In 2025, the UK’s cyber resilience has been tested like never before. Major brands have made headlines after suffering disruptive cyberattacks, forcing them to halt operations and exposing sensitive customer data.

These incidents are not isolated. The UK government’s latest Cyber Security Breaches Survey reveals that 43 per cent of UK businesses experienced a cyber breach or attack in the past year, rising to 74 per cent among large organisations. Phishing remains the most prevalent and disruptive threat, and the financial and reputational costs are mounting. 

For IT decision makers, the message is clear: robust device management is no longer optional, it’s a strategic imperative. 

The evolving threat landscape

• Identity is the new perimeter: With traditional network boundaries dissolving, user identities have become the frontline of defence. Almost all (97 per cent) identity hacks are password spray or brute force attacks. Despite headlines proclaiming more sophisticated attacks, the majority of identity-based attacks still target weak or reused passwords.

• Ransomware on the rise: Human-operated ransomware attacks have surged, with 90 per cent of successful breaches originating from unmanaged devices outside the visibility and control of IT. 

• The AI impact: AI-driven phishing is now three times more effective than traditional methods. The increasing use of AI by attackers poses new challenges for detection and response, although AI can equally be used to defend against attacks such as by detecting anomalous sign-in patterns.

Why Traditional Approaches Fall Short 

Legacy Mobile Device Management (MDM) is no longer sufficient. The modern enterprise requires Unified Endpoint Management (UEM) and Unified Endpoint Security (UES) – these integrate antivirus, encryption, detection, and response into a single platform, ensuring consistent security across all devices and operating systems. 

How enhanced device management protects your organisation 

1. Limit identity breaches by adopting… 

• Mandatory Multi-Factor Authentication (MFA): Enforce phishing resistant MFA across all devices to drastically reduce the risk of unauthorised access, even if passwords are compromised. 

• Adaptive Access Policies: Integrate with Identity and Access Management (IAM) systems to trigger additional authentication or restrict access based on risk factors like device health, location, or user behaviour. 

• Continuous Monitoring & Zero Trust: Leverage AI and machine learning to monitor for anomalies, enforce “never trust, always verify” principles, and detect compromised credentials before they’re exploited. 

2. Prevent data breaches with… 

• Robust Encryption: Ensure data is encrypted both in transit and at rest, including full-disk encryption and protection for removable media. 

• Data Loss Prevention (DLP): Flag, track, and control sensitive data to prevent unauthorised sharing or exposure. 

• Remote Device Control: Instantly lock or wipe lost or stolen devices to prevent data leaks. 

Turning theory into practice 

Addressing Unmanaged Devices 

• Device Discovery: Use tools like Microsoft Defender for Endpoint to identify all devices (managed and unmanaged) on your network. 

• Onboarding: Bring unmanaged endpoints under management to close visibility gaps and reduce vulnerabilities. 

Leveraging Microsoft’s Ecosystem 

• Microsoft 365 & Defender Suite: Deploy built-in MDM, DLP, and Conditional Access Policies for consistent, integrated security. 

• Intune Security Baselines: Rapidly deploy recommended security configurations to all managed devices, addressing the root cause of most breaches – poor configuration. 

Navigating the Age of AI 

With 78 per cent of AI users bringing their own tools to work, device management becomes essential for controlling application use and preventing data leakage using tools like Mi. At the same time, modern device management platforms harness AI to predict threats, automate policy updates, and transform security operations from a reactive model to a proactive one. This ensures organisations stay ahead of evolving risks while maintaining robust protection in an increasingly complex digital landscape.

• BYOAI Risks: With four in five AI users bringing their own tools to work, device management is essential for controlling application use and preventing data leakage using tools like Microsoft Defender for Cloud Apps.  

• AI-Driven Security: Modern device management platforms use AI to predict threats, automate policy updates, and shift security from reactive to proactive. 

What next?

1. Assess your current device management posture: Identify unmanaged devices, poor configurations, and BYOAI risks. 
2. Adopt a unified, AI-powered device management strategy: Leverage Microsoft’s ecosystem and you’re existing M365 investment for comprehensive protection. 
3. Don’t wait for a breach: Proactive action today is the best defence for tomorrow’s threats. 

---

Ready to strengthen your security posture?

The Microsoft Security Briefing: Data Defence and Governance

Join industry experts and peers to explore the latest strategies, tools, and real-world insights for protecting your organisation in today’s threat landscape.

