Welcome to this AI Agent & Copilot Podcast, where we analyze the opportunities, impact, and outcomes that are possible with AI.
In this episode, I speak with Harish Peri, Senior Vice President and General Manager of AI Security for Okta, an Identity and Access Management (IAM) leader, about recent updates to the Modal Context Protocol (MCP) that enhance security and, more specifically, identity security.
Highlights
MCP Overview and Okta MCP Tech (01:15)
Peri explains MCP’s role in standardizing connectivity between AI entities and resources while noting the rapid rise in MCP servers, both those from the vendor community and those that companies build in house. Okta has an MCP server that automates IAM tasks by connecting agents to admin APIs.
Security Concerns as MCP Servers Proliferate (03:38)
There are about 2,000 known and publicly registered servers at the time of the discussion. Peri describes security challenges including authorization and authentication issues as well as the risk of long-lived token being exploited. He highlights the tension between innovation — enabled by AI and MCP — and security because many MCP servers don’t follow basic identity security principles.
MCP Uses Cases That Highlight Vulnerabilities (08:20)
Peri discusses the various business processes and functions where MCP is frequently applied, such as internal productivity tools, customer-facing applications, and B2B SaaS products. Employees use MCP to connect employees to services like Gemini, reducing user fatigue and providing a centralized connection point. MCP delivers benefits including centralized access management but it’s vital to secure it as a central connection point or clearinghouse.
Cross App Access Addition to MCP (10:29)
Cross App Access allows centralized management of user entitlements in an identity platform (such as Okta). Cross App Access increases auditability and allows predefined access to be granted without user interaction. The integration of Cross App Access into the MCP specification provides additional security and visibility for MCP servers.
Benefits, Availability of Cross App Access (12:52)
Peri notes that the updates for cross app access are part of the MCP spec and that SDKs are being updated for various programming languages. The updates will make it easier for ISVs and developers to implement cross app access with minimal effort. The benefits of unified identity security for agents include centralized governance.
Future of MCP and MCP Security (15:18)
Peri predicts that the innovation in MCP will continue to unlock new categories of AI-powered applications, more production deployments, and scaling up of secure identity management practices.
More MCP Insights:
- Cisco Secures MCP Servers With Multiple Scanning Engines
- Microsoft Deepens MCP Support With New Power Apps and Dataverse Servers
- Why MCP Is Becoming the Universal Interface to Enterprise Data
- Microsoft Unleashes AI Capabilities in Dynamics 365 MCP Server
AI Agent & Copilot Summit is an AI-first event to define opportunities, impact, and outcomes with Microsoft Copilot and agents. Building on its 2025 success, the 2026 event takes place March 17-19 in San Diego. Get more details.
Tom Smith
Analyst
Cloud Wars, Agent and Copilot
Related Posts
