Copilot: What you do & don't know! - Episode 1: What the Copilot is going on?
Hello everyone. Welcome to the defend, govern, improve uh YouTube series that we've got running here. Just to give you guys a bit of background, this is an eight-part um series that talks around about around the Microsoft 365 environment, but focusing on the MSP stack problem. Uh we've titled it defend, govern, and improve because we want to talk around the three pillars of building out a really good secure environment that works for managed service providers that can be
0:28
implemented to customers. Um and I and
0:31
this whole series goes through every
0:33
element where you can leverage Microsoft
0:36
um but where it fits within the the
0:38
world of security governance and proving
0:40
that for regulatory businesses,
0:42
insurance providers and also just your
0:44
customers generally.
0:46
So give you guys a bit of background. My
0:48
name is Tim. I'm one of our 365
0:49
solutions architects. I've been with
0:52
Enforcer for nearly 6 months uh from
0:54
date of this publishment.
0:57
And my role here is to enable MSPs to be
1:02
the best they can and the most efficient
1:04
proactive business that delivers
1:07
security, compliance, governance, and
1:09
protection to their customers. My job is
1:12
to make sure you guys are as efficient
1:14
as you can be, but leveraging the tools
1:16
to be proactive, less reactive, and and
1:20
scalable. We want scalability and
1:22
reliability and efficiency when we talk
1:24
to our MSPs. We're a partner for the
1:27
MSPs we work with. And this is why we
1:29
focus on giving these kind of content,
1:31
web content series, and theor um
1:34
webinars, YouTube series to to our
1:36
customers. And this is one of those key
1:38
topics that I think really resonates
1:40
when we talk about building out a good
1:43
technology stack or tooling for MSPs to
1:46
deliver the best they can for their
1:47
customers. Prior to my role here, I was
1:51
an MSP. I was I've been at three or four
1:53
MSPs over the last 12 years focusing
1:56
around Microsoft 365, whether that's
1:58
Azure, modern workplace as solutions
2:00
architect, more recently for an MSP in
2:03
central London that really focused
2:05
around financial services. So really hot
2:07
on security, governance and compliance.
2:10
Um so I've leveraged all of Microsoft
2:12
plenty of third party tools. Um and then
2:15
and then kind of really focusing on
2:17
purview in recent years. So this series
2:21
is to talk about that that MSP or
2:24
unifying MSP stacks, making sure we're
2:26
leveraging the right tools for the
2:29
customers that we service and support.
2:31
And I truly do think that sits with
2:33
leveraging Microsoft and that's why
2:35
we're doing this series. So it's part of
2:37
the defend govern. This episode today is
2:40
focused on the MSP stack problem. I want
2:43
to talk about the tools that we're
2:44
currently using previously versus what
2:47
we're using now or what we could be
2:48
using now. And then moving forward,
2:51
we're going to be doing things around
2:52
managed email security, endpoint
2:54
security. Uh we have some live webinars
2:57
that will be talking around this
2:58
throughout the course of 2026 um and
3:01
beyond. We've got plenty to come. But in
3:03
the meantime, uh sit back. Hopefully
3:06
you'll find this quite useful. So
3:09
today's episode is around the MSP stack
3:11
problem. If you're an MSP, I would
3:14
always encourage you guys to start
3:15
counting how many portals you need to
3:17
log in before 10 10:00 a.m. The reality
3:20
is it's going to be far more than six.
