What secure enterprise AI agents mean for cloud-first businesses
Enterprise AI agents are autonomous or semi-autonomous software entities that use large language models and tools to perform business tasks across applications, data sources, and cloud services on behalf of human users. As enterprises move from AI proofs of concept to large-scale deployment, these agents are increasingly embedded into enterprise cloud infrastructure, where they must interact with legacy systems, internal applications, and sensitive information without expanding the attack surface. This is turning cloud AI security and AI agent governance into board-level priorities, especially as agents begin to trigger transactions, update records, and orchestrate workflows across systems. Vendors now face pressure to provide isolated execution environments, policy-aware controls, and clear audit trails so that enterprise AI agents can operate with autonomy while still staying within defined boundaries set by security and compliance teams.
Microsoft’s Windows 365 for Agents: Cloud PCs as safe automation sandboxes
Microsoft’s Windows 365 for Agents brings a cloud PC approach to enterprise AI agents, giving each agent a controlled, policy-managed workspace. Organizations can describe tasks in natural language and let agents interact with applications, browsers, files, and enterprise systems, including UI-driven legacy software that lacks APIs. The key design choice is isolation: agents run inside Windows 365 environments governed by Microsoft Entra ID and Intune, so identity, device policy, and compliance rules still apply. Julie Hersum at Microsoft said that “running agents in this controlled environment helps isolate risk and enforce security boundaries so agents can operate autonomously while remaining governed by your policies and without negatively impacting production systems.” This dedicated execution layer helps reduce the risk of autonomous data misuse and supports cloud AI security controls that mirror those used for human users.
Alibaba Cloud’s Qwen Cloud: From models to production-ready agent stacks
Alibaba Cloud is extending its Qwen family from language models into a broader stack for enterprise AI agents in production. The flagship Qwen3.7-Max model, which Artificial Analysis ranked fifth globally in its large language model Intelligence Index, now sits at the core of Qwen Cloud, an AI-native platform for building agents and applications. Qwen Cloud offers three main entry points: a Skills portal tuned for agents, a command line interface for workflow integration, and a web interface for human users. These layers bring together proprietary Qwen models, open-source options, and third-party models for text, vision, audio, image, video, and embeddings. Dr. Feifei Li described this shift as supporting “a comprehensive, full-stack AI ecosystem” that ties large models to cloud operations, developer workflows, and automation. For enterprise buyers, this signals a move beyond model access toward enterprise cloud infrastructure built around secure, agent-centric runtime environments.
Skills, sandboxes, and mobile agents: Building safer runtime environments
Both Microsoft and Alibaba Cloud are focusing on controlled execution environments as the foundation of cloud AI security. Windows 365 for Agents provides isolated cloud PCs where multi-step workflows run within predefined boundaries, limiting which systems agents can touch. Alibaba Cloud’s new Skills portal converts capabilities from more than 60 cloud products into Skill-based and MCP-compatible functions that agents can safely call, including database, big data, operations, maintenance, and security tools that are wrapped as product-level agents. Alibaba Cloud is also updating its AI infrastructure with lightweight execution sandboxes, cross-task memory, data circulation controls, and intelligent operations and maintenance to support persistent, policy-aware agents. On mobile, the JVS Mobile platform extends these concepts to an enterprise-grade intelligent automation layer, enabling multi-agent collaboration and complex tasks across applications while keeping security management centralized through frameworks such as JVS Claw Teams and OpenClaw.
AI agent governance and the road to safer legacy integration
Enterprise decision-makers now treat AI agent governance as a requirement, not an add-on, especially when agents reach into legacy systems and shared cloud environments. The Cloud Security Alliance has noted that AI agents should be secured with the same rigor and traceability as human users, because they access data and make business-impacting decisions. Gidi Cohen warned that the bigger risk is “autonomous data misuse by AI agents operating in systems the enterprise doesn’t fully see, understand, or govern yet.” Microsoft’s dedicated cloud PCs and Alibaba Cloud’s Skills-based agent stack both reflect this concern: they give security teams a defined place to observe, constrain, and audit agent behavior. As organizations expand workforce training programs around platforms like Qwen and tools such as coding agents, those governance frameworks will determine how safely AI-driven automation coexists with critical legacy infrastructure and sensitive data.