As data estates continue to grow in complexity, the burden on IT teams to deliver accurate, timely insights is heavier than ever. Many organisations whose data environments have grown organically over years are experiencing data sprawl, infrastructure inefficiencies and limited interoperability. The question now becomes how to evolve into something more unified, scalable, and future ready.

That’s exactly why we were eager to deliver an interactive Fabric Analyst in a Day workshop, in partnership with Microsoft. This workshop provided data analysts, BI specialists and technical decision makers with a guided, hands-on introduction to Microsoft Fabric, grounded in real practice rather than high-level theory.

Following our most recent workshop we caught up with our course leaders and technical consultants, Andy Jones and Kabita Thapa, to discover the key insights from day.

What is Microsoft Fabric?

For many attendees, Fabric was something they had heard of but never had the opportunity to properly explore. As Andy Jones explained during the session, Fabric brings together what used to be multiple, separate Azure and Power BI components into one cohesive platform.

Traditionally, delivering an analytics project meant stitching together different services and platforms, each with its own configuration, deployment steps, security model, and costs. Fabric replaces this complexity with a single, integrated environment where:

• Data Factory
• Data Engineering
• Data Science
• Data Warehouse
• Real‑Time Intelligence
• Power BI reporting
• And Databases

…all live in one place.

This integrated experience ensures your whole data team, from data analysts to senior data engineers have the capabilities they need. The result is a more cohesive and efficient way to unlock business value from data.

Hands‑on learning in Fabric: The advantages of practical application

A key consideration for the day was participants wanting real experience in Fabric, not just another slide deck. Many had been working in Power BI or other analytics tools for years but had never stepped into the broader Fabric environment.

That’s why the hands‑on labs were so powerful.

Attendees moved through each stage of the analytics lifecycle throughout the day, from ingestion to transformation to visualisation. At each stage practical tasks provided the opportunity for attendees to explore the platform independently using synthetic data to replicate how they might use the tool in the real-world. Kabita and Andy were able to guide attendees one-on-one to build confidence and answer any questions.

One participant, who had previously relied heavily on Excel for reporting and visualisation, remarked how refreshing it was to experiment with Fabric ahead of their organisation rolling it out. Providing them the essential insight into how it can be used to evolve their reporting into a scalable, governed model.

Key Fabric benefits highlighted

1. A single place for all your data: introducing OneLake

The OneDrive for your data, introducing OneLake – Fabric’s central data hub. OneLake brings all organisational data into one governed location rather than scattering it across services and storage accounts. This resonated strongly with attendees during the workshop, and reflects one of Fabric’s most compelling benefits: fewer moving part means more control.

2. Built‑In AI for Faster Insight

Attendees were excited to hear about Copilot in Fabric, where AI assistance is embedded directly in the platform. From transforming data to narrating visuals to suggesting insights, AI is infused throughout the Fabric platform.

3. Practical Skills That Apply Across Roles

Whether you’re a Power BI analyst, a data scientist, or an IT professional responsible for governance and security, Fabric offers benefits that map naturally to different job roles. It also empowers a data culture across the business, with seamless integration from data to visualisation.  

Common Microsoft Fabric Misconceptions

A recurring myth uncovered in the workshop is that adopting Microsoft Fabric means rebuilding everything or starting from scratch. Andy addressed this directly:

“In reality, attendees saw how Fabric can complement and extend existing Microsoft data investments while simplifying the overall architecture.”

Fabric works with, not against, your existing Microsoft investments. Teams can modernise at their own pace without wholesale migration.

Another misconception is treating Fabric as a set of separate features. As both Andy and Kabita emphasised, the real value comes from the interconnectedness of the platform, not individual components.

Why Attendees Found the Day Valuable

• They gained exposure to parts of the Microsoft data stack they’d never used before
• They could troubleshoot in real time with two expert instructors
• They left with clarity on how Fabric fits into their organisation’s analytics maturity
• They experienced the end‑to‑end journey of a modern analytics workflow

Feedback from attendees:

Allowing a VM (Virtual Machine) environment so we can effectively trail the tool in a protected environment was really good

The content was really detailed and useful to understand Microsoft Fabric and the trainers were really proactive and helpful.

Course leaders were very knowledgeable and helpful if attendees had any issues with the labs

What’s Next? Pathways following the Fabric Analyst in a Day Workshop

All attendees received a certificate for completing the workshop, but what’s next on their Fabric journey. Depending on their own roles there are many paths that they can take, including:

• Exploring Fabric’s free trial capabilities
• Diving deeper into the workloads most relevant to their role
• Working towards Microsoft Fabric certifications, such as Fabric Analytics Engineer Associate and Fabric Data Engineer Associate.

This workshop is the start of a clear route to certification that can make learning Fabric feel more concrete and something attendees could integrate into their professional development goals.

If you would like to attend a future Fabric Analyst in a Day workshop or want to discuss how Microsoft Fabric can better enable your organisation for innovation. Reach out to our experts using the form below.

Infrastructure delivery is progressively moving to a cloud-native model. However, uncertainties caused by VMware licensing changes are adding a new urgency to strategic decision making. We consider the challenges in moving to a cloud-native infrastructure and the role that Azure VMware Solution might play in the journey.  

For more than two decades, enterprise IT has been built around the data centre. For much of that time the default computing model has been server virtualisation, typically with VMware vSphere. This abstracted the physical hardware to improve utilisation and created a a stable, controllable environment. Infrastructure teams optimised for uptime, capacity planning, and cost efficiency.  

And it’s a model that has worked very well… but the focus is shifting. 

Competitive pressures now demand faster application delivery, greater elasticity, API-driven integration, and continuous iteration. The objective is no longer simply ‘efficiency’, it’s business agility. Which means cloud platforms, platform services, API-driven architecture, containers, and DevOps operating models.   

However, many organisations can’t simply switch to cloud native. 

Cloud Native challenges

While a cloud-native architecture promises resilience, scalability and speed, organisations need to first overcome several challenges.  

• Reliance on legacy applications 
  If key systems are monolithic, tightly coupled to specific OS versions, and/or dependent on infrastructure-level configurations, they can’t quickly or easily be refactored.  

• Skills gap 
  Typically, existing staff don’t have the skills or the working culture to support a cloud native approach. They’ll need time to become skilled with infrastructure as code, continuous integration, development and deployment (CI/CD) pipelines, and new security models, as well as to adapt to a product-centric delivery culture. 

• Risk 
  Core systems, such as ERP and finance, can’t tolerate disruption – especially in regulated environments. ‘Big bang’ changes are inherently riskier, and it may be a level of risk that isn’t acceptable to your senior leadership team. 

• Commercial realities 
  Speed of change may also be limited by hardware investment cycles or data centre contracts, multi-year licensing commitments, and data residency requirements.   

Hybrid by necessity: the transitional phase

Where a rapid move to Cloud Native isn’t practical, a more measured, incremental transition is possible.  

Organisations can adopt a hybrid model and separate infrastructure migration from application modernisation, moving workloads off ageing infrastructure and stabilising first before evolving. 

It is important to distinguish here between cloud location and your cloud operating model. Running workloads in a public cloud doesn’t automatically make them Cloud Native, but it can create the conditions for modernisation. 

Which is where Azure VMware Solution (AVS) can help. 

What is Azure VMware Solution? 

You can think of AVS as a half-way house on your journey from a data centre centric to cloud-native infrastructure.  

AVS gives you a fully managed VMware environment running natively within Microsoft Azure. It provides a dedicated, private cloud infrastructure built on the familiar VMware stack — vSphere, vSAN and NSX — delivered as a Microsoft service. Operationally, it looks and behaves like the VMware environment many organisations already run.  

Crucially, workloads can be migrated with minimal or no re-architecture. Existing tools, processes and skillsets remain relevant.  

In simple terms: AVS allows organisations to relocate their VMware estate into Azure without rewriting applications. 

AVS as a strategic bridge 

Azure VMware Solution is not an end state, but it provides an easy to manage route to Cloud Native.  

1. Reducing infrastructure risk 
AVS enables workloads to be quickly moved into Azure, reducing your reliance on physical infrastructure without introducing immediate application risk. It separates the infrastructure decision from the application decision. This is especially important for organisations facing data centre exits, hardware refresh cycles, or cost pressures.   

2. Buying time for modernisation 
By lifting and shifting VMware workloads into Azure, you can then assess applications individually. Some may be retired, others may be re-platformed, and a smaller subset may justify full re-architecture. The key is sequencing. Infrastructure migration first, application transformation second. 