Secure your spot

The growing adoption of artificial intelligence and increasingly sophisticated cyber threats have collectively redefined what it means to maintain a secure and performant IT environment. Changes no longer happen in months or even weeks – the IT landscape is seemingly altered daily.

So, how do businesses deal with this increasing complexity? That’s where expert Managed Service Providers come into their own.

Modern environment demand modern expertise

The traditional boundaries of IT management have dissolved. Cloud platforms, remote working, multi-device ecosystems and AI-driven automation are no longer emerging trends but established standards. For many businesses, the sheer pace of change can be overwhelming. Internal IT teams, while expertly skilled, are frequently stretched to their limits by balancing multiple priorities including end-user support, cybersecurity, and strategic planning, without the additional consideration of constant, daily upskilling.

An MSP, however, brings specialised expertise, industry certifications and cross-sector experience to the table. Their teams are immersed in the latest technologies and best practices, enabling them to deliver future-focused solutions that are tailored to your business needs. From optimising your cloud footprint to ensuring seamless device management, MSPs keep your environment current and competitive while your teams can focus on what matters most to them.

Security: Proactive protection in a dynamic threat landscape

Cyber security is no longer a siloed departmental concern; it’s foundational to every part of the business – especially as AI and automation become integral to daily operations. However, with this, the risk profile expands.

Threat actors now use AI-powered attacks, targeting vulnerabilities at a pace and sophistication never seen before. To counter this, your businesses security must be proactive, adaptive, and relentless.

MSPs leverage advanced security tools to defend against evolving risks. Importantly, specialist partners can offer continuous monitoring and rapid incident response capabilities that are often out of reach for in-house teams alone. Compliance, too, can become more streamlined, as providers are familiar with navigating complex regulatory requirements. This ensures that your business meets standards such as GDPR and ISO, and is always audit-ready.

Performance: Delivering seamless user experience

Slow systems, downtime, or poorly integrated applications can erode productivity. MSPs can design and maintain environments and ensure they are fully optimised. They implement best-in-class monitoring tools, fine-tune workloads, and ensure that applications, infrastructure, and data pipelines work in harmony.

This focus on performance extends to business continuity. MSPs develop and regularly test disaster recovery and backup strategies, minimising the business impact of unexpected events. With their comprehensive oversight, potential issues are identified and remediated before they disrupt operations, allowing your teams to focus on innovation rather than firefighting.

Future-focused: Navigating the rapid evolution of AI

The transformational impact of AI in the workplace cannot be overstated. But with opportunity comes complexity (as you may have already experienced). Staying abreast of these developments is a daunting task for many businesses.

Gaining a strategic partner in this journey is critical to stay ahead of the curve. They provide a range of benefits, including:

• Ongoing education to upskill employees across your business
• Access to AI specialists to provide insights on emerging technologies
• Guidance on responsible AI use and ensure compliance with regulations.

Strategic growth: A value-driven partnership

Perhaps the greatest value an MSP offers is the ability for your in-house teams to refocus their energies on what matters most – driving the business forward. Routine maintenance, patch management, license optimisation, and regulatory reporting are handled efficiently. This partnership model transforms IT from a cost centre into an engine of value creation, enabling you to seize new opportunities.

The era of AI and rapid technology transformation has raised the stakes for businesses. MSPs act as trusted custodians of your digital environment, combining technical excellence with strategic foresight. They offer peace of mind ensuring you remain secure, compliant, and always ready to embrace the next wave of technological advancement.

If you’re ready to explore how an MSP can support your business goals, then we’re here with more than 20 years of experience in doing just that. As an Azure Expert MSP, we want all businesses to thrive on Azure, and that’s why we are offering an initial, free-of-charge 90 minute consultancy call to help workshop your challenges.

Sound interesting? Book a call.

Used correctly, AI can transform your organisation’s use of data – and The Data & AI Readiness Playbook gives you a seven-stage process for doing this successfully. However, user adoption can make the difference between success and failure for an otherwise well-thought through initiative. Here we look at the issues you might face and how you can overcome them.

As technologists, we want to believe that it’s our choices and actions that make the real difference. But it’s not tools that transform business, it’s people. Survey after survey shows that it’s user adoption that is the real key to the success of your transformation project“, explains Dan Knott, Cloud Direct Data & AI Practice Lead. 

