Microsoft CEO Satya Nadella says AI agents should be governed with the same seriousness as human employees—complete with identities, sandbox environments, permissions, and audit trails—highlighting the security and oversight challenge as companies rush to depl
Satya Nadella put the burden of AI agent management into plain terms: guiding dozens of software agents at once isn’t just a technical task—it’s a mental one.
In a Friday episode of the “Possible Podcast” posted online, Nadella described how Microsoft is thinking about the practical rules needed to oversee the AI agents it has already created. His core message was direct: give these agents identities, permissions, and the ability to prove what they did.
“You need to give them identities, you need to give them sandboxes, then you need to set policies to govern them,” Nadella told Reid Hoffman.
That framework isn’t abstract. Nadella said Microsoft is figuring out what kinds of tools and policies it needs to oversee all the agents it’s created—starting with specific permissions for what agents can and cannot access within the company. He also said those agents need ways to audit their work.
The stakes behind that advice are growing fast. Companies are spending vast sums to adopt AI, but many are still sorting out how AI agents will work alongside their human employees. Nadella said managing agent behavior represents a particularly tough problem—one he’s dealt with personally.
He described how he often runs 100 AI coding agents at once and guides them through a chat interface, then added that the cognitive load on him is so high that the process can become unmanageable.
That’s where Microsoft’s internal approach comes in. Nadella said Microsoft has created Agent 365, a suite of tools that includes Entra, its digital identity and network access product, as well as Purview, which the company uses to label data AI agents create.
For Nadella, confidence depends on more than capability. He said security, containment, managability, and observability are the ways Microsoft can build trust around these agents.
Hoffman, during the same discussion, said that after 10 years he’d be leaving Microsoft’s board to return to what he called “founder mode.”
Satya Nadella Microsoft AI agents Agent 365 Entra Purview digital identity permissions sandboxes audit observability security containment
So basically let the robots have logins like employees. Cool cool.
I don’t get why this needs “identities” like it’s people. If it’s an agent, shouldn’t it just be locked down by default? Also audit trails… are they gonna charge us extra for that lol.
He said he’s running 100 coding agents at once and it gets “unmanageable” like okay but that’s literally a productivity flex. Sounds like Microsoft wants permissioning so nothing leaks, but they still rush deployments so who’s really managing who here.
Sandboxes and permissions… sounds like they’re just making AI more complicated so it can pretend to be trustworthy. I saw something similar where they “audit” what the AI did and then it’s still wrong anyway. Like if it can’t be contained, just don’t let it touch company stuff, right?