Understand the Shift Toward AI-Driven Interactions: ​A Guide to MCP

This approach enables new AI-enhanced customer experiences. Retailers, hospitality brands, travel platforms, insurers, and software as a service (SaaS) providers are already exploring how AI agents such as ChatGPT, Alexa-based agents, or partner AI applications can search for products, book services, request quotes, or complete transactions. 

When businesses build agentic workflows on third-party platforms, they must expose MCP externally to give these workflows access to enterprise data and allow them to perform actions.

This creates significant business opportunities but also introduces new challenges, including:

• New business interfaces become internet-facing. Through MCP, enterprise tools and APIs become accessible to external agents. Leaders must determine which capabilities to expose, at what level of detail, and with what safeguards.

• Trust boundaries shift from users to agents. Organizations must establish criteria for trusting consuming agents, including which agents are allowed, what identities they present, and what data they can access.

• Governance must be centralized and consistent. Without clear governance, teams risk creating shadow MCP servers or unmanaged tools, increasing the risk of data exposure, unauthorized actions, and compliance violations.

Executives must determine which workflows can be accessed by AI applications and how to securely expose them.

The second pattern involves enterprise AI assistants, agents, or copilots calling the external MCP servers that are provided by partners, suppliers, or industry platforms. This approach is already occurring in travel, financial services, logistics, ecommerce, and business-to-business SaaS.

This approach offers speed and expanded capabilities, but leaders must consider several factors, such as:

• Business impact versus business risk: External MCP-driven capabilities can directly drive revenue through bookings, underwriting, or ordering, but they also introduce dependencies on external technologies, tool changes, and potential failure risks.

• Compliance challenges: Outsourced tool calls may violate enterprise compliance boundaries if data crosses regions, partners, or regulatory zones.

• Reputational exposure: If an AI application misinterprets an external tool or produces faulty outputs due to external data, users will still associate the outcome with your brand. Leaders must define responsibility and establish effective guardrails.

Executives must determine when to rely on external MCPs and how to govern these dependencies to mitigate risk.

Across industries, early adopters implement strategies to maximize value and address common challenges.

• Explicitly chosen MCP role: Clearly define whether your organization is exposing MCP for third-party AI applications or building AI applications that consume third-party MCPs. These are distinct adoption paths with different trust models, risk profiles, governance needs, and failure modes. Treating them as a single use case leads to unclear ownership, weak controls, and increased risk of exposure.

• Internal experimentation and validation: Start with contained use cases in which AI applications interact only with internal MCP servers or are not yet exposed externally. This approach builds organizational experience and highlights governance and security needs early.

• Controlled exposure: When exposing MCP externally, begin with read-only or low-risk workflows, such as allowing only specific AI agents. Implement stronger identity, policy, and schema controls before enabling transactions or sensitive operations.

• Centralized governance: Organizations must standardize tracking, control, and auditing of MCP servers, tools, identities, and workflows.

• Protection and response: Enterprises need real-time controls to authenticate agents, validate schemas, and block MCP and tool misuse before it causes data loss or disruption.

• Continuous validation: Static controls become outdated quickly. As AI behaviors, schemas, and workflows evolve, leaders should anticipate ongoing schema drift, privilege drift, and new misuse patterns. Continuous testing and red-teaming are essential.

A practical first step is to make MCP use visible and intentional.

• Early visibility: As organizations experiment with MCP, the immediate need is to determine whether MCP endpoints exist, who is interacting with them, and what actions are being requested. This visibility transforms MCP from an abstract concept into a concrete security concern that teams can address and prioritize.

• Accidental exposure prevention: Equally important is avoiding accidental exposure. In early phases, many organizations benefit from a default posture: MCP is not externally accessible unless explicitly approved. This approach allows for experimentation while reducing the risk of unintended data access or automation abuse.

• Consistent enforcement: From there, existing application security controls naturally extend to MCP-based interactions. This helps organizations distinguish legitimate AI access from abuse, apply consistent trust decisions, and monitor how this new interface layer evolves over time.

• Measured progression: This approach allows organizations to move forward with MCP deliberately and learn from real activity, reduce unexpected exposure, and build confidence before broader adoption.

Akamai enables organizations to act now.

By building on our existing edge, API, and application security platform and extending it with MCP-aware intelligence, we help teams identify where MCP is emerging, apply practical guardrails during experimentation, and manage risk as exposure grows.

This approach allows organizations to adopt MCP today while relying on Akamai to evolve protection, visibility, and control as MCP use develops.