3:23
And it is, you know, we've got our
3:25
documentation solution, RMM solution. We
3:28
need to be logging into 365. Perhaps by
3:31
10 a.m. If you're a service desk
3:32
engineer, you've logged into three or
3:34
four different Microsoft 365 portals to
3:37
service problems or fix issues,
3:38
particularly on a Monday morning with
3:40
password resets. It's a continuous
3:42
journey for ourselves. We are constantly
3:44
having to log into different portals,
3:46
cloud backup solutions, um, additional
3:49
platforms, antivirus platforms that are
3:51
third party, all of these things. I'd
3:54
even include all the portals within
3:55
Microsoft 365 in this in this solution
3:58
that I'm discussing here. We've built
4:00
the modern MSP stack to protect
4:02
everything. As as MSPs, we focused on
4:05
making sure when we support a customer,
4:08
they are secure on the endpoint. Their
4:10
emails are secure. We can remote monitor
4:13
and manage their environment, i.e. the
4:15
RMM. We're backing things up. We're
4:17
keeping things protected. Maybe it's a
4:19
sock. We're getting alerts in providing
4:21
a reactive solution and a service. Live
4:24
responses are are critical. The thing
4:27
is, we don't need more tools. that what
4:30
we actually need is better trust in a
4:32
single platform or or better trust in in
4:35
minimal platforms and it starts with
4:37
making sure the tools that we leverage
4:39
provide more of the products or
4:41
solutions and services that we need and
4:44
for me I'm obviously working at enforcer
4:46
the conversation here is around enforcer
4:48
at the end of the day that single
4:51
platform for me I do believe most of it
4:53
can be solved with enforcer so we can
4:55
discuss that bit later on throughout the
4:57
course of this series in
5:00
So let's talk let's talk about the stack
5:02
and how it's spiraling. So previously
5:05
and I have I have this on another slide.
5:08
We've used and we've leveraged multiple
5:10
tools over the last several 15 plus
5:13
years. We look at that stack of
5:15
solutions that we need. The constant
5:17
renewal cycles is a pain in the ass.
5:19
Portal overload. Let's be transparent.
5:22
It's fatigue for your engineers when we
5:24
have to start teaching them 10 different
5:26
portals, 10 different policies within
5:28
those portals, def 10 different roles,
5:31
configurations, sign multiple platforms
5:34
to say we accept the risks associated
5:36
with using yet another portal, patch
5:39
management, EDR, IM, email security,
5:42
backup, seam solutions, compliance
5:44
tools, you name it. There are so many
5:46
and it's a stack of solutions for MSPs
5:50
that's going to drive us mad. Our
5:51
finance team probably go crazy when we
5:54
talk about yet another license or
5:56
another license renewal. Another thing
5:58
we have to keep on. We're building a
6:00
skyscraper of complexity and we need to
6:04
consider particularly for this year and
6:06
moving forward with AI coming into the
6:08
forefront more cyber security risks. We
6:11
need to start a consolidation. The more
6:12
tools we have, yeah, it spreads the load
6:15
maybe in terms of risk of things going
6:17
down, but let's be transparent. most of
6:20
the this day and age we leveraging
6:22
Microsoft 365 across the globe millions
6:25
and millions of companies are using it
6:27
if if the product goes down it doesn't
6:29
matter if email doesn't work because at
6:32
the end of the day our our spam filter
6:35
is useless if it's external because our
6:37
emails are down unless we've got
6:39
redundancy with mailflow um and we can
6:42
send emails elsewhere most companies
6:43
solely rely on it so it doesn't matter
6:45
if we've got an external email solution
6:47
for fishing it's already integrated and
6:50
baked into Microsoft 365. Should we not
6:52
consider using this already? My
6:55
suggestion is probably we should. We
6:56
don't need to have another tool, another
6:58
login for ourselves to use when
7:00
Microsoft's already injected 20 billion
7:03
pounds into email or into security
7:05
within their environment. It's more than
7:07
most leading providers for EDR
7:10
solutions, security solutions out there.
7:13
We should be considering how do we
7:15
consolidate stacks of solutions into one
7:18
single tool. I think Microsoft is a big
7:20
driver for that.
7:23
What's the cost complexity?
7:25
I mean, when we look at what's been
7:27
happening over the last 5 years, we've
7:29
clearly had a 30 to 50% rise in the
7:32
costs of most of the products we're
7:34
using. That might seem like only 10 20
7:36
30p per end user, but we're then
7:39
offsetting that either by ourselves.
