Zero Trust Under Strain as Organizations Favor Just-in-Time Access

Omada's Ramsay and Walker Discuss Access Management, AI Agents and Identity Sprawl Tom Field (SecurityEditor) • December 12, 2025

Organizations are racing to adopt just-in-time access as identity sprawl, legacy systems and AI-driven agents make long-standing permissions increasingly risky.

See Also: AI-Powered Identity Fraud: What You're Up Against

In traditional IAM models, access is granted for a certain duration on a by-request, by-incident or by-role basis – often never actually being revoked. Craig Ramsay, senior solutions architect at Omada, says that playbook will no longer fly in a modern identity context. Today's security landscape demands permissioning that is "ephemeral, event-driven" and tied to a specific moment of defense or remediation.

Paul Walker, field strategist at Omada, added that the age-old "set-and-forget" policy directly undermines zero trust. With non-human identities surging and AI agents capable of escalating privileges themselves, both leaders warned that unused or standing access permissions now make ...