Agentic artificial intelligence is advancing relentlessly, but its deployment in real enterprise environments clashes with a critical problem: governance. Snowflake, the well-known cloud data platform, has decided to take a strategic step by announcing the acquisition of Natoma, a startup specialized in the MCP (Model Context Protocol). The move is no coincidence: it responds to the growing need for organizations to control, audit, and secure the interactions of their AI agents with internal systems, SaaS applications, and critical workflows.

What does Natoma bring to Snowflake?

Natoma has positioned itself as an enabler of secure connections based on MCP, offering a governance and observability layer that allows companies to connect their AI agents — such as Cortex Agents, Snowflake Intelligence, or Cortex Code — with heterogeneous enterprise systems. This includes everything from SaaS applications to cloud environments, VPCs, and on-premises infrastructures. In Snowflake's words, the goal is to provide "the control and governance fabric" necessary to prevent these connections from becoming a risk.

The acquisition reflects a broader trend: the need for a centralized control plane for agentic AI. As Phil Fersht, CEO of HFS Research, notes, "MCP is becoming the connective tissue of enterprise agents, but without identity, policies, privileged access controls, and auditability, it can quickly become a shadow AI risk."

MCP governance: a challenge for CIOs

The MCP protocol is gaining traction as a standard for communication between AI agents and external systems. However, as Robert Kramer, managing director of KramerERP, warns, "MCP is a protocol, not a governance model in itself. It can standardize connections, but it can also standardize risk if access is too broad, tools are poorly governed, or agents are trusted too quickly."

For CIOs, this implies a paradigm shift: it is no longer enough to govern who queries a table; now they must control what agents can see, which systems they can touch, what actions they can trigger, and how everything is audited. Natoma promises exactly that: a governed MCP with verified servers, identity-based authorizations, policy enforcement, auditability, and gateway control.

Are companies ready for MCP?

Despite the enthusiasm, analysts agree that most organizations are not yet ready for mass adoption of MCP. "They want the productivity and context benefits, but their governance, identity, data classification, and access control models are still catching up," says Fersht. CIOs must avoid treating MCP as a "plug-and-play miracle," as agents can extract context from emails, Slack, CRM, and internal systems, but can also expose sensitive information or trigger incorrect actions if policies are weak.

Critical points to watch include identity-based permissions, least-privilege access, audit logs, human-in-the-loop oversight for high-risk actions, data leakage controls, and clear assignment of responsibilities when an agent makes a bad decision. In this regard, Snowflake's acquisition of Natoma could help CIOs build stronger foundations, although the path to maturity is still long.

Snowflake in the race for the AI control plane

The purchase of Natoma places Snowflake in a competitive position against other tech giants. As Michael Ni, principal analyst at Constellation Research, points out, "Data platforms won the analytics era. Whoever governs agents, context, and autonomous actions will win the agentic era. Natoma brings Snowflake the missing layer between insight and execution."

While SaaS providers like Salesforce, ServiceNow, and Workday integrate agentic orchestration capabilities into their offerings, hyperscalers like Microsoft, AWS, and Google consolidate their agent development tools. Snowflake, for its part, bets on governance as a differentiator. The real test will be whether it can integrate Natoma's capabilities seamlessly and whether CIOs can manage permissions, policies, and controls at scale without adding another layer of complexity.

Implications for the IT ecosystem

The news comes at a time when the market is seeking solutions to move from AI pilots to real production. In previous articles we have analyzed how time tracking and attendance management are essential for measuring productivity in IT environments, and how Rayfin or Microsoft seek to bridge the gap between agile development and enterprise production. Now, with agent governance, a new front opens: control of autonomous AI.

For SysAdmin and DevOps professionals, the integration of MCP and centralized governance implies new challenges in identity management, permissions, and auditing. As we saw in our analysis of GitHub, the trend is for platforms to simplify the developer experience, but at the cost of greater complexity in the control layer. Snowflake, with Natoma, seems to want to offer that balance.

The acquisition, whose financial terms have not been disclosed, is expected to close in the coming months. Meanwhile, CIOs must prepare for a future where AI agents not only execute tasks but do so under a strict governance framework.

Original source: ComputerWorld. Analysis and adaptation by ForgeNEX.