Connect
AI is changing how organizations work, but with every new breakthrough, IT teams face fresh challenges.
How can you let people tap into powerful tools like Gemini and ChatGPT without giving up control over business data?
This was the focus of a standout session at JumpCloudLand, hosted by Kirti Maheshwari, customer references specialist at JumpCloud, who brought real-world clarity and practical advice to the conversation. The discussion highlighted the excitement around AI and dug into what it takes to actually support safe, responsible adoption.
More than plugging in new technology, the real opportunity is about creating an environment where teams can innovate confidently, knowing security and business integrity remain front and center. Organizations need an approach that empowers teams to use advanced tools, while maintaining their security standards.
In the session, Renjit Radhakrishnan, head of IT business solutions at Tamara, a leading Saudi fintech, shared how they built a Zero Trust foundation to confidently scale AI adoption in a highly regulated environment.
Curious how leading IT teams are tackling AI challenges and building strategies? Watch the full recorded session and unlock even more expert insights at JumpCloudLand.
For a quick overview of the session highlights and key insights, continue reading below.
The Problem: Shadow Decisions, Not Just Shadow IT
Renjit began the session by pointing out a key distinction in AI risk: to secure your AI strategy, you must address both shadow IT (using unapproved applications) and the risk of “shadow decisions.”
When users leverage agentic AI tools outside of identity controls, they are making decisions and processing data in a black box. In a fintech company operating under strict regulations like SAMA (Saudi Arabian Monetary Authority) and CBUAE (Central Bank of the United Arab Emirates), that’s bad hygiene and a compliance breach waiting to happen.
Tamara’s fear wasn’t about AI itself. It was about AI operating without context. If a user prompts an AI with sensitive customer data, who is tracking that? Is the device secure? Is the user who they say they are?
The goal for Tamara was to ensure that no one, human or AI, could touch their data without passing through a strict, identity-driven control plane.
Don’t Patch, Build a Foundation
A common mistake many of us make is trying to patch legacy systems to handle modern threats. We add a tool for this, an agent for that, and end up with a Frankenstein monster of security layers.
Renjit’s approach offered a clear alternative: “Don’t patch, but build.”
Tamara decided to build a cloud-native foundation from scratch using the Work Transformation Set, a productive combination of JumpCloud and Google Workspace.
By centralizing identity, they created a single source of truth. Now, no user interacts with a SaaS app, internal system, or AI tool unless JumpCloud verifies their identity, device health, and context.
Why Legacy AD Didn’t Cut It
Tamara operates a complex fleet. They have over 1,000 employees and 350 consultants distributed across multiple countries. Their device mix is roughly 50% Mac and 50% Windows.
Renjit stated that Active Directory (AD) was never designed for this world. Trying to make AD work for a remote-first, Mac-heavy environment would have required a massive investment in additional tooling and manual effort. And even then, Macs would likely continue to be less prioritized within the ecosystem.
By choosing a unified open directory platform, Tamara’s lean IT team can manage the entire fleet from a single console. They enforce encryption, manage patches, and control access without the operational drag of on-prem infrastructure. This cloud-native approach was the prerequisite for their Zero Trust strategy.
The ROI of Zero Trust: Speed and Safety
We often assume that more security equals more friction. If you lock things down, you slow things down, right?
Tamara’s story proves the opposite. Since implementing this strategy in 2022, they have seen staggering results:
- 70% reduction in onboarding time: Automated provisioning replaced manual checklists.
- 60% reduction in access management effort: Context-based access rules handle the heavy lifting.
- Zero critical security incidents: A clean sheet since implementation.
- 100% elimination of password reset tickets: By integrating their chat platform with JumpCloud APIs, users can reset passwords via self-service automation.
This efficiency gain allowed the IT team to pivot from “ticket closers” to strategic partners. Instead of resetting passwords, they are brainstorming automations and upskilling on AI governance.
Unlocking AI with Confidence
Because the foundation was secure, Tamara’s GRC (Governance, Risk, and Compliance) team could aggressively adopt Gemini AI.
They use it to draft policies, analyze regulations, and compare frameworks. Because access to these AI tools is governed by the same Zero Trust policies as everything else, the GRC team feels safe using them. They know that only verified users on encrypted, managed devices can access the environment.
The result? A nearly 50% reduction in policy drafting time. AI became an advantage rather than a security risk because the identity gap had been closed.
Advice for IT Leaders
Renjit closed with practical advice for IT directors: “Identity first, Zero Trust by default.”
If you try to bolt security onto AI after the fact, you could fail. You need to verify every user and every device before they ever reach the AI prompt. When you get the foundation right, security stops being a blocker and starts being an enabler.
The lesson is clear. You can’t control what you can’t see. By unifying your management stack, you gain the visibility and control needed to let your users innovate without putting the company at risk.
Ready to apply these proven best practices to your own organization? Gain actionable strategies and firsthand lessons from industry leaders by exploring the JumpCloudLand content library.
Dive in and stay ahead of what’s next.