7:40
we're just absorbing that cost and
7:42
giving it to our third party vendors or
7:44
we're having to go to the customer and
7:45
say you need to pay let's say an extra
7:47
two pound per per user per month. We're
7:50
we're in a world where there's always
7:52
rising costs and it's going to continue
7:54
to rise. If we are duplicating costs
7:57
because we're paying for one license
7:58
that's perhaps already included in say
8:00
business premium we're using at the
8:01
moment with Microsoft. We're duplicating
8:03
value or duplicating costs that we're
8:06
then offboarding or or lending or
8:08
providing back to the customer or we're
8:10
absorbing ourselves. Should we be doing
8:12
that? I would be questioning that we
8:14
don't. And the reality is clients don't
8:17
care at what the how many tools we use
8:19
or the tools that we're using. The
8:21
reality is they only care about how safe
8:23
they can feel. and clearly and how
8:25
clearly you could prove it as an MSP.
8:28
And I will probably admit and I I will
8:31
put my hand up to this, some customers
8:32
don't even care how safe they feel. They
8:34
just want to know that it's handled by
8:36
someone else. But for us as MSPs, our
8:39
focus should be on security, compliance,
8:42
governance, and proving the value of
8:44
what we're delivering. And the one thing
8:46
we quite often forget is enforcing an
8:48
environment, i.e. the governance piece,
8:51
and and proving it. Like if a risk came
8:53
into play and we're talking to a
8:54
customer that doesn't care about how
8:56
safe they are, but they have just
8:57
assumed it's handled by you, you need to
9:00
be able to go back to them and prove to
9:01
them that you have implemented the best
9:03
policies you could based on the
9:05
conversations you've had. And it starts
9:07
with making sure that we are keeping
9:08
things safe, secure, and the real MSP
9:11
impacts are clear. We have rising costs.
9:14
We're having alert overload with
9:16
productivity down and fatigue up because
9:18
we're getting alerts from all over the
9:19
place from different portals. Fragmented
9:22
reporting, inconsistent client
9:24
visibility is a big factor when we talk
9:26
about customers that do care about their
9:28
environment, their technology. We need
9:30
to make sure that our reports are
9:32
consistent to the customer. They are
9:34
getting the right information. It's
9:35
coming from the right value. And lastly,
9:38
that single source, the audit prep,
9:40
multiple readiness is really required
9:43
nowadays. making sure that we are
9:45
providing a single source or a single
9:48
pane of glass with the right reports and
9:51
enforcer focuses around Microsoft 365
9:53
which is why I'm driving this focus on
9:55
unifying our MSP stack to to a product
9:58
that's freely available but you guys are
10:00
already leveraging Microsoft as a
10:02
multi-tenant solution currently we have
10:05
hundreds if not thousands of of tenants
10:07
that we support depending on the MSP on
10:09
this discussion and call at the moment
10:12
how do we make sure that we are leverage
10:14
ing the products we already have
10:15
available and then once we do how do we
10:18
measure and enforce those pro processes
10:21
i.e. the governance drift detection and
10:23
then more importantly proving it. We
10:25
need to be able to run reports and prove
10:27
that value to the customer and that
10:29
starts with looking at that single
10:32
source of truth and unifying the stack
10:34
that we currently have.
10:36
So I want to talk about the shift. I
10:39
think particularly the last five years
10:42
and I think particularly more critically
10:44
the next five years people are going to
10:47
start focusing on Microsoft being that
10:48
central pillar. It started as just a
10:51
single piece of the puzzle i.e. email
10:54
maybe some share filing for shareepoint
10:56
but a single piece for that complex
10:59
security
11:00
product. Whereas now Microsoft with
11:03
their $20 billion injection of security
11:06
improvements, we now have Entra ID, the
11:09
identity protection and governance
11:10
piece. We have Intune device compliance
11:13
and management. We've got the purview
11:15
piece that data governance, the data
11:17
loss prevention and auditing platform.