3. Supporting skills transition 
AVS also buys you the time and space to make a controlled transition, allowing your infrastructure team to continue to operate in a familiar way, while gradually integrating Azure-native services and developing new, cloud-native skillsets.  

4. Enabling gradual integration with Azure services 
Once workloads reside within Azure, they can begin consuming native services such as backup, disaster recovery (DR), security tooling, networking, analytics, and eventually platform services. 

AVS becomes more than a hosting platform: it becomes a staging post for transformation. 

When AVS makes sense and when it doesn’t 

AVS is particularly compelling where: 

• There’s an infrastructure deadline: data centre contract renewal or hardware refresh 

• There’s a sizeable VMware dependency 

• VMware licensing changes have impacted budgets and altered economics 

• Application refactoring would take years 

• Risk tolerance is low 

• There are regulatory or resilience drivers. 

It is less compelling where: 

• Applications are already containerised 

• Cloud-native delivery capabilities are mature 

• Greenfield platforms are being built from scratch. 

Discover what’s right for you 

While an immediate cloud-native transformation is an attractive notion, practical challenges may dictate otherwise. Many organisations will pragmatically follow a path from virtualised data centre to hybrid infrastructure, cloud-hosted VMware, incremental re-platforming, and targeted cloud-native adoption.  

AVS can play a deliberate role in that journey, as an enabling platform that reduces risk, protects operational continuity, and creates breathing space for transformation. 

But, like any architectural decision, individual circumstances matter. 

What’s next

Further your knowledge by registering to attend ‘Navigating the path from AVS to Cloud Native’ on Monday 23 March at The Shard, London. At this punchy, half-day briefing you’ll hear:  

• Microsoft’s Ron Goedhart explaining The Foundation for Content Modernisation 

• Aspen Insurance’s Head of Cloud, Julianne Franz outline learnings from their cloud-native journey 

• Microsoft’s Nelson Pereira describing the value you can drive with Data Factory    

• Cloud Direct’s Jonathan Moore outline the help that can accelerate your journey    

Unable to attend? Request an introductory call with a subject matter expert using the form below, and see how Cloud Direct can help you successfully prepare for cloud-native infrastructure.   

There is often a healthy dose of scepticism when we talk about changing how you consume cloud services. During our recent webinar, it became clear that while many IT leaders may be considering how they can gain a better CSP service, a few common myths are still acting as “cloud anchors,” holding businesses back from making a move. 

Let’s pull back the curtain on these concerns and look at the reality of evolving your Azure relationship. 

Myth vs. Reality: Your CSP Questions Answered 

Myth 1: “Moving will cause significant downtime.” 

In most cases, switching is a backend billing transition. Your virtual machines, databases, and applications keep running exactly as they are. There is no migration of data, just a change in who manages the invoice. 

Myth 2: “I’ll lose control of my data.” 

You remain the owner of your data and your Azure environment. The right partner simply provides a layer of expert management and governance on top. You still hold the keys, a partner will just help you drive more efficiently. 

Myth 3: “It’s expensive to switch providers.” 

There is typically no cost from Microsoft or a new partner to transition your billing. In fact, with our CSP+ the move is designed to unlock immediate cost savings that weren’t being captured before, and in time help you gain additional savings from cloud optimisation.

Myth 4: “I’m locked into a restrictive contract.” 

Modern CSP agreements are built for agility. Unlike traditional rigid enterprise commitments, CSP+ offers more flexibility to scale your resources up or down as your business requirements change. 

Breaking Down the Barriers 

1. Will our relationship with Microsoft change? 

Not in the way you might fear. You aren’t leaving Microsoft; you are simply choosing a more personalised way to consume their technology. You still benefit from the Microsoft infrastructure that you are familiar with, but you gain a dedicated partner who knows your specific environment inside out. Think of it as having a direct line to Microsoft, with a translator and an advocate standing next to you. 

2. How easy is it to actually switch? 

Once we establish a reseller relationship in your Partner Center, the process is largely administrative. We handle the heavy lifting of the transition, ensuring that your existing configurations and resource groups remain intact. 

3. What about my current provider? 

We often see concerns about breaking existing agreements. Most modern cloud arrangements are designed to be portable. We can review your current setup to ensure a clean handover, often identifying ways to exit legacy lock-in scenarios that are no longer serving your best interests. 

4. Who really owns the environment? 

You do and you should feel in more control not less with the right partner. You retain your Entra ID (formerly Azure AD) tenant and all associated permissions. The role of a great CSP partner is to provide additional support to help you run the environment smoothly. Providing the proactive monitoring, and the technical guidance that helps you stay ahead of the curve. Total transparency is a cornerstone of the CSP+ model. 

Ready to unlock more from Azure? 

By dispelling these myths, we can focus on what really matters: giving you full control and visibility of your operations with expert guidance to deliver for your organisation. 

Watch our webinar to discover how CSP+ can benefit your business. 

Written by Dan Knott, Data and AI Practice Lead 

Technology alone won’t transform your organisation. If it did, every business with a reporting tool, a data warehouse or an AI pilot would already be an industry leader. 

You can’t buy a data culture. And that’s exactly where most organisations go wrong. 

They expect that a platform, like Microsoft Fabric (powerful as it is), will magically create alignment, consistency, and better decision making. But real cultural change doesn’t come in a box. It comes from people: how they work, how they think, and how they use data to drive the business forward. 

In this follow-up to our Blueprint of a Great Data Culture, I’ll delve into the practical steps IT leaders can take to embed data into the fabric of their organisation and highlight the common pitfalls that stall so many initiatives. 

The 3 Key Mistakes That Hold Businesses Back 

Many organisations that think they’re becoming data driven, but in reality, never quite get there. There are a few common pitfalls that I’ve seen time and time again.  

1. Treating data culture as a technical project: Data culture isn’t a reporting rollout, a BI project, or an AI pilot. Those are outputs. Culture should be embedded in the way of working.  
2. Missing business involvement from the start: Building a data culture will not be possible unless everyone in the business is bought in. Without cross department input, teams are not invested and it can feel like another unnecessary process. 
3. ‘This is how we’ve always done it’ mentality: Gutfeel decisions. Spreadsheets saved on desktops. Siloed versions of the truth. Culture change means letting go of old habits, and that can’t happen without intentional support. 

Practical Steps to implement a strong data culture  

Creating a data culture begins long before platforms and dashboards. IT leaders must shape and secure a business-wide mandate for change. Here’s how: 

Step 1: Start with Leadership and Vision 

Senior leaders must be the ones driving and backing the cultural shift. Leadership support empowers IT teams by enabling them to work seamlessly without resistance. They also encourage the company-wide adoption that is critical for success. 

Key actions to take: 

Build a shared vision with the C-suite 

• Run a workshop with key business leaders to help align data initiatives with business goals. Consider cost reduction, customer growth, compliance and operational efficiency. 

Translate the vision into a business-backed roadmap 

• Build a structured roadmap that demonstrates key milestones, from quick wins to long-term business outcomes. Each milestone should be measured and tracked to a KPI to ensure successful review.  

Secure executive sponsorship 

• Dedicated exec sponsor(s) should champion the change publicly in various forums to reinforce expectations as well as model the intended behaviours you want employees to adopt. They should also ensure that there are adequate resources allocated to the initiative.  

Step 2: Establish a Single Source of Truth 

Every organisation struggles with spreadsheet chaos. It’s easy for different teams to manipulate the same numbers in different ways, potentially coming to wrong conclusions. Most critically, having a trustworthy data platform lays the groundwork for AI readiness. If the data isn’t accurate and trustworthy, neither will the AI be. It’s that simple. 

Key actions to take:  

Identify and prioritise core data domains 

• Start with areas where inconsistent data causes the most friction. This could include customer master data, finance/forecasting, marketing attribution and service delivery metrics. Then run a data audit to understand where the data lives, who owns it, how many versions exist, and how it’s currently used (and misused). 

Design a governed, accessible architecture 

• This typically includes implementing a unified data platform such as Microsoft Fabric, defining ownership and ingestion processes, as well as controlling access where necessary. There should also be a built-in data quality and validation processes. But governance doesn’t have to be heavy-handed. You need to start with core principles, not long policy documents. 

Clean the data before surfacing it 

Before exposing dashboards, you should… 

• Fix critical data quality issues 

• Validate key metrics with business users 

• Document known limitations 

• Test data accuracy with “friendly sceptics” in the business 

Step 3: Build Data Literacy Across the Business 

A sophisticated data platform is meaningless if people don’t know how to use it, or don’t share the same language. Data literacy isn’t about teaching everyone Python or SQL. It’s about ensuring people can understand the metrics, interpret the data, and apply insights in their role. 

