calls for immediate enforcement of data-sharing boundaries, acquiring human consent for risky operations, and keeping detailed audit records of each agent's decisions and access procedures.

Okta isn't standing alone. Early in 2024, California State Sen. Scott Wiener introduced a regulation bill regarding AI that demanded companies include a backup safety feature.

Before Gov. Gavin Newsom rejected it later that year, the bill earned support from tech advocate Elon Musk.

Nonetheless, McKinnon conveyed to "Decoder" that it's crucial for private companies to devise their own safety measures.

"Problems will arise, resulting in risks and threats, including prompt injection," he elaborated, emphasising the need to prevent agents from accessing data during emergencies. "It's akin to removing a machine from the network."