11:18
That's the area we're looking at for
11:20
reporting and ongoing governance of an
11:22
environment. We have I've put 365e5
11:26
licensing because I'm a lover of that
11:27
product or license, but I know that
11:29
we've got business premium, defender
11:31
suite for business, which covers more
11:33
than enough for our SMB customers. Um,
11:36
and then we've got the XDR suite that
11:38
that license uplift with defender suite
11:40
for business really covers that single
11:42
security plane that we discussed with
11:43
our customers.
11:45
This is really critical. Microsoft have
11:48
basically said, look, we know that you
11:50
guys are using different companies. is
11:52
we know that there are competitors out
11:54
there, but let us build you a single
11:56
unified platform for you to be able to
11:58
deliver the best practice for your
12:00
customers. This is targeted for
12:01
enterprise businesses. There's no doubt
12:03
about it. Um, and Microsoft are openly
12:05
admitting this with Intune for MSPs.
12:08
They're deliberately saying use Enforcer
12:11
to focus on a unified multi-tenant
12:13
management solution. So you can leverage
12:15
those enterprise platforms but from a
12:17
single source i.e. enforcer for MSPs
12:21
that means you can replace those six
12:23
vendors with one stack i.e. Microsoft
12:26
and then leverage those outcomes and
12:28
those deliveries with enforcer that
12:30
single pane of glass even Microsoft's
12:33
power doesn't solve the last piece of
12:35
the puzzle. So it doesn't solve
12:37
necessarily that proof and that's the
12:39
gap when we talk about defend govern and
12:41
improve. Microsoft are taking defense
12:43
they're giving us that configuration
12:45
piece the ability to configure and
12:47
manage those policies providing that
12:50
entry id in tune perview the fender
12:53
suite that encompass solution. They're
12:55
allowing us to govern it with the right
12:57
licensing. We've got data governance.
12:58
We've got governance in identity
13:00
protection with conditional access.
13:02
Governance isn't just about data.
13:05
is about making sure that what we
13:07
implement and configure is enforced
13:09
across the business and we can measure
13:10
that enforcement but we need to be able
13:12
to prove that value and that's really
13:15
where that gap sits and that's where I
13:17
think enforcer provides that gap and
13:20
this is why we talk about defend govern
13:22
and prove that compliance gap the
13:25
evidence that we need to be able to
13:26
prove that we are implementing these
13:28
things and we're providing the value for
13:30
the customer and I think the statement
13:32
we always get with at least one if not
13:34
several customers every year is what am
13:36
I getting for my money when I'm paying
13:38
you per user or per device per month?
13:41
And the reality is we give customers a
13:44
reactive report. This is how many
13:46
tickets we're providing you a support
13:48
resolution. But I really challenge an
13:50
MSP to look further past just a reactive
13:53
measure. We always talk about being
13:55
proactive. For the first time, I think
13:57
in years, we have the ability to
13:59
demonstrate governance and proof as a
14:02
proactive measure to customers. We don't
14:04
want to just do a single deployment,
14:07
make sure it's configured, a single
14:09
point configuration, and then foxtra
14:11
Oscar to the next project. We need to be
14:13
able to go to the to from professional
14:15
service one-time delivery to ongoing
14:18
managed governance delivery. Governance
14:20
as a service isn't just data governance.
14:23
It's making sure that the
14:24
implementations we've configured stick.
14:27
So when we have an exclusion, someone is
14:29
excluded from a policy or a policyy's
14:31
changed, we need to measure that change.
14:33
We need to identify what change was
14:35
made, the metric that's been made, why
14:37
it's been made, who made it, and should
14:39
it have been made. That's governance as
14:41
a service. That's ongoing protection.
14:43
That's ongoing security analysis. All of
14:46
that sits with the governance piece. And
14:48
fundamentally, we then need to prove it.
14:51
So with Enforcer, we can dive drift
14:53
detection. we can make sure that we are
14:55
keeping customers aligned continuously,
14:57
whether that's partial alignment or a
14:59
full alignment to our best practices in
15:01
MSP.