Key actions to take:  

Create a business glossary 

Start with essential, high-impact terms such as:  

• What does “Gross Margin” mean here? 

• When does an Opportunity become Qualified? 

Co-create definitions with each business function. Host them in a central, easy-to-access place. 

Run role specific training 

Avoid generic “Power BI training for everyone,” And instead design learning journeys by role: 

• Exec team: reading dashboards, challenging assumptions 

• Sales: understanding pipeline metrics 

• Marketing: attribution logic, campaign performance 

• Finance: forecasting and scenario modelling 

• IT: governance, access, troubleshooting, lineage 

You should also make data literacy part of your company’s induction process. This makes data driven behaviour a default, not a bonus. 

Encourage “data ambassadors” 

Identify individuals who naturally ask good questions and understand the tools. These are people who can influence their peers and support with questions. 

Step 4: Embed Data into Everyday Behaviour 

A culture only forms when new behaviours become habit. It needs to be embedded in employees’ regular ways of working to be effective.  

Key actions to take:

Integrate data into existing rituals 

Rather than creating new processes: 

• Use dashboards for monthly performance reviews 

• Review KPIs at weekly team meetings 

• Incorporate data into quarterly planning 

• Make reports the default starting point for decision making 

Standardise on agreed tools and dashboards 

• Nothing kills culture like fragmentation. Ensure your entire organisation is aligned by making it clear which dashboards are “the single source of truth” and decommission redundant spreadsheets and shadow systems. 

Use Power BI and Fabric to democratise access 

• Give teams self-serve analytics where appropriate, but with standardised definitions, pre-built data models, and simple, clear visualisations. Self-serve only works when the foundation is governed. 

Step 5: Start Small, Celebrate Wins, and Iterate 

Cultures shift gradually. Start small, and celebrate where it is going well. 

Choose small, visible use cases first 

Good examples: 

• Reducing forecast discrepancies between Sales and Finance 

• Improving campaign reporting accuracy in Marketing 

• Reducing manual spreadsheet reconciliation in Operations 

Quick wins build belief. 

Create a feedback loop 

You need that feedback loop… a great data culture never stands still. 

Implement: 

• Monthly data council meetings 

• Dashboards tracking data quality 

• Suggestion channels 

• Regular retrospectives after report launches 

Publicly celebrate success stories 

People adopt what they see being rewarded. You should showcase wins including: Who used data to solve a problem, Where a decision changed because of insight and what the key outcome was.

Iterate continuously 

Your data culture is a living system, not a project: 

• Update definitions as the business evolves 

• Add new use cases 

• Improve data models 

• Retire reports that no longer serve a purpose 

• Continually refine governance 

Culture compounds through iteration. 

Ready to strengthen your data culture? 

If you’re looking to build a data culture that drives decisions, unlocks AI readiness, and aligns your entire organisation, we can help you. Cloud Direct works with leaders who want to break through old ways of working. To build something stronger, smarter, and more sustainable.  Reach out to us using the form below.

If you’re searching for more information to help plan your AI journey, our data and AI playbook can help to guide you.

Every year, Microsoft retires a new wave of products as it accelerates its cloud-first and AI-powered roadmap. For IT leaders, these changes can directly impact security, budget planning, operational continuity, and the ability to adopt the latest Microsoft innovations. 

2026, in particular, is a year of major inflection points. Several widely deployed Microsoft platforms move into final support phases or are superseded by modern cloud equivalents. At the same time, Microsoft is combining parts of its security ecosystem. Most notably unifying Sentinel (SIEM) and Defender XDR–led operations under a single operational model. 

This guide highlights the key product changes coming in 2026, so that you can prepare for how these may affect your organisation.  

Why Microsoft End of Life in 2026 Matters for IT Leaders

End of Support isn’t just a date in a spreadsheet. It has real-world implications:

1. An increase in security risk 

Unsupported systems become immediate targets for attackers. No patches, no fixes mean just vulnerabilities waiting to be exploited. In today’s landscape, this is no longer acceptable risk; it is a board level issue. 

2. Blockers to modernisation and AI adoption 

Legacy operating systems and server platforms cannot support Microsoft’s modern technologies such as AI services like Copilot. Staying on outdated systems means you cannot use the capabilities Microsoft is investing in the most. Therefore, limiting the innovation of your organisation. 

3. Rising operational cost and technical debt 

Legacy infrastructure becomes increasingly expensive to maintain, whether due to bolt on security solutions, extended support costs, or complex workarounds needed to keep ageing apps running. 

2026’s Most Impactful End of Support Milestones 

Mark your calendars. These are the product changes you need to know. 

Windows 10 

Deadline: 2026 marks the end of Year 1 ESU 

While the primary Windows 10 end of support (EOS) date landed in 2025, many organisations will rely on Extended Security Updates (ESUs) through 2026. Crucially, 2026 is Year 1 of ESU, which is the lowest cost year before fees escalate significantly. 

Remaining on Windows 10 means organisations shoulder increasing risk and cost. It also limits access to new capabilities delivered only on Windows 11, including Copilot and Intune management features. 

For IT leaders, 2026 is the final window to: 

• Complete fleet migration to Windows 11 

• Retire non-compliant hardware 

• Evaluate Windows 365 for legacy application continuity 

• Refresh endpoint standards and Zero Trust policy enforcement 

Windows Server 2016 

Deadline: EOS 12 January 2027. 2026 is the final full year to migrate 

Windows Server 2016 moves into its last full year of support in 2026, ahead of its hard EOS on January 12, 2027. Despite its age, it remains heavily deployed across midmarket and enterprise environments, often underpinning identity, file services, and key business applications. 

Outdated servers introduce material risk into the environment. Particularly when used for Domain Controllers or critical application workloads. As a result, 2026 becomes the decisive year for planning and executing migrations. 

Recommended priorities include: 

• Assessing which workloads can be rehosted or modernised in Azure 

• Upgrading or redesigning domain controller architecture 

• Planning dependency remediation for older line of business apps  

SQL Server 2016 

Deadline: EOL on July 14, 2026 

SQL Server 2016 remains common across operational reporting systems, ERP backends, and custom applications. Its hard deadline of 14 July 2026 means organisations must accelerate planning now, particularly where refactoring or cloud migration is required. 

Migrating from SQL 2016 opens the door to: 

• Azure SQL Managed Instance 

• Azure SQL Database PaaS 

• SQL Server 2022 (for on-prem regulatory or isolation requirements) 

• A more modern data platform aligned to Azure, Fabric, and AI initiatives 

SharePoint Server 2016 

Deadline: EOL on July 14, 2026 

On premises SharePoint is still widely used in organisations with complex intranet structures, document retention requirements, or customised workflows. These organisations face rising operational risk if they are not quick to react. 

Migrating to Microsoft 365 brings significant benefits. Including more secure collaboration, modern intranet capabilities via Viva Connections, Power Platform based workflow automation, and reduced infrastructure overhead. 

Office LTSC 2021 

Deadline: EOL on October 13, 2026 

This is important for organisations that deliberately avoided cloud subscriptions. Office LTSC 2021 was often purchased as the “safe”, perpetual alternative to Microsoft 365. But its end of support on 13 October 2026 forces a strategic decision: 

• Move to Microsoft 365 Apps for Enterprise 

• Or accept major compatibility, security, and integration limitations 

More importantly, Office LTSC will not benefit from the rapid innovation cycle. Meaning your organisation will miss out on the latest AI and collaboration offerings that are central to Microsoft’s ecosystem. 

Security Modernisation: Sentinel to Defender Portal Consolidation 

This isn’t a product retirement, but it is a major operational shift. 

New sunset date: 31 March 2027 

Microsoft has extended the retirement date of the classic Log Analytics based Sentinel portal in favour of the unified Defender security portal, from 1 July 2026 to 31 March 2027. This allows customers to additional time to seamlessly migrate.  

This change means: 

• Investigation, hunting, and response become Defender centric 

• Sentinel continues as a SIEM, but its UI moves into Defender 

• SOC teams must retrain on new workflows 

• Tooling consolidation may reduce duplicated platforms 

This aligns with Microsoft’s broader strategy: unified SIEM and XDR experiences under Defender, reducing complexity and improving correlation across identity, endpoint, network, and cloud workloads. 

Conclusion: 2026 Is the Year to Reduce Risk and Remove Roadblocks 

The Microsoft products hitting end of support, or undergoing major strategic repositioning in 2026 represent some of the most widely deployed technologies in corporate IT. 

