Amol Dalvi: Endpoint Security Is Getting More Complex in the Age of Cloud Desktops and AI Agents

As enterprise environments rapidly evolve beyond traditional devices, the definition of an endpoint is being fundamentally redefined. In this interview, Amol Dalvi, VP of Product, Nerdio explores how hybrid work, cloud desktops, and AI agents are expanding the attack surface in unexpected ways. He breaks down why identity, visibility, and governance are now at the core of modern endpoint security strategies.

Why has endpoint security become so much more complex for enterprises?

Amol Dalvi: Endpoint security has become more complex because the definition of an endpoint has changed. For years, organizations focused on hardening data centers, securing network perimeters, and protecting corporate-owned devices. That model no longer matches how work happens today.

Employees now access corporate systems from home networks, personal devices, temporary workspaces, and cloud-hosted desktops. At the same time, organizations are introducing AI agents that can access data, execute tasks, and interact with business systems on behalf of users. These are not traditional devices, but from a security perspective, they behave like endpoints because they have identities, permissions, and access to sensitive information.

This shift has expanded the attack surface. A breach no longer has to begin inside a data center or through a traditional laptop. It can originate through a misconfigured virtual desktop, a compromised user session, an overly permissive account, or an AI agent operating with more access than it needs.

Are endpoints now the primary target for attackers?

Amol Dalvi: In many cases, yes. Attackers have adapted to the way enterprises now operate. Instead of trying to break through hardened network perimeters, they are targeting the places where users interact with systems and data. That means endpoints, identities, and sessions.

Credential theft, session hijacking, and endpoint misconfigurations are now major areas of risk. A single compromised device or user account can give an attacker a foothold into broader systems, especially if access controls are too broad or inconsistently enforced.

Hybrid work has accelerated this challenge. IT teams no longer have the same level of visibility into every device, network, and access point. Each endpoint may have a different security posture, patch level, or compliance state. That variability creates openings that attackers can exploit.

How do cloud desktops and virtual desktop infrastructure change the endpoint security model?

Amol Dalvi: Cloud desktops and virtual desktop infrastructure, or VDI, can improve security because they centralize access, standardize user environments, and reduce reliance on unmanaged physical devices. However, they also introduce new layers of complexity.

A virtual desktop is still an endpoint. It may not sit on a user’s desk, but it depends on cloud infrastructure, identity systems, image management, configuration policies, and access controls. Each of those layers must be secured and governed correctly.

In Microsoft Azure environments, for example, resources can be provisioned quickly. That agility is one of the major advantages of the cloud. But without consistent governance, speed can introduce risk. Organizations may experience configuration drift, privilege sprawl, or gaps in visibility. An improperly secured desktop image or an overlooked policy setting can create exposure that is difficult to detect.

What are the most common operational challenges security and IT teams face?

Amol Dalvi: The biggest challenge is managing endpoint security at scale. Enterprises are responsible for provisioning, configuring, monitoring, updating, and eventually decommissioning thousands of endpoints across physical, virtual, and cloud-hosted environments.

Misconfiguration remains one of the most common and underappreciated sources of vulnerability. It does not always look like a major security failure at first. It may be an excessive permission, an outdated image, a missing policy, or an inconsistent configuration. But those small gaps can become serious risks when multiplied across a large environment.

Tool fragmentation also makes the problem harder. Many organizations rely on separate platforms for endpoint protection, identity management, monitoring, cloud operations, and compliance. When those tools do not integrate well, teams lack a complete view of their environment. That makes it harder to detect anomalies, respond to incidents, and enforce consistent policy.

Where do AI agents fit into the endpoint security conversation?

Amol Dalvi: AI agents are becoming a new category of endpoint. They do not have a physical form, but they can act on behalf of users, access systems, retrieve data, trigger workflows, and make decisions based on the information they receive. From a security standpoint, that means each AI agent needs to be treated as an entity with an identity, permissions, and an access scope. Organizations need to know what the agent is allowed to do, what systems it can interact with, what data it can access, and how its actions are logged and reviewed.

This is a major change because traditional endpoint security models were built primarily around human users and physical or virtual devices. AI agents introduce non-human actors that can operate dynamically across multiple systems. That makes governance, monitoring, and least privilege access even more important.

What risks do AI agents introduce if they are not properly governed?

Amol Dalvi: The risks can be significant. An AI agent with excessive permissions could access sensitive data it does not need. If its actions are not logged properly, teams may struggle to understand what happened during an incident. If it relies on incomplete or inaccurate data, it may make flawed decisions or trigger the wrong automated response.

There is also a compounding effect. AI agents often connect to multiple systems and depend on large volumes of data. Poor data quality can lead to poor outcomes. In a security context, that could mean missed threats, misconfigured controls, or automated actions that create more risk instead of reducing it.

Organizations need to ask the same questions about AI agents that they ask about human users and endpoints. How is this entity authenticated? What level of access does it have? Is that access appropriate? How is activity monitored? Can we audit its actions? Can we quickly revoke access if something goes wrong?

Enterprise Security Tech: How should organizations rethink endpoint security for this new environment?

Amol Dalvi: Organizations need to move beyond device-level protection and think about the full endpoint lifecycle. That includes provisioning, configuration, access, monitoring, policy enforcement, and decommissioning across physical devices, virtual desktops, cloud-hosted resources, and AI agents.

Identity has become the foundation of modern endpoint security. Strong authentication, least privilege access, and continuous verification are essential because traditional network boundaries no longer provide enough protection. Every endpoint and every actor should be verified based on identity, context, and behavior.

Visibility is equally important. Security teams need a comprehensive view of all endpoints and identities, including virtual desktops and AI agents. They also need the ability to correlate activity across systems so they can identify abnormal behavior and respond quickly.

Automation will be critical, but it must be implemented carefully. Automated provisioning, configuration management, and policy enforcement can help maintain consistency at scale. However, automation depends on accurate data and clear governance. Without that foundation, automation can amplify existing problems.

What is the key takeaway for enterprise security leaders?

Amol Dalvi: Endpoint security is no longer just about protecting laptops or installing endpoint detection tools. It is about securing every place where users, systems, and intelligent agents interact with enterprise data.

The organizations that succeed will be those that combine strong identity controls, consistent governance, reliable visibility, and thoughtful automation. As cloud desktops and AI agents become more common, security leaders need to treat endpoint security as a broader operational discipline, not a narrow technical function. That shift is essential for protecting distributed environments today and preparing for the next generation of enterprise access.