15:03
And I say this and I'll always say, I'll
15:04
probably even say it in the next episode
15:06
and the episode after that, an MSP
15:08
doesn't need to have a unique security
15:10
baseline. It needs to be secure. And
15:13
that's secure across the board. Every
15:15
single person that we talk to, anyone
15:17
that's reading this or listening to this
15:19
uh this YouTube series now, it's not
15:22
about being unique. Every customer is
15:24
going to have some unique policies, but
15:26
the foundations of a good governed and
15:28
well-defensed environment or defended
15:31
environment starts with the same
15:33
security measures. And there are lots of
15:36
people out there that provide
15:37
recommendations of security measures
15:38
they could put in place. But
15:40
fundamentally, it's all about being
15:41
secure. And then we have to govern that.
15:43
Governing
15:46
Enforcer to make sure drift detections
15:48
in place for those alerting single day
15:50
value, day one value. when we talk about
15:52
bringing on all our customers into a
15:54
single platform like Enforcer is can we
15:57
make sure that we are governing that
15:59
environment? Can we make sure that
16:00
changes made we're being alerted to it?
16:02
And if you haven't got them in a single
16:04
source like Enforcer, you're not going
16:05
to get that governance piece. The second
16:08
part is the evidence. So let's take away
16:11
the governance. How do we prove that
16:13
value? So that statement, what am I
16:15
getting for my money? Rings true for
16:17
most of our customers. How do we
16:19
demonstrate we are providing that
16:21
governance piece? How do we make sure
16:23
that we are proving that? And that
16:25
starts with reporting. Starts with drift
16:27
detection email alerts to say, "Hey,
16:29
look, we are being proactive. We've
16:30
received an alert to say Jeffrey is the
16:33
head of IT for your business has made a
16:34
change. We've previously agreed with you
16:36
we wouldn't make any changes to this, so
16:38
we've reverted it." Or perhaps it's an
16:40
auto remediation. It's autoreverted back
16:42
based on your alignment piece. It's that
16:44
multi-tenant blind spot. We need to see
16:47
a unified platform, a single pane of
16:50
glass to make sure our customers are on
16:52
track to being secure and readily
16:55
available. And proof doesn't sit with
16:56
just the customer. Proof sits with your
16:59
business owners, the CEOs that are
17:00
watching this, the ones that want to
17:02
make sure that the customers they're
17:04
supporting really are secure. That
17:06
multi-tenant blind spot is so important.
17:08
We need to make sure we can see our
17:10
customers and they're aligned to our
17:12
best practices, our security values. And
17:14
when I say owl, I mean your best
17:16
practices in security. Almost all of us
17:18
will have the same security measures.
17:20
They just could be named differently.
17:22
Different named policy, different
17:23
configuration, maybe something that
17:25
doesn't matter for one industry that
17:26
does for another. Um when we talk about
17:29
industries that we support, financial,
17:31
medical, pharmaceutical, and so on. And
17:34
the last thing is being able to provide
17:36
that evidence. So running those
17:38
alignment reports that you have within
17:40
Forscer, the ability to produce a report
17:42
that shows you you are aligned to our
17:44
best practice. We can measure that with
17:46
policy tagging to determine this policy
17:49
aderes to door configurations for
17:51
example. We can leverage those that
17:53
we've got configured and we can
17:54
demonstrate that with an alignment
17:56
report. It's prospecting. We're bringing
17:58
on a customer that's going to start that
18:00
three that three tier pillar with us.
18:02
Defense, governance, proof. We need to
18:04
be able to prove this is where you were
18:05
from day one and this is where you are
18:07
for day two and this is where you're
18:09
going to be at day 143. And the next
18:12
episode I'm going to be talking about
18:13
which is coming up shortly is fixing
18:16
that framework understanding those
18:17
steps.
18:19
So let's look at framework here. We've
18:22
spoken about that unified piece. I
18:23
probably spoken about these slides
18:25
already but the framework sits for us
18:29
around defense governance and proof. And
18:31
this is the triangle the pillar that we
18:33
talk about when we unify a solution and
18:35
we talk specifically around enforcer.