Addressing them means reducing security risk, unlocking AI capabilities, and freeing your organisation from legacy technical debt. 

Acting on these changes in 2026 will set the foundation for a more innovative future for your organisation.  

Not sure where to begin? Reach out to one of our experts using the form below. Tell us the technology you are concerned about and we will be in touch to discuss a solution right for you.

Are you getting the full value from the Microsoft 365 licenses you’re already paying for?

Licensing for Microsoft 365 (M365) is no longer just a question of cost control. It’s a strategic lever for business productivity. As the suite of Microsoft offerings evolves, so too must the approach organisations take to managing their licensing. We don’t need to tell you that getting this right impacts the capabilities your teams have at their fingertips. Not to mention the ability to scale and secure your business with confidence.

Beyond the Price Tag: Why Licensing Matters

Many organisations focus solely on licensing as a cost to be minimised. While cost efficiency is important, the true value of smart licensing management goes far deeper. It’s about reducing complexity, avoiding shadow IT and most importantly ensuring every user has the tools they need to do their best work.

Misaligned or fragmented licensing can lead to significant challenges, specifically:

• Under-licensing: Where users lack access to key features, resulting in productivity gaps, workarounds, and compliance risks.
• Over-licensing: Where organisations pay for features and services their users never touch.
• License sprawl: Having multiple SKUs scattered across the environment, leading to administrative headaches and missed opportunities for bundling.

Mapping Needs to Capabilities: The Power of the Right License

Not all users are created equal. An executive, a developer, and a frontline worker each have distinct needs and workflows. Microsoft has responded by offering a portfolio of flexible, feature-rich licenses such as Microsoft 365 E3, E5, and Business Premium (BP). By aligning licenses to actual user requirements, you can strike the ideal balance between cost and capability.

• M365 E3 delivers a comprehensive suite for knowledge workers, with core Office apps, cloud storage, advanced security, and device management.
• M365 E5 layers on advanced security, compliance, analytics, and voice capabilities. These are particularly critical for heavily regulated industries or those facing sophisticated cyber threats.
• Business Premium is tailored for small and medium-sized organisations, offering robust productivity, security, and device management features for up to 300 users.

Simplifying with Bundles: Consolidating SKUs for Maximum Value

One of the most overlooked opportunities in licensing management is SKU consolidation. Instead of managing a patchwork of add-ons and standalone products, you can often bundle multiple solutions into a single, cohesive license. For example, E3 and E5 licenses include a broad range of capabilities under a unified subscription.

This consolidation brings several advantages:

• Simplified administration: Fewer SKUs mean less time tracking entitlements, reconciling renewals, or troubleshooting issues related to access rights.
• Streamlined support: With core services under a common umbrella, support and escalation paths become simpler and more effective.
• Better user experience: Users benefit from a seamless, integrated ecosystem, reducing friction and enabling collaboration.
• Cost efficiency: Bundles often deliver more features for less compared to purchasing standalone products piecemeal.

Therefore, it’s essential to regularly audit your licensing estate and identify opportunities to migrate fragmented products to consolidated E3, E5, or Business Premium licenses.

Unlocking Advanced Capabilities: E5 Security and Compliance for Business Premium

Historically, smaller organisations using Microsoft 365 Business Premium were limited in their access to advanced security and compliance tools. However, Microsoft has changed the game: E5 Security and E5 Compliance add-ons are now available for Business Premium users.

What does this mean in practice?

• Advanced Threat Protection: Gain cutting-edge security features, like Microsoft Defender for Endpoint, identity protection, and automated investigation and response. Elevating your defence posture without migrating to enterprise SKUs.
• Comprehensive Compliance: Access to features like Insider Risk Management, Advanced eDiscovery, and Information Protection, to meet stringent regulatory requirements and proactively manage data risks.
• Flexible Scaling: As your business grows, you can seamlessly layer these add-ons atop Business Premium, ensuring your security and compliance capabilities scale in step with your ambitions.

This expansion of E5 features to BP closes the once-yawning gap between SME and enterprise security and compliance.

Best Practices for Effective M365 Licensing Management

To truly maximise the benefits of licensing, consider these steps:

• Assess User Needs Frequently: Conduct regular reviews to match licenses to evolving user roles and business strategies.
• Audit and Optimise: Identify inactive licenses, unused features, and areas for consolidation. Never pay for more than you need.
• Leverage Self-Service Tools: Use the Microsoft 365 Admin Centre and third-party analytics to gain insights and automate reporting.
• Stay Informed: Microsoft’s licensing portfolio changes rapidly. Keep up to date to ensure you’re not missing new capabilities.
• Engage with Partners: Certified MSPs and licensing specialists can help you navigate complexity, unlock hidden value, and ensure compliance.

Conclusion: Modern Licensing as a Strategic Enabler

Effective Microsoft 365 licensing is the key to unlocking productivity and innovation across your organisation. By consolidating SKUs, mapping licenses to real-world user needs, and leveraging new add-ons, businesses of all sizes can build a foundation that’s future-proof. With the right approach, M365 licensing becomes a strategic asset, driving growth, resilience, and seamless digital transformation.

Reach out to the team by filling in the form below to discuss your licensing requirements.

Introduction

Cloud adoption promises agility to build innovation in your IT Infrastructure. And while this is possible, for many organisations, the reality doesn’t match the vision. Costs spiral, security concerns grow, and IT teams become overwhelmed. Why does this happen?

The answer is simple: you need a clear Cloud Operating Model (COM) to navigate successfully to your desired destination.

Life without a COM

• Costs rise as self-service provisioning gets out of control.
• Security becomes harder to maintain as the attack surface expands.
• IT teams drown in user queries instead of driving innovation.

If this sounds familiar, it’s time to rethink your approach.

What is a Cloud Operating Model?

Microsoft defines a Cloud Operating Model as:
“The collection of processes and procedures that define how you want to operate technology in the cloud.”

In other words, it’s your blueprint for managing the operational shift from on-premises IT to cloud-based systems. It covers everything from governance and security to technology management and cultural change. As one of the longest-standing Azure Expert Managed Service Providers, we’ve based our approach to Cloud Operating Models on Microsoft’s proven best practices and tools.

The Five Pillars of a Cloud Operating Model

A strong COM isn’t one-size-fits-all, but successful models share common attributes. Here are the five pillars to consider:

1. 24×7 Operations
   Successful transformations depend on people, not technology. When you’re in the cloud, the skills your IT teams need will change dramatically. Operations shifting to 24/7 availability amplify this further as employees need to be equipped to deal with any manor of issues at any time.
2. Technology and Management
   Cloud adoption introduces scalability and flexibility, but also complexity. You’ll need new processes and tools for monitoring usage, managing virtual machines, and extracting insights from analytics. This will ensure your environment remains optimised and delivering maximum ROI for your business.
3. Strategy and Governance
   Governance, security, and compliance are non-negotiable when implementing your cloud strategy. When you shift to the cloud your network parameter expands far beyond traditional firewalls, therefore, the treat landscape increases. Adopting frameworks like Zero Trust, and leveraging tools such as Microsoft Defender can help keep your data safe and controlled.
4. Transition and Change Adoption
   Moving to the cloud successfully should be a cultural shift. Slow and mundane processes will become a thing of the past. Adoption means faster development cycles, new financial models (OpEx vs CapEx), and incorporating cloud native practices to quickly meet customer needs. However, it’s vital to manage this new pace of change effectively to be successful.
5. Account and Relationship Management
   Ongoing optimisation and stakeholder engagement ensure your cloud services deliver value. Regular reviews and proactive relationship management help maintain alignment with evolving business priorities.

Next Steps

Ready to dive deeper?

Read the full guide to discover how to build a Cloud Operating Model tailored to your business.

In ‘The Data & AI Readiness Playbook’ we explain how you can unlock the value of your business data. Quality data is crucial to the effectiveness of AI. Here we look in more detail at the importance of data culture and the practical steps you can take to build a great data culture.    

Data is perhaps the single greatest asset of the modern business and the bedrock of successful AI initiatives. But the quality of that data is critical to success.  

The ROI of investing in data quality

Already convinced of the importance of quality data? Then skip ahead to ‘Developing a great data culture’, otherwise read on.  

When we refer to quality data, we mean that it is accurate, complete, consistent, timely, valid, unique, and reliable. Armed with that, both human and artificial intelligence can arrive at the decisions that deliver real value.