Motivating employees to use new tools effectively, and measuring and managing this, is the difference between costly failure and transformative success. But before we look at how you do this, let’s consider why this might be necessary.  

Why bother driving adoption?

As humans, we are essentially creatures of habit. Neurologically, our brains are wired to form habits, and they account for roughly 40-45% of our daily actions.  

A new process or technology often requires us to change our behaviour – and it may seem easier to carry on as before. So, there’s also a level of inherent resistance to change that needs to be overcome.   

However, as humans we also have a remarkable capacity for learning and adaptation, but we need to see the benefit of change. Subconsciously we’re asking ourselves ‘what’s in it for me?’     

Where AI is involved there’s often an added mix of practical, emotional, and ethical concerns that also need resolving. Will it take my job? Will AI make decisions for me? Can I trust it? Will I be held accountable for AI errors? Will it be used to monitor me?  

Unless and until people know otherwise, these are valid concerns over what AI means for employees’ roles, job security, and daily experience. 

Tackling AI anxiety and engaging employees in change requires much more than good comms. It requires empathy, clear communication, visible leadership, and a people-first approach.  

Initiatives with strong adoption and change management processes are six times more likely to succeed.

According to a survey by change management specialists Prosi.

How to maximise adoption

If we’re being honest, AI is a big shift and for many employees it will be a big deal. So, let’s treat it like one. Here are seven key elements of driving a successful adoption. 

1. Build Change Management in from the start 
   • Establish a formal change management programme from day one. Change Champions will play a vital role as advocates for changes and as providers of peer-to-peer support. Alongside this you need a communication strategy that clearly explains ‘why’ change is occurring as well as the ‘what’ and ‘how’.  
2. Acknowledge and address user concerns  
   • Openly acknowledge anxiety and recognise that resistance is natural and expected. Different groups of employees will have differing needs, and you may need to create safe spaces for concerns to be voiced. Address common objections head-on with clear explanations and evidence. Often resistance stems from job fears, so be transparent about how roles will evolve rather than disappear. 
3. Explain the benefits  
   • Users like clear, tangible benefits. While it’s important to explain how AI is important to the business, answering ‘What’s in it for me?’ is more important in driving adoption. Position AI as an enabler (rather than a threat) and emphasise how AI can remove tedious tasks and support better decisions. Help people to see how it augments human capability, rather than replacing it. Ideally, tailor the messaging and provide use cases that are relatable to different types of roles.  
4. Involve employees early and often 
   • Inclusion turns resistance into ownership, so invite input into how AI can be used in specific departments. Directly ask: “How and where could AI help you most?” Regularly communicate progress and share real examples of how employees are using AI to make work easier or more rewarding. Since personal stories build trust far faster than tech demos, personalise examples to celebrate people, and not just the tech. For example, ‘How AI is helping Julie to produce monthly reports in half the time’. 
5. Provide practical, role-relevant training 
   • Focus on hands-on, scenario-based training, rather than theory. Deliver the training in as many different bite-sized formats as possible to suit different learning styles: lunch-and-learns, online tutorials, quick reference guides, drop-in sessions. As a rule, when people can see the benefit, they want to know more.  
6. Lead by example 
   • If leaders are visibly seen to be using AI, others quickly tend to follow. Not only does leaders’ use signal AI’s importance, but many of us learn working behaviours and practices from those above us. Nothing builds adoption like seeing your boss on the tools. 
7. Measure and iterate 
   • Success in user adoption requires it to be seen as an ongoing journey rather than a one-time event. Track quantitatively (usage rates, task completion times, errors) and qualitatively (user satisfaction and feedback) and use this to identify adoption barriers and continuously improve. 

Although this may seem like a lot of extra work, adoption is likely to be the single biggest determinant of project success. A good partner will help you to engage and involve internal comms, HR, change management and other colleagues that will help you achieve all this.  

Next steps

Download a copy of The Data & AI Readiness Playbook to learn more. You’ll discover how others are preparing for and using AI, and a seven-step process to unlock the value of your business data.  

Cloud Direct’s Data & AI Practice Lead Dan Knott explains how you can strike a workable balance between speed of delivery, cost, and effectiveness with Microsoft Fabric.  

