Boomi CTO: How Data Centres Can Embrace AI Governance

As data centres take on larger volumes of agentic AI workloads, operators are under pressure to maintain visibility, control and predictable performance across increasingly complex environments. 

Boomi’s Global Field CTO for API Management, Markus Müller, believes that effective AI governance must start with unified data foundations and continuous oversight of how AI systems behave. 

His work focuses on connecting fragmented systems and improving data quality so organisations can run AI reliably across the company – including hybrid data centre estates.

Boomi allows users to create what it terms a golden record – a unified, synchronised and trusted data source spanning business units – that powers both agentic and generative AI. This foundation means companies can manage and responsibly build their own agentic AI systems, opening the doot to hyper-productivity.​

In this Q&A, Markus shares insights on creating trusted data golden records, governing rogue AI agents and deploying Boomi's API strategies to power scalable, secure digital transformation.

How can tech leaders identify what rogue AI agents are doing before it’s too late?

To identify rogue agents before it’s too late, enterprises must achieve ‘always-on’ visibility of AI activity across the organisation. This will prevent AI agents from flying under the radar. 

IT teams should implement technology that automatically discovers AI agents at deployment and monitors how they use APIs to access systems and data. 

Because APIs enable agents to act autonomously, visibility at this level is key. With it, enterprises understand where AI is operating, evaluate its outputs and detect any security or privacy threats early. 

Additionally, clarity on agent behaviour reveals inefficiencies and areas for improvement. Taking these actions won’t just reduce risk, but will also help organisations to identify new ways to optimise their use of AI tools for performance and innovation.

If AI lacks predictability, how do we control agent improvisation?

Organisations must enforce governance right from the get-go. A ‘build-now-govern-later’ culture is just too dangerous when it comes to agentic AI. Instead, enterprises should embed governance right at the moment of production.

Having the ability to create AI agents straight from the box, with reusable elements, is the best way to do this. This means creating a centralised hub for AI management – allowing users to repurpose and customise existing agents for more specialised use cases. 

Critically, this centralised hub will apply governance to each agent created, utilising what’s already been built, ensuring best practice. 

This approach also benefits businesses by making it far easier to implement agent lifecycle management controls. 

These controls mean continuous checks can be carried out to make sure agents are compliant with the latest regulations, are integrated effectively and are operating as they should. 

This central hub would also allow enterprises to build deterministic processes for certain actions and share these as tools that different agents could utilise. 

This would give agents the autonomy they need to execute tasks, but prevent improvisation on how these chores are performed. 

For instance, the agent can still decide if a customer record must be created, but deterministic processes can ensure this is always done in the same way for consistent results. 

Does precision always equate to safety? Or can automated logic stumble?

Precision doesn’t guarantee safety and automated logic can still fail. Even with reliable inputs, an AI agent can make a mistake or act in unintended ways. 

For instance, an AI agent without the proper permissions might expose sensitive data or access a system it shouldn’t. 

To mitigate that risk, organisations must grant AI access to data on a need-to-know basis. 

A least-privilege approach will keep the blast radius as small as possible if something does go wrong.

Supporting this requires a single, authoritative source of truth for AI operations. A central management hub will enable teams to track every agent’s permissions, performance and behaviour in one place. 

With continuous visibility and oversight, they can identify anomalies early, adjust permissions quickly and ensure AI remains compliant. 

This foundation of controlled access and transparency facilitates rapid innovation without compromising on safety or trust. Building deterministic processes into workflows is another vital way of ensuring precision, ensuring agents still have autonomy to complete their tasks, but makes sure these are done in the right way each time.

Where do API and data guardrails play a role when agents call the shots?

AI agents may be autonomous by definition, but that makes having the right controls even more critical. 

Effective API governance and data guardrails are the key to keeping agentic AI in check. APIs form the connective layer that lets agents interact with enterprise systems. 

Yet the rapid growth of agentic AI is causing the number of APIs to soar. As adoption rises, many APIs are becoming unmonitored, outdated or unmanaged. If left unmanaged, these so-called ‘zombie APIs’ can create security risks and allow agents to act without oversight. 

To prevent this, organisations need an integrated API management strategy that tracks which APIs are used, by which agents and for what purpose. 

With this visibility, companies can ensure responsible data access, detect rogue behaviour early and optimise how AI operates across the business. 

Strong management turns potential risk into an opportunity for safer, smart innovation. 

What’s your number one, golden rule for safe AI innovation?

Organisations must ask themselves whether they trust their AI. After all, the speed of innovation depends on the speed of trust and, without it, adoption will stall. 

If business leaders can’t trust AI agents to act safely and transparently, they will not deploy them at scale – no matter how capable they are. 

Building confidence requires a robust AI, API and data management strategy. This will make it much easier to see how agents make decisions, access data and interact with systems. 

This is vital for getting leadership on board with AI initiatives so they too can reap the rewards. Visibility doesn’t just boost trust, but drives faster, more responsible innovation. 

In practice, this means unifying data, connecting systems and supervising AI agents holistically. 

When trust and governance align, businesses can scale AI with confidence to unlock its full potential.