Matthew Ebo is Assistant Strategic Insights Manager at Lloyds Banking Group and a contributor to ‘The Data & AI Readiness Playbook’. Matthew explains, “The cost of AI is an investment, but one that pays off in saved time, better decision-making, and automation of repetitive tasks”.  

Developing a great data culture is an investment. An investment in the raw materials for transforming how an organisation operates, competes, and grows. For the business, this can drive value in many ways: 

• Better, evidence-based decisions enabling more effective strategies, faster responses to market changes, and improved stakeholder buy-in for new initiatives. 

• Increased innovation and agility as the organisation becomes better at identifying new opportunities, anticipating trends, and proactively adapting to changes.  

• Improved operational efficiencies as data insights help identify inefficiencies and optimise processes and resource allocation.  

• Greater competitive advantage gained from better anticipation of customer needs, reaction to industry shifts, and speedier innovation.  

• Enhanced customer experience through superior analysis of customer data, to tailor products, services, and communications to better meet customer needs.  

• Boosted employee engagement as staff become more engaged, and invested in the success of the business, by using data in their roles. 

• Trustworthiness – data driven cultures tend to be open about business decisions improving trust amongst employees.

A great data culture enables smarter decisions, drives innovation, enhances customer and employee experiences, and provides a competitive edge. 

So how do you get one?  

Developing a great data culture

We know that AI initiatives are only as good as the data they access, so data quality is key – and great data follows a great data culture. 

Data quality isn’t solely the responsibility of IT: it’s everyone’s responsibility. But it is IT’s responsibility to encourage a culture in which everyone cares about data quality“, explains Dan Knott, Data & AI Practice Lead, Cloud Direct.

A great data culture is one where data is valued by an organisation and its people, becoming a key part of daily operations. Here are eight key aspects of a great data culture.  

1. Leadership commitment and example
As with most aspects of culture, data culture needs to be led from the very top. Senior management need to be actively involved in communicating the importance of data to organisational success. This needs to be supported with investment in the resources, training, and technology to support data initiatives.

2. Data-driven decision making
It needs to become the norm that decisions, at all levels, are based on data and analysis and not just intuition or hierarchy. Leadership and example are an important part of this. It also means establishing processes that make data analysis a standard part of planning, operational, and problem-solving activities.

3. Data access and democratisation
For IT this means ensuring that employees have easy, secure access to data and analytics tools. Employees should be able to freely share data internally, within appropriate privacy and security parameters, to enable collaboration.

4. Data literacy and training
Key to all this is an ongoing investment in employee’s data awareness and skills, ideally with training tailored to different roles and data personas. This should equip staff with the skills to interpret analytics, know when to use data, and to ask the right questions about data quality.

We’re looking at AI in the same way as other tools which become part of the workforce’s toolbelt, so we have to provide the same level of training for it. It’s not only imperative that the right skills are gained, but that they are regained as time goes on“, explains Mike Downing, Chief Technology Officer at insurance nonprofit WPA

5. Continuous learning and improvement
Alongside formal training initiatives, organisation’s need to develop a mindset of ongoing learning, experimentation, and adaptation – constantly utilising data to refine strategies and processes.

6. Trust in data quality
Underpinning this, there needs to be organisation-wide confidence in data accuracy and consistency. People know where data comes from and how reliable it is. This requires robust data governance, clear data lineage, and transparent processes for data validation and error correction.

7. Collaboration and communication
Success will be evidenced through open communication and collaboration around data, with teams working together to solve problems and share insights. This should be openly encouraged. It is important that this is also supported by establishing a common ‘data language’, so everyone communicates effectively.

8. Accountability and measurement
The final aspect of great data culture is one of transparency and it is an extension of point two. Clear goals and metrics are set for data initiatives, with progress tracked and results linked to business outcomes. With performance KPIs relating to data usage built into everyone’s evaluations.

Together, these elements can help you to build a great data culture that will deliver demonstrable value to your organisation and support effective use of AI.  

Next Steps

Download a copy of The Data & AI Readiness Playbook to learn more. You’ll discover how others are preparing for and using AI, and a seven-step process to unlock the value of your business data.  

It’s 2026, and efficiency is the name of the game. For a number of years now, IT teams have been under constant pressure to do more with less, all while enabling innovation and protecting their security posture.

 Getting to this point has seen the proliferation of “best in breed” solutions, which has led many businesses to manage sprawling estates of disparate platforms, vendors, and integration points. But now, a growing movement towards vendor consolidation is shifting the paradigm. More organisations are choosing to streamline their supplier lists and partner with a single Managed Service Provider (MSP) for their Microsoft estate.

What makes vendor consolidation so compelling? There are a number of commercial, operational, and strategic benefits to rationalising your technology stack and supplier ecosystem.

The Commercial Case: Cost savings and predictable spend

Managing multiple vendors can quickly lead to spiralling costs, both directly and indirectly. Each additional supplier brings its own set of contracts, licensing models, support fees, and renewal cycles. Over time, this complexity drives up administrative expenses, increases the risk of duplicated licensing, and makes it difficult to negotiate favourable commercial terms.

By consolidating your vendor list – particularly around a single MSP for your Microsoft environment – you gain significant negotiating leverage. A unified contract covering M365, Azure, and associated services enables bulk purchasing, volume discounts, and streamlined renewals. Instead of juggling myriad line items and invoices, your finance team deals with a single, predictable bill. This clarity reduces the risk of budget overruns and enables more accurate forecasting.

Additionally, a trusted MSP can help you right-size your licensing and cloud consumption, identifying opportunities to eliminate shelfware and optimise usage. With fewer vendors and clear visibility of entitlements, organisations spend less time reconciling and more time innovating.

The Operational Case: Reducing administrative overheads

Vendor management is resource-intensive. Every supplier relationship demands due diligence, onboarding, security reviews, compliance assessments, ongoing performance monitoring, and periodic contract renegotiations… the list goes on. Multiply this by dozens of vendors, and your IT and procurement teams can become overwhelmed by administrative tasks that add little strategic value.

Consolidation is the answer. Engaging a single MSP to manage your Microsoft estate means one point of contact for all your support, renewals, and service escalations. There’s no longer a need to track which vendor is responsible for which component, or to referee disputes between overlapping providers. Support requests are simplified – whether it’s a technical issue, a billing question, or a feature enablement, you know exactly whom to contact.

What’s more, a single MSP can offer holistic reporting, monitoring, and service management. With a unified dashboard and agreed service levels, you gain a clear view of your environment’s health and performance, enabling proactive management rather than reactive firefighting while jumping from one conversation to another.

Simplified Support and Accelerated Resolution

When incidents occur, speed is of the essence. In a fragmented environment, support requests can pinball between vendors, with each pointing fingers or requiring separate troubleshooting before a root cause is found. This slows down resolution, increases downtime, and frustrates users.

With a consolidated approach (especially when working with an MSP that oversees your entire Microsoft estate) the accountability is clear. Your MSP understands the full stack, from identity and access management to endpoint security and collaboration tools. Their cross-domain expertise means they can triage, escalate, and resolve issues without the friction of inter-vendor boundaries.

The result? Reduced Mean Time To Resolution and higher end-user satisfaction.

The Strategic Case: Enterprise-grade integration with Microsoft

Microsoft’s cloud suite, which encompasses M365, Azure, Defender, and Power Platform, offers enterprise-quality solutions spanning productivity, security, compliance, analytics, and automation. By standardising on Microsoft, organisations benefit from deep integration, a unified identity model, and common policy controls.

A tightly integrated platform reduces the need for custom connectors, fragile APIs, and manual workflows. Security and compliance are easier to enforce, as audit trails, access controls, and data loss prevention policies can be set once and applied universally. Feature releases and updates are synchronised, ensuring compatibility and reducing technical debt.

In contrast, managing a patchwork of “best in breed” tools may deliver niche capabilities at the cost of complexity. Each application may have its own authentication standards, update cycles, and support models, which increases the risk of security gaps, configuration drift, and costly integration efforts. Moreover, keeping skills current across multiple platforms pulls IT resources in many directions.

Innovation at Scale

Vendor consolidation unlocks agility. With a unified Microsoft stack managed by an expert MSP, your organisation can deploy new features, scale services, and adapt to regulatory changes in a speedier fashion. A consistent platform accelerates cloud adoption, enables seamless collaboration, and empowers business units without the friction of platform sprawl.

Your MSP can focus on continuous improvement, suggesting best practice architectures, automation opportunities, and proactive security measures. Freed from vendor wrangling, your team can devote energy to transformation and user adoption.

