Your intern gets a background check. Your agent gets an API key.
An intern gets a background check, an onboarding, a manager, and a scoped set of permissions.
An AI agent gets an API key and a prompt.
Yet in a lot of orgs the agent has more access than the intern. It can read the database, call internal APIs, move money, touch customer records — at machine speed, 24/7, with no one watching.
We had the muscle. We just didn’t use it.
We spent decades building the discipline for human access: least privilege, joiners-movers-leavers, quarterly access reviews, segregation of duties. Then we handed a non-human actor broader access than we’d give a new hire and skipped all of it.
And here’s the quiet part: the person who granted that access usually didn’t know they were making a security decision. They were just building a feature. No access request, no review, no expiry. An identity was born with production reach, and nobody’s job was to notice.
The change-control gap is worse
It doesn’t stop at access. A one-line change from a human developer needs a review, an approval, and a paper trail. We built decades of discipline around changing production — four-eyes review, change advisory, “who approved this and why.” SOX made parts of it law.
Then coding agents showed up and routed around all of it. The agent generates the change, and increasingly the agent’s change is the change: reviewed lightly if at all, merged, shipped. The controls we treat as non-negotiable for a human in their first week simply don’t apply to the most prolific committer in the org.
Nobody decided to exempt agents from governance. It just never occurred to anyone to include them, because every one of those controls was designed around a human actor.
Governance is the unlock, not the brake
Here’s the reframe I keep pushing: this isn’t an argument for slowing agents down. It’s the opposite.
The reason you can hand an employee real responsibility is that the accountability structure around them makes trust cheap: you know what they can touch, someone reviews what they do, and there’s a trail when something goes wrong. That structure is why delegation works.
Agents deserve the same deal — identity, scoped access, reviews, an audit trail. The playbook already exists; we don’t have to invent it, just extend it to non-human actors. And the orgs that do this first won’t be the slow ones. They’ll be the ones confident enough to give their agents more autonomy, because they can finally answer the question every deployment stalls on: what exactly can this thing do, and who’s watching?
Treat your agents at least as well as your interns. Everyone benefits — especially the agents.