Otka Establishes AI Workforce with Google Cloud

Organisations deploying AI agents at scale face a commercial security challenge that could determine their competitive position. Digital workers now require the same identity governance frameworks as human employees, yet most enterprises have not closed this gap.

According to Okta's AI Agents at Work market report, 92% of executives report moderate or widespread use of AI agents within their organisations. This adoption rate suggests automation has moved beyond pilot programmes into core business operations.

However, only 34% of organisations apply the same security controls to these digital workers as they do to human employees. This disparity creates risk exposure that could affect business continuity and customer trust.

Okta and Google expand partnership

Okta is expanding its collaboration with Google Cloud to address identity security requirements in automated enterprise environments. The partnership combines identity, cloud and productivity solutions to support organisations operating AI-powered workforces.

Vineet Bhan, Director and Global Head of Security and Identity ISV Partnerships at Google Cloud, says: "Together with Okta, we're extending that foundation across Google Cloud – so customers can confidently deploy AI agents in production, govern how they interact with critical systems and maintain strong protection across the browser."

The integration aims to reduce barriers to AI deployment while maintaining governance standards. For organisations pursuing growth through automation, this could mean faster time to market for agent-based services.

Approximately 62% of IT executives view vendor lock-in as a strategic risk, according to the report. Open and interoperable security ecosystems address this concern by allowing organisations to integrate tools without platform dependency.

Security gaps drive exploit growth

Session hijacking has seen a 127% year-over-year increase as threat actors focus on stealing post-auth session tokens stored directly in the browser. Identity-based exploits are rising as automated tools expand attack surfaces.

Browser-based workflows now represent a primary vector for credential theft and unauthorised access. Modern work increasingly takes place within web browsers, which creates visibility gaps when security policies are not enforced at this layer.

Ely Kahn, CPO at Okta, says: "Organisations shouldn't have to choose between the AI and productivity tools their teams want and the security their business requires. Okta and Google are a natural fit because we pair Google's leading product suite with an identity layer that can work across the entire modern, AI-powered work stack."

The commercial implication centres on operational resilience. Security incidents can disrupt revenue operations and damage client relationships, particularly for organisations offering agent-based services to external customers.

Identity framework for agent deployment

Auth0 for AI Agents now integrates directly with the Agent Runtime on the Gemini Enterprise Agent Platform. This integration provides a secure identity layer that accelerates the transition from pilot projects to live production by mitigating the need for custom coding.

Developers can embed enterprise-grade identity and access controls into their workflows using several core features. User authentication verifies that only authenticated users can invoke an agent, while Token Vault stores, manages and refreshes OAuth tokens to safely connect agents to downstream services.

Human-in-the-loop workflows trigger human approval checkpoints for high-risk actions while agents work in the background. Fine-Grained Authorisation ensures that agents perform only the specific actions a user is permitted to take.

Auth for MCP adds authentication and authorisation to any Model Context Protocol (MCP) server. These capabilities address governance requirements as agent deployments scale across business units.

Upcoming governance capabilities

Okta for AI Agents will soon integrate with the wider Gemini Enterprise Agent Platform to ensure all automated tools possess a verified identity. The upcoming capabilities will continuously import agents into a centralised directory to maintain human accountability.

External requests will route through a real-time policy enforcement point. This architecture addresses fundamental questions about agent visibility and policy enforcement as enterprise agent fleets expand.

For organisations pursuing growth through automation, centralised governance could reduce compliance complexity. Visibility into agent activity supports audit requirements and risk management frameworks.

The commercial opportunity lies in enabling organisations to scale agent deployments without proportional increases in security overhead. This could affect profitability for businesses building agent-based service offerings.

Browser security controls deployment

Okta and Chrome Enterprise are turning the browser into a policy-enforced work environment. This configuration protects applications, data and gen AI use on both managed and unmanaged devices without disrupting daily workflows.

The Chrome Enterprise Universal Enrolment feature enables IT teams to enforce enterprise-grade policies through managed Chrome profiles on any device. This is available through the Okta Integration Network and functions without requiring identity synchronisation to Google.

Device trust enhancements will integrate Okta Device Assurance with the Chrome Device Trust Connector to evaluate browser and device posture in real time. New antivirus signals allow Chrome to block logins at the browser level if a device has out-of-date protection.

These controls address threats from credential theft and malicious extensions. For organisations supporting remote or hybrid workforces, browser-level security could reduce endpoint management costs while maintaining protection standards.