Less is more

Consolidating your vendor list and standardising on a trusted MSP for your Microsoft estate isn’t just about administrative convenience. It enables cost control, risk reduction, and innovation, and by choosing a comprehensive, enterprise-grade platform and a single expert partner, you position yourself for greater success in the age of AI. Less really is more.

Introduction 

End users are now the last line of defence for protecting your IT infrastructure.  

Are you confident they have the tools and knowledge to successfully keep attackers out?

Identity attacks have continued to rise using tactics such as password spray to gain unauthorised access. With over 99% of unauthorised access attempts being blocked by Multi-Factor Authentication. It is crucial employees are equipped with the right tools to protect your organisation.

Increasing hybrid and remote employees makes the need for robust, intuitive security solutions more critical than ever. Microsoft Defender, supports organisations by offering layered protection, integrated intelligence, and a user-focused approach to security. Defender empowers organisations to protect against major attack vectors and enables employees to work flexibly and securely. 

End-User Protection Against Attacks Vectors

From phishing emails to fileless malware, users encounter a wide spectrum of attack vectors daily. Microsoft Defender shields users from malicious links and attachments by scanning emails, documents, and tools in real-time. Taking away much of the burden, and equipping employees with knowledge of potential threats. Defender’s robust endpoint protection leverages AI-powered threat detection to block suspicious activities before they can cause harm. This can reduce the risk of breaches from drive-by downloads, rogue applications, or credential theft. 

End-users gain peace of mind as automated protections work seamlessly in the background, so they can focus on their work without worrying about clicking a link and accidentally setting off a cyber breach. Defender’s user-friendly guidance and actionable steps also help demystify security, encouraging a culture of shared responsibility.   

Beyond Defender: The Power of Integrated Security Ecosystem 

While Microsoft Defender is a powerful foundation, its effectiveness multiplies when integrated with complementary tools within the Microsoft security ecosystem. Conditional Access, for example, extends user protection by enforcing policies that evaluate both the context and risk level of access requests. If a user attempts to log in from an unfamiliar device or location, Conditional Access can prompt for additional authentication or block access altogether. This mitigates the risk of compromised credentials. 

Furthermore, Microsoft’s Extended Detection and Response (XDR) capabilities, consolidates security telemetry from across your environment. These tools ensure your security teams gain a centralised view of the entire digital estate. For end users, this consolidation means faster detection and remediation of threats. Further good news, even if a phishing attempt slips through email defences, XDR can correlate signals to quarantine the threat and guide users through recovery steps. 

Cost Benefits within M365 Licensing 

For many organisations, cost is a significant consideration in security strategy. Microsoft Defender’s inclusion within Microsoft 365 licensing delivers exceptional value:  

• Advanced protection features are available without the need for costly third-party solutions or complex integrations.  

• Users benefit from consistent experiences across devices and platforms. 

• IT teams can deploy, manage, and monitor security policies from a unified console. 

This consolidation not only reduces operational overhead but ensures that security is not sacrificed for the sake of budget constraints. 

Facilitating Secure Flexible Work 

An increasing number of the workforce are looking for flexible working options, including hybrid and remote models, however, with this security perimeters need to be considered. 

Microsoft Defender’s cloud-native architecture and integration with Azure Active Directory enable employees to work securely from anywhere. Real-time threat intelligence ensures that whether in the office or on the move, users remain protected against emerging threats. 

Conditional Access policies further empower organisations. An ability to dynamically assess risk and adapting controls based on user behaviour and context. For employees, this translates into frictionless access to resources with confidence that their security is not impacted. 

AI-Driven Security: Respecting Configurations and Amplifying Protection 

AI is at the heart of Microsoft’s security stack, enabling smarter defences and more adaptive protections. Solutions like Microsoft 365 Copilot and Security Copilot, ensure that user data remains governed by the existing security configurations.  

Microsoft 365 Copilot operates within the boundaries of user permissions, never exposing information to which a user does not have access. This means that the efficiency of AI-powered assistance never come at the expense of data security or privacy. This trust is vital for users to leverage AI tools confidently in their day-to-day work. 

Security Copilot, meanwhile, is poised to transform the incident response lifecycle. Security Copilot can automate Endpoint Detection and Response (EDR) workflows, rapidly triaging alerts, correlating events, and even suggesting or executing remediation actions. This means that incidents are resolved faster, with minimal disruption and less risk of human error. 

Conclusion 

In an era where cyber threats are ever-present and working patterns are more dynamic than ever, an integrated security suite offers organisations a compelling advantage. From defending against major attack vectors to enabling secure, flexible work, Defender empowers users to navigate the digital world with confidence. When complemented by tools like Conditional Access, XDR, and AI-powered solutions, the benefits extend far beyond basic protection.  

Ultimately, the best security is the kind users barely notice: always present, always vigilant, and always enabling them to do their best work. 

Ready to discuss how you can make better use of Microsoft Defender and improve your security posture? Speak to one of our experts by filling in the form below.

Every IT decision maker understands the importance of a clear cloud strategy. It is not just about where you host your apps. Your strategy must actively support the overall mission of your company. The challenge is that Azure evolves at lightning speed. New features, services, and security standards appear constantly, making it hard for teams to keep up. 

This is where many organisations fall into the trap of reactive cloud management. They spend all their time fixing problems and responding to immediate demands. Whereas proactive management requires something different. It needs dedicated expertise that can look years ahead and guide your architecture toward future success. 

Reactive vs Proactive Cloud Management 

Reactive management focuses on solving today’s issues. Proactive management anticipates tomorrow’s challenges and positions your business to take advantage of new opportunities. Without expert guidance, your cloud strategy risks falling behind. This is what we call ‘strategy drift’. 

The Risks of Strategy Drift 

When your cloud configuration moves away from best practices, you face three major risks: 

• Unnecessary Costs: You miss new cost saving features or fail to adapt to licensing changes. 

• Missed Innovation: You do not adopt AI or data services that could give your business a competitive edge. 

• Security Gaps: Your architecture fails to keep up with the latest security standards, leaving vulnerabilities unaddressed. 

A dedicated expert resource such as a specialist Azure Solution Architect can help to prevent these risks. However, hiring a full time Azure Solution Architect is expensive and for most businesses their expertise is only needed for major projects or complex upgrades. So how do you access that high level insight when you need it most? 

Five Expert Tips for IT Decision Makers 

To future proof your Azure strategy, here are five essential tips: 

1. Prioritise Proactive FinOps: Do not wait for the bill to arrive before thinking about costs. Implement automated rules and architectural best practices to ensure continuous cost optimisation. 

2. Plan for AI Adoption: Azure is rapidly integrating AI features. Your cloud strategy should include a roadmap for leveraging services like Copilot and advanced Data and AI platforms, such as Microsoft Fabric, to drive business growth. 

3. Strengthen Security Posture: Regularly review your architecture against the latest security standards. Proactive security checks prevent vulnerabilities before they become incidents. 

4. Align with Sustainability Goals: Track CO₂ emissions in your Azure usage and integrate sustainability targets into your cloud roadmap. 

5. Leverage Azure Expert Advisory: The best way to ensure your strategy is sound is by partnering with a Microsoft Azure Expert MSP. Selecting the right partner will bring certified expertise and proven experience to help you deliver business value. 

CSP+ Delivers Azure Expert Advisory 

Our Cloud Direct CSP+ programme is designed to help you close the expertise gap. CSP+ is a tiered model so that you can pick the level of support that your business needs. From the essentials tier where you’ll gain an initial onboarding health check and business hours support. To the enterprise tier for 24×7 support, monthly optimisation reports and access to a dedicated Azure Solution Architect to deliver strategic advisory sessions.  

These experts provide ongoing architectural reviews to keep your Azure strategy aligned with your business goals. This includes: 

• Strategic Feature Adoption: Guidance on deploying new Azure features safely and effectively. 

• Long Term Architecture: Support in designing scalable, resilient, and secure environments. 

• Risk Mitigation: Reviewing your environment to eliminate potential security and performance issues before they become incidents. 

Expert insight through CSP+ means your internal team is never alone. You have the full weight of a certified Azure Expert MSP behind you, ensuring your cloud platform is architecturally optimised and ready for innovation. 

Ready to Strengthen Your Azure Strategy 

Stop reacting and start planning for the future. Try our CSP+ calculator to find the right plan for your business. Plus, save on costs instantly.