I spend a lot of my time talking to executives and technologists. I understand the time and cost constraints; I understand the pressure to implement fast; I understand that many don’t have the appetite for lengthy assessments and strategising. But I also know that without some consideration of four key factors outside of, but directly impacting, Microsoft Fabric you’ll probably fail.    

But first, a quick reminder.  

Microsoft Fabric in a nutshell

You probably already know of Microsoft Fabric. It is a one-stop shop for data: a unified data platform that can ingest, process, analyse, and visualise your data. It centralises data storage in OneLake – a single, integrated data lake that supports structured, semi-structured, and unstructured data – and combines capabilities from Power BI, Azure Synapse, and Data Factory into a seamless experience.  

Since its November 2023 launch into General Availability, Microsoft has continued to add functionality and, if you’re not already, you should now be looking at it.

Is Fabric a quick win?

Many in IT are going to look at this as a relatively easy implementation. But is it a quick win?  

In one sense, yes. Fairly quickly, you can get to the point where it’s installed, providing some nice dashboards, and offering an incremental improvement over Power BI.   

But in terms of delivering genuine business value, it won’t.  

You’re going to hit obstacles. I know this because those that have gone before you are consistently telling me: “we tried to implement Fabric”, “we hit some bottlenecks”, and “the adoption wasn’t quite there”. 

Navigating the pitfalls and driving real value from Fabric

While Fabric will happily ingest data from anywhere, it won’t fix fundamental data issues and it relies on users asking the right questions.  

So, consider how the business is going to benefit from Fabric. There are valid analytical, AI, and machine learning use cases. If your use case is analytical, for example, and your interest is in sales, are you looking forwards or backwards? If you’re looking back, what lessons are you trying to take from this? If your focus is the future, how does this need to align with your growth or business strategy?  

Regardless of your objectives, if people don’t trust the data then they’ll soon stop using Fabric. This, in itself, raises questions around the data, like its reliability and accuracy (realistically some areas will be better than others), who owns it, and security and governance considerations around who can access what.   

Given the chance, I’ll always argue passionately for a strategic consideration of what I call your four key pillars: innovation, platform and technology, process and tools, and people and culture. It’ll help you to understand where you currently have gaps, where you can reliably use Fabric now, any priority areas for action, and enable you to make longer term plans. In short, it’ll enable you to ensure that your organisation can derive real business value from Fabric straight away.

Reality bites

Set against this, there are time and budget pressures: “we need to get this in”, “let’s do it and find out”, “what’s the worst that could happen?” 

But from what I’m seeing and hearing, without a bit of thought and planning your implementation won’t get much beyond a tick in the box.  

The adoption of Fabric is far wider than just putting the tech in, and if you’re familiar with project management’s ‘Iron Triangle’ you’ll know that when it comes to cheap, fast and good, and can only have two of them.

Striking the right balance

With a little planning and thought, a lot of the pitfalls can be managed and, to an extent, avoided.  

Your journey probably won’t be the same as everybody else’s, but if we think in terms of the four pillars I mentioned, you’ll already know that there are some gaps.  

What do you want to gain from your data? It needs to be grounded in purpose.  

Are there data quality issues? Who’s accountable for this data? Are there governance considerations, perhaps around compliance and who can see which data? Do users have the skills to use the data well?     

This will quickly tell you if ‘just do it’ feels rash or even scary, and whether or not you’re setting up Fabric to ultimately fail.     

So, why not incorporate a bit of planning up front? Make sure that we’ve got the whole picture and have given some thought to those other areas which will impact the wider implementation of Fabric. 

There’s often a lot of value to be gained from a thorough Data Strategy Assessment, but much depends on where you already are and, of course, time and budget pressures. This is where one of our Maturity Assessments will help you quickly create solid foundations for your Fabric implementation.    

Microsoft Fabric really can show the value, purpose, and reliability of your data – but please, please, please put a little time into ensuring that your project can deliver business value, and ultimately succeed, before you get started.   

If you’d like an informal chat about how you can best approach your use of Fabric, you can get in touch, using the form below.  

In the final part of this three-part blog series on Agentic AI, we outline 6 Key considerations before you get started. If you missed them, part one provided an introduction to Agentic AI, while part two looked at how Azure AI Foundry Agent Service can help you get started.

In one respect, getting started with Agentic AI couldn’t be easier. Create an Azure AI Foundry project in your Azure subscription, and off you go.

