Danny Jenkins
π€ SpeakerAppearances Over Time
Podcast Appearances
We should be saying, why does this need this permission?
Why does it need access to these files?
Why does it need access to the internet?
What does it need access to on the internet?
So that's step one.
And then the second step is checking what you have given access to and just reviewing it again.
periodically to say, is there still a valid reason for this agent to get access?
Part of the problem with agents as well is there's no accountability.
So as a human, if I hire somebody and I bring them into my business and they do something wrong, there is a consequence for doing something wrong.
Now, the consequence may be worse for the business than it is for the individual.
But in most cases, if they intentionally steal data, upload something to the internet, it's
They're going to go to jail.
They're going to get fired, something like that.
With agents, they can just do things without any consequence.
So you have to almost put more constraints around it because what you have is the most.
No, it doesn't have any conscience.
It cannot be stopped.
It cannot be reasoned with.
And it will do whatever it thinks is the appropriate thing to do.
And that could be deleting a database.