There’s a conversation happening inside almost every enterprise right now. Leadership has decided that AI agents are going to change how the organization works. Claude for Work licenses are being purchased. Rollouts are being planned. Employees are being told that their personal AI assistant is here and that it will change everything about how they work.
What’s not being discussed nearly enough is what it means, from a security standpoint, to give every employee an AI agent that can act on their behalf across their entire digital work life.
Think about what that actually involves. A personal AI assistant isn’t useful if it can only access a narrow slice of what the employee works with. To be genuinely helpful, the agent needs access to email, calendar, documents, financial data, internal systems – the full surface area of how that employee does their job. And in most organizations today, agents get that access with no distinct identity of their own, no policy enforcing what they can do, and no audit trail that separates agent actions from the user’s.
I’ve been thinking about this since we started working with one of our design partners. This $300B investment firm set out to do exactly what I’m describing: deploy Claude as a personal assistant for their entire workforce. What started as a focused project around financial research quickly revealed itself to be something much bigger. Analysts wanted to leverage Claude to access not just financial data platforms, but Microsoft 365 – email, calendars, SharePoint, the full Microsoft Graph. The scope of what “personal assistant” actually means in practice is vast.
Their security team understood this before almost anyone else did and they did something important: they refused to let the rollout proceed without the right foundation in place, not because they were against AI, but because they’d spent years building security standards for their human workforce and weren’t willing to abandon them the moment an AI agent entered the picture.
The solution is Aembit IAM for Agentic AI – a blended identity model that gives Claude a verified credential encoding both the employee’s identity and the agent’s identity, enables secretless access, and produces a complete audit trail of every action Claude takes. Their security team said ‘yes’ and the rollout went live. Every employee at this organization can access Claude through Aembit, seamlessly securing their agents’ actions.
We published the full case study today. I think it’s one of the most important things we’ve shipped – not because of the technology specifically, but because of what it represents. The era of AI agents as personal assistants for every employee is here. The security infrastructure to support it is just catching up.
Aembit’s IAM for Agentic AI secures Claude’s access to MCP servers with blended agent-human identity, runtime policy enforcement, and full audit logging. Learn more at aembit.io/use-case/secure-claude.
