Enterprise AI agents need more than powerful models
Enterprise AI agents are autonomous or semi-autonomous systems that act on behalf of employees across apps, data, and infrastructure, making decisions and triggering actions, which means they must be managed with the same identity, policy, and audit controls that apply to human users to prevent unsafe access, data exposure, and unintended changes in production systems. As organizations move from AI trials to deployment, this control gap is becoming clearer. Powerful models alone cannot interact safely with complex workflows, legacy user interfaces, and mission-critical systems. They need secure cloud deployment options, clear AI agent controls, and reliable cloud AI security boundaries. Microsoft and Alibaba are responding by building agent-specific execution environments directly into their cloud platforms. Their goal is to give enterprises a way to sandbox autonomous behavior, keep agents under oversight, and still gain automation benefits across browsers, desktop apps, and cloud operations.
Windows 365 for Agents: Cloud PCs as controlled sandboxes
Microsoft’s Windows 365 for Agents turns cloud PCs into dedicated execution environments for enterprise AI agents. The platform lets organizations direct agents with natural language to work across applications, browsers, files, and enterprise systems, including legacy and UI-based tools that lack APIs, while staying inside existing security and management frameworks. Agents can be defined and run independently, continuously, or on demand using identity, policy, and device controls such as Microsoft Entra ID and Intune. This gives security teams a single place to enforce AI agent controls over multi-step workflows. Microsoft stresses the need for clear boundaries to maintain cloud AI security, with agents isolated from production systems but still productive. According to Julie Hersum, Principal Consultant at Microsoft, running agents in this controlled environment helps isolate risk and enforce security boundaries for autonomous operations.
Alibaba’s Qwen Cloud: AI-native infrastructure for secure agent deployment
Alibaba Cloud is extending its Qwen large language models into a full agentic stack designed for secure cloud deployment. Qwen3.7-Max, which Artificial Analysis ranked fifth globally and first among Chinese models with a score of 56.6 points, now anchors Qwen Cloud, an AI-native platform for building enterprise AI agents and applications. Qwen Cloud offers three entry points: a Skills layer for agents, a command line for workflow integration, and a website for human users. A new Skills portal converts capabilities from more than 60 cloud products into function-like Skills, making it easier for agents to call databases, big data services, operations, maintenance, and security tools in a controlled way. Alibaba is also upgrading its AI infrastructure with lightweight execution sandboxes, cross-task memory, and data circulation features to support reliable, governed agent runtime environments that match enterprise AI agents to operational needs.
JVS Agent Suite and mobile automation with Qwen
Beyond infrastructure, Alibaba Cloud is building enterprise-grade tooling around Qwen to keep AI agent behavior under organizational control. The JVS Agent Suite targets enterprises, developers, and individuals with toolkits that align agent capabilities to cloud-native security. JVS Claw Teams, built on the OpenClaw framework, supports 24×7 cloud operation, centralized distribution of proprietary Skills, and integrated security management, so teams can control which agents can trigger which actions. JVS Mobile extends these ideas to mobile intelligent automation, allowing Qwen-powered agents to support autonomous thinking, multi-agent collaboration, and complex task execution across applications. Together, these tools aim to make enterprise AI agents productive while still constrained by clear policy and access boundaries. Training initiatives connected to Qwen, including hands-on access to tools like Qoder and the QoderWork desktop AI agent, further encourage organizations to adopt governed agent workflows rather than ad hoc scripting.
From autonomous risk to governed workflows
Both Microsoft and Alibaba are trying to reduce the main operational risk highlighted by cloud security practitioners: autonomous AI agents operating in systems that enterprises do not fully see or govern. A Cloud Security Alliance report notes that AI agents require the same rigor and traceability as human users because they can access data and make business-impacting decisions. Without clear boundaries, agents may access unintended systems, extend beyond their intended scope, and amplify small mistakes across workflows. Microsoft’s answer uses cloud PCs and existing identity stacks to keep agents quarantined from production, while Alibaba’s Qwen Cloud and JVS Suite provide infrastructure-level sandboxes and Skills-based access to cloud resources. In both approaches, cloud AI security and AI agent controls are no longer add-ons; they are built into the execution layer that powers enterprise AI agents end to end.