It’s becoming increasingly apparent that artificial intelligence will be integral to how organisations operate effectively and remain competitive. But responsibility is a topic that regularly rears its head, and the question of how you use AI responsibly isn’t one purely for IT but for your organisation’s executive leadership. Here we consider how to benefit from AI, while remaining true to your organisation’s values, obligations and stakeholders.  

Much is written and spoken of AI’s power to drive business transformation, efficiency and innovation. But as the saying goes, ‘with great power comes great responsibility’.

Using AI responsibly isn’t just about regulatory compliance. It’s about trust, safeguarding reputation, and ensuring that AI strengthens rather than undermines the organisation’s values and purpose. There are three important topics to consider – People, Planet, and Policy.

People

Let’s start by confronting the really big question: jobs. We’ve all seen and heard carefully worded references to AI’s labour-saving capabilities. It does less work, it means fewer workers, but does that also mean redundancies? This question needs considering, carefully, at a very senior level, and very early on.

They’ll need to know the expected time savings and whether these affect fractions of roles or entire roles. You should also consider timeframes in each area, and how these compare to natural attrition, retirement and contract expiration timescales. They’ll also need to know recruitment pipelines, so hiring can be slowed or redirected rather than abruptly frozen, as well as redeployment opportunities and the skills required for new or expanded roles such as AI oversight, data literacy, and creative problem-solving.

This will impact much of what follows.      

Enablement, not displacement

Responsible AI should augment human judgement and not replace it – freeing people from repetitive work. But to achieve this, it needs to be accompanied byreskilling and digital literacy programmes that enable employees to work effectively with AI systems. Success should be measured in terms of human productivity and satisfaction, and not headcount reduction.

Transparent and ethical

Everyone involved with AI, from developers to decision-makers, must understand what AI can and cannot do. Build a culture of AI literacy and ethical awareness supported by specific training on responsible data use, bias awareness, and explainability. Employees using AI outputs should be able to interpret and justify its decisions, especially in regulated sectors. Staff must appreciate that humans remain accountable for AI-assisted outcomes and feel confident challenging algorithmic decisions without recrimination.

Inclusion and fairness

Similarly, fairness and inclusion must be embedded in your use of AI. These systems will typically maintain or increase any biases in training data, so utilise diverse teams in AI design and validation. Train models with diverse data sets and monitor for bias, especially in HR, credit, or customer-facing use cases.Treat governance of AI fairness with the importance of a workplace equality and diversity issue, rather than a technical issue.

Planet

AI’s benefits should also be considered in the context of its environmental impact and sustainability. During training AI models can consume significant energy, and operationally AI infrastructure has a significant carbon footprint. But with the right actions, this can be mitigated.

Opt for energy-efficient architectures

Data centres powered by renewable energy, with liquid cooling, and using energy-optimised GPUs (Graphic Processing Units) and ASICs (Application-Specific Integrated Circuits) are more energy efficient. Also consider scheduling AI workloads to optimise power use.

Actively manage your technology lifecycle

Using cloud and hybrid models can allow you to dynamically scale, without having an over-provisioned on-premises infrastructure. Apply sustainability principles to AI hardware: responsibly sourcing, refurbishing and/or reusing, and recycling at end-of-life.

Use AI for sustainability

‘Planet’ doesn’t just mean mitigating AI’s environment impact. AI can also make a positive contribution towards meeting corporate sustainability goals through data-driven energy optimisation, intelligent logistics routing that lowers emissions, predictive maintenance to reduce waste, and carbon accounting.

Policy

A responsible use of AI also depends on robust governance that ensures transparency, accountability, and compliance. A key consideration for the board is who will be accountable for AI ethics and compliance, and how governance can be shown to be effective?

A best practice approach combines collective ownership with clear executive accountability. It is likely to blend existing structures with some new, specialised capabilities. This might take the form of a Chief Information Officer or Chief Digital/Technology Officer with primary accountability, working with a cross-functional AI Governance Board. This would include Technology, Data, HR/People, Legal, Compliance, Risk, Operations, your ESG (Environmental, Social, and Governance) team, and business unit leaders.

This will provide the basis for effectively actioning the following. 

Establish an AI governance framework

Determine the principles which will guide your use of AI. These need to be consistent with your organisation’s values and risk appetite and will typically encompass fairness, transparency, accountability, privacy, and sustainability. Bear in mind that different contexts may require different ethical considerations – what’s appropriate in one area may not be in another. AI ethics will touch IT, legal, HR and compliance so ensure that there is clear ownership within and across these areas.

Control and oversight

Integrate AI risk management into existing risk frameworks, with a focus on model validation, auditability, explainability, and version control. Track who built which model, with what data, and how it is performing. Require human-in-the-loop oversight for all critical decision and systems.

Regulatory alignment

There will be external interest in your AI use from regulators, customers, investors and other stakeholders, so aim to stay ahead of expectation. There is an EU AI Act, with most provisions applying from August 2026, and a UK AI Assurance Framework. The Information Commissioner’s Office has provided AI guidance, with sector-specific guidance expected in several areas (like from the FCA in financial services). Maintain audit trails for AI models, data lineage, and decision logic to satisfy auditors and regulators.

But, above all, be transparent about how AI is used, governed, and improved.

A final thought

Using AI responsibly requires deliberate, pre-emptive leadership. It means ensuring that AI use aligns with organisational purpose, is trusted by employees and other stakeholders, and contributes to sustainable growth. Many will do this badly, but those that do it well can successfully position their organisations as trustworthy and responsible innovators.

Cloud Direct can help you successfully benefit from AI in a real and responsible way. Request a call with a subject matter experts through the form below.

Cloud tracking and optimisation often slip to the bottom of the IT to do list, especially in the midst of daily firefighting and urgent fixes. But when you are managing a complex Azure environment, operating without visibility is like driving at night without headlights.

You must consider whether it’s worth exposing your business to unnecessary risk. Without clear data, decisions about your digital strategy become guesswork. That guesswork often leads to wasted spend, compliance concerns, and missed opportunities. 

Cloud visibility matters for cost and compliance (and your sanity) 

Visibility impacts vital outcomes for organisations, including: 

• Financial Control:  Continuous cost management keeps you financially competitive and allows you to make thoughtful decisions. It is crucial to identify underutilised resources and right-size virtual machines to stop unnecessary spending. While this is true, tracking every penny spent is difficult, especially with numerous systems and reports to analyse. Although, the dream of real time visibility to proactively monitor spend across all licenses and resources might be closer than you think. 

• Governance and Compliance: A strong security posture is essential in today’s cyber landscape with AI advancing at an unprecedented rate. Ensuring your environment is fully secure on all fronts is crucial, but not straightforward. Gaining visibility can be pivotal here for maintaining robust governance and compliance across your Azure estate. Visibility enables you to continuously monitor for policy violations, misconfigurations, and unauthorised changes, reducing the risk of data breaches and regulatory penalties. 

• Drive Efficiency: Sifting through multiple reports and dashboards to find the information you need is draining your time and resources. But it’s not just you – many businesses are rife with fragmented data, making manual investigation a necessary chore. The cure is a centralised platform where you can gain actionable insights instantly and free up your team to focus on more strategic initiatives. When you can quickly pinpoint underperforming services or areas for improvement, overall business productivity is boosted. It’s about empowering your team with the right information at the right moment so you can deliver greater results. 

Gain control of Azure and end the admin nightmare 

Now wondering where you can find this one-stop-shop for your Azure environment? That is exactly what the Provide™ Portal delivers. It is a centralised platform that provides all the Azure visibility you need in one place. But it also goes far beyond basic Azure reporting to provide you with actionable recommendations and optimisations, including: 

• Cost and License Management:  Set budgets and receive alerts before you hit unplanned expenditure, track spend across all M365 subscriptions and Azure resources instantly, and better plan for the future with forecasted spend outlook. This proactive approach is aligned to Microsoft’s Well Architected Framework (WAF) and helps you avoid surprises and keep your cloud costs predictable. 

• Monitor Security Posture:  Track cloud compliance levels, identify misconfigurations, and review risk exposure across your environment – as well as access to your Microsoft Secure Score to understand your current secure posture and how to improve it. With real time alerts, you can address vulnerabilities before they become serious threats. 

• Performance Metrics: Observe the health and efficiency of your running services to maintain optimal speeds and availability. This ensures your applications deliver the experience your users expect. 

• Sustainability Goals: Visibility even extends to tracking CO₂ emissions within your Azure usage. If your organisation has committed to strong sustainability goals, this sometimes overlooked metric helps align your cloud strategy with environmental targets. 

Real time data means no more manual reports. Instead of tracking down and dissecting last month’s costs, your monthly review becomes a proactive planning session focused on optimisation and growth. 