But we see this time and time again with new technologies. A lot of time and effort goes into exploration and experimentation, and its largely wasted. That’s because the experimental uses aren’t aligned to driving business value – and since the experiments don’t deliver business value, things don’t go much further.  

So, before diving head-first into Agentic AI, it’s wise to take a step back and consider some of the bigger issues. Agentic AI is a fundamental shift in how decisions are made, tasks are executed, and systems evolve.

These six key areas of consideration will help you to embark on your use of Agentic AI responsibly and effectively.

1: Strategy first

Define clear goals: Understand your organisation’s business challenges – whether it’s automating customer service, optimising logistics, or improving sales processes. Most departmental heads will share their workflow and process pains with you and Agentic AI works best with a well-scoped mission.

Prioritise pragmatically: Start with smaller problems – larger more ambitious ones can follow – that also enable tangible and measurable outcomes to be realised. This will also enable you to build trust.

Autonomy versus control: How does your organisation (more specifically, its leadership) feel about agents making decisions? How much oversight will they want? Azure AI Foundry Agent Service allows for both, but it’s important to define requirements and boundaries before you start work.

2: Technical readiness

Microsoft Azure: To use Azure AI Foundry Agent Service, you’ll need an Azure subscription with the right roles set up to create projects and agents. These will include Azure AI Account Owner, Contributor, and User.

Check infrastructure compatibility: Ensure that your systems can support agentic workflows. Consider which APIs, databases, or systems your agents will need to interact with and check that they can. Azure AI Foundry Agent Service supports over 1,400 Logic Apps, and has native integration with SharePoint, Fabric, and Azure Storage so this may not be an issue.

Evaluate data quality: AI agents need clean, structured, and relevant data to reason effectively: Garbage in, garbage out. In the short-term data quality may determine the type of workflow automations you can pursue. It may also dictate future initiatives around data quality.  

Model selection: Agents rely on an underlying large language model and there’s a wide choice available withinAzure AI Foundry Agent Service. Your choices should be based on task complexity, latency tolerance, and cost profile – you can vary model choice by project based to suit these requirements.  

3: Secure by design

Shift-left security: Integrate security from the word go. Consider the reputation of your provider, their security, how well it integrates with your security model, as well as data access, and tool permissions.

Set boundaries: Be clear which data agents can access, share, and retain. Build in constraints to prevent bias, misuse, or unintended consequences. There are many frameworks, like KPMG’s Trusted AI model, which can help.

4: The human touch

Design for collaboration: Your AI agents should be complementing and not replacing human judgment, so build interfaces that allow human guidance and intervention.

Training: As with any new technology, good training is important. Make sure that stakeholders and users understand how agents work, what they can and can’t do, and how to interact with them responsibly.

5: Governance

Set AI use policies: As well as setting boundaries, you should agree acceptable use cases – and since these will likely change over time, a review process – and escalation protocols. This should involve legal and operations as well as IT.

Accountability: Although Agentic AI can act, humans should remain accountable for outcomes, so decide who’s responsible for agent decisions.

Auditability and transparency: Ensure that agents’ actions and decisions are logged and that people know how to monitor, debug, and, if needed, intervene.

6: Skills development

Skills: Before you start playing with Agentic AI make sure that your dev team have the right skills. Although the Azure AI Foundry Agent Service makes experimentation relatively easy, they’ll need skills in Python, C#, TypeScript, Java, or REST.

Prompt engineering: To work well, it is critical that that agents have clear instructions and well-defined tools. Your dev team may benefit from specific training in this area.

Getting started: Azure AI Foundry Agent Service provides a range of Agent samples and quickstarts to accelerate development. As well as an Agent Playground that allows instructions, tools, and workflows to be tested.

Planning for success

Successful use of Agentic AI requires a considered approach. While some of these are straightforward checks and practical steps, others are more demanding ‘blank sheet of paper’ exercises that involve asking questions like ‘can this be fast-tracked?’ ‘What are others doing?’ ‘Why?’ ‘Are there ready-made good, or even best, practices I can follow?’ Only then will you be setting off on the right foot and heading towards Agentic AI success.

That wraps up our three-part blog series. Feel free to read back over blogs one and two, or if you’re ready to explore Agentic AI in more depth then you can request an introductory call with one of our subject matter experts to see how Cloud Direct help you successfully benefit from the use of it.