Beyond the Portal to expert optimisation reports 

Cloud Direct CSP+ enhances the Provide™ Portal with expert oversight. Regular optimisation reports will deliver personalised improvement suggestions on cost, security, and performance. Higher tiers also include direct access to cloud architects to support your future strategy and ambitions. This is the difference between simply having data and having expert insight applied to act strategically with that data. 

The combination of cutting-edge technology and certified expert review ensures your cloud environment is continually optimised and you extract maximum value from your investment. Plus, you can save money on your Azure spending. 

Ready to take control of your Azure environment? 

Stop guessing and start making informed decisions with real time visibility. Try our CSP+ calculator to find the right plan for your business.

If you’re an IT manager, you know how managing support tickets can feel like a second job. You spend hours juggling internal requests and chasing updates while waiting for service providers to resolve complex issues. It is frustrating and it wastes time – but there is a better way.

The real cost of slow Azure support  

• Productivity loss: According to a recent study, employees spend an average of 6 hours per month waiting for IT issue resolution. Employees who report long IT support delays also state the negative effects on morale and job satisfaction.  

• Financial impact: Gartner estimates that IT downtime costs businesses an average of £4,400 per minute for critical systems. Even smaller outages can accumulate tens of thousands in lost revenue. 

• Reputation damage: Slow IT queues can harm customer experience and lead to public complaints. Studies have shown that organisations with support ticket backlogs report lower customer satisfaction scores.  
• Security exposure: Delays in patching or fixing access issues leave doors open for attackers. A single missed update can lead to compliance breaches or data loss. 

Think about what happens when delays drag on: 

• Employee productivity stalls: When staff can’t access critical resources, deadlines slip and payroll pounds go to waste. 

• Customer confidence erodes: If the issue impacts customer-facing services, trust evaporates fast. 

• Innovation freezes: Instead of driving projects forward, your IT team is stuck firefighting. 

You have a capable IT team, but when a complex Azure problem pops up, they need expert help fast.

CSP+ advances your cloud support

Many businesses assume premium Azure support is too expensive or that switching providers is a hassle. That is why we created Cloud Direct CSP+ – to make expert Azure support simple and accessible. 

We integrate support directly into your Azure consumption model, and allow you to choose the tier that fits your needs. 

• Essentials: Monday to Friday standard business hour support for response and resolution of platform issues. In addition, access to an Azure Expert MSP partner for escalations. 

• Enhanced: 24×7 enhanced support with reduced SLA’s and expert human support. Direct escalations to Microsoft through our specialist team. 

• Enterprise: 24×7 enhanced support and direct escalations to Microsoft. Plus, direct access to Tier 4 Cloud Engineers who know your environment and can fix issues fast. 

This means no more ticket queues. No generic helpdesk. Just immediate access to the right expert when you need them.  

Why Enterprise tier changes everything 

Have you ever had a critical app go down on Friday afternoon? How long did it take to get help? Imagine this… instead of waiting days for a ticket to be picked up, you are on a call with a Tier 4 Azure engineer who knows your architecture and can resolve the issue in hours, not days. That is the difference CSP+ makes. It gives your IT team the freedom to stop firefighting and start innovating.  

Unlock your team’s potential 

CSP+ means embedding an expert support team into your business. That means fewer delays and more time for strategic work that drives growth. 

Here’s what your IT team could focus on if they weren’t stuck in support queues: 

• Cloud optimisation: Fine-tuning workloads for cost efficiency and performance. 

• Security hardening: Implementing advanced threat protection and compliance frameworks. 

• Automation projects: Building workflows to eliminate manual processes. 

• Innovation initiatives: Deploying new apps, migrating legacy systems, and enabling AI-driven solutions. 

Instead of firefighting, your team can finally deliver the projects that transform your business. 

Ready to eliminate downtime?

Key takeaways from the Microsoft Digital Defence Report, written by Leon Godwin

We drew inspiration from the Churchill War Rooms to host our latest Security Briefing – a venue where strategic defence decisions once shaped our history, and now where security professionals learned from Cloud Direct and Microsoft about the new cyber landscape being shaped by AI-driven threats. 

To paraphrase Winston Churchill: “Never before in the field of digital defence has the security of so many relied so heavily on the vigilance of so few.” The battleground consists of intelligence, speed, and resilience, and adversaries are using AI-powered attacks to rapidly infiltrate and compromise organisations, faster than human-based defences can respond. 

From a day in the life of a modern CISO through attack simulations, to insights from Microsoft’s Aileen Finlay and concrete steps that you can take to adjust to the new threats, I’ll reflect on the event and share my take on the newly released Microsoft Digital Defence Report 2025. 

The reality on the ground

On 13 October, the UK government took the unprecedented step of sending a letter out to all UK businesses to highlight the significance of new cyber threats. The letter’s goal was to fundamentally reclassify cyber security from a technical operational task to a critical board-level imperative. By issuing a direct mandate, the government signaled that the intense and sophisticated nature of modern threats now constitutes a primary risk to national economic stability.  

The Microsoft Digital Defence Report 

The recent release of the Microsoft Digital Defence Report makes it clear why the UK government is so concerned, and why you should be too. 

The threat landscape isn’t just evolving – it’s accelerating. Attacks are more aggressive, more organised, and frankly, more relentless than ever. The UK is now ranked number two in the global index of countries most impacted by cyber threats. 

Defence Report takeaways for the Modern CISO 

One theme that kept coming up during the event was the “prevention versus response” paradigm, or what the military calls “Left of Bang” and “Right of Bang.” The Microsoft Digital Defence Report 2025 makes it clear; you can’t choose one over the other. You need both. 

Here’s a breakdown of the key findings of the report, and actions to take off the back of it.  

1. Identity is the Battleground 

Problem: Attackers aren’t only breaking in, they’re logging in. Identity compromise is still the number one entry point for ransomware and data theft, and it’s getting smarter. When you login to a computer you gate a token that is your permission to use that session for a period of time before you need to reauthenticate. Token theft and Adversary-in-the-Middle (AiTM) attacks are on the rise, bypassing traditional protections. Your traditional Multi-Factor Authentication (MFA) that secured you for many years is now simply not enough. 

Solution: Phishing-resistant MFA is the gold standard. 

Action: 

• Audit your Entra ID environment today. 

• Enforce phishing-resistant MFA for everyone, especially admins. 

• Update legacy authentication protocols.

Impact: Phishing-resistant MFA blocks over 99% of unauthorised access attempts, according to the Microsoft report. If you do one thing this quarter, make it updating your systems from traditional MFA to phishing-resistant MFA. 

2. The Double-Edged Sword of AI 

Problem: AI isn’t just our friend, it’s the attacker’s too. They’re using it to craft convincing phishing lures, scale attacks, and even create deepfakes for fraud. 

Solution: We fight fire with fire. AI-driven defence can now contain breaches in seconds, suspending compromised accounts before a human is aware of an issue. This is helped further now that Microsoft Copilot has been bundled into the M365 E5 licenses, rather than an expensive bolt-on. 

Action: 

• Put an AI governance framework in place. ISO 42001 is a great starting point.  

• Deploy AI-powered tools like Copilot for Security, Microsoft Sentinel, and Defender XDR to automate detection and response. 

• You already have access to the phishing simulations within your M365 subscriptions, you should increase the schedule to be at least weekly. 

Impact: Moving from reactive to proactive defence shrinks dwell time, improves awareness, and limits the blast radius of an attack. 

3. Cyber Risk is Business Risk 

Problem: Too often, security is treated as an IT issue. But as we see in the examination of real-world breaches, it doesn’t just impact systems. It’s effecting revenue, supply chains and reputation. In one case this resulted in liquidation of the business and termination of it’s 700 employees.  

Solution: Security needs a seat at the boardroom table. 

Action: 

• Build reports with metrics that matter including, MFA coverage, patch latency, incident response times.  

• Run tabletop roleplaying exercises so your executive team knows what to do when, not if, the breach happens. 

Impact: A resilient culture means the business keeps moving, even when attackers try to stop it. 

What you can do next 

The MDDR 2025 isn’t just a collection of scary stats, it’s a wake-up call. 

If you’re planning your 2026 roadmap and wondering how to prioritise (or fund) these improvements, let’s talk. We can help secure funding for assessments to pinpoint your weakest links and help provide guidance on your security journey.  

Don’t wait for the breach to happen. Build resilience now.

Sign up to one of our Security Innovation consultancy sessions. These sessions are designed to help you with your specific business challenges