18:38
Microsoft covers the defense. Microsoft
18:41
is giving us the ability with a single
18:42
tool to understand defender entra. So
18:47
defender for office defender for
18:48
endpoint identity protection device
18:51
management. All of that's available in
18:53
that single source that defending piece.
18:56
Then we want to look at governance. And
18:58
that governance sits with data
18:59
governance, device governance ongoing.
19:02
But if we take data governance to start
19:04
with, that's purview. That's data loss
19:06
prevention. That's policies across your
19:08
estate. We need to be able to measure
19:10
and protect against that. So that
19:12
ongoing governance piece starts with
19:14
leveraging drift detection, utilizing a
19:17
single pane of glass and enforcer for
19:19
your alignment piece, making sure
19:20
they're governed correctly. We are using
19:23
Enforcer not just to provide the right
19:25
security deployments for policies and
19:27
your best practices, but we're governing
19:29
it by making sure they're aligned to our
19:31
best practice and we're receiving drift
19:32
detections for that proactive step to to
19:36
sort out remediations. And then finally,
19:38
on top of that pillar, the area that we
19:40
always forget, and this is really where
19:42
Enforcer gives day one value is that
19:45
proof. running those reports, looking at
19:48
those measurements, demonstrating the
19:50
value that we bring as a business, as an
19:52
MSP to our customers. All of that's
19:55
available with the proof that we're
19:56
looking for with Enforcer.
19:59
I think this is the new MSP model and
20:01
that's why we're doing this series. This
20:03
is why this eight-part series covers
20:05
this. We need to defend our co our
20:07
clients. We need to govern the
20:09
environments we're looking at. We need
20:10
that single single pane of glass for all
20:13
of our tenants, not just a handful. When
20:14
we on board customers, I often see 20,
20:18
30, 40 tenants being added of an estate
20:20
that maybe has a thousand. That's not a
20:22
single pane of glass. We might be
20:24
looking at using it just to make sure
20:26
it's we're comfortable with the tool,
20:27
but the reality is we're leveraging
20:29
tools like Enforcer for that day one
20:31
value, being able to govern the
20:33
environments we're seeing through that
20:35
value. And the last point of that is the
20:38
proof of the value. making sure that the
20:39
tools you're using, we can demonstrate
20:41
the value for our customers, demonstrate
20:43
the value for our business owners,
20:45
demonstrate the value for regulatory
20:46
businesses, uh the reg regulatory
20:49
bodies, auditors, all of that starts
20:52
with making sure we have the right
20:53
products, the right reports under that
20:55
single pillar and that's that triangle
20:58
for us. The pyramids that we're talking
21:00
about, Microsoft do this really well
21:01
with their own pyramids of solutions
21:03
they offer um and it covers it
21:05
perfectly. But for when we talk about
21:07
the the three pillars defend, govern and
21:09
prove all of that sits here. The ability
21:12
to leverage Microsoft utilize governance
21:15
through purview through enforcer and
21:17
prove that value leveraging enforcers
21:20
environment.
21:22
So moving forward, what's next? So I've
21:25
spoken to you and I hope this has been
21:27
really valuable seeing where we should
21:29
be going as MSPs and what we could look
21:31
at. But next episode I want to do is
21:34
about managed email security managed
21:36
stack that we're using, what we've used
21:38
previously versus what we can be
21:39
leveraging. Now this is going to be a
21:42
small demo. We're going to go through a
21:44
few slides. We'll go through what
21:46
Microsoft has to offer currently in the
21:48
security suite around email security and
21:51
then we might dip into some of the
21:53
enforcer product as well depending on
21:55
time. Hope this has been really useful.
21:57
Any questions at all? Again, reach out
22:00
to Enforcer, get some demos booked, look
22:02
at ourselves, see the platform, see what
22:05
we're trying to deliver through those
22:06
three pillars. Um, and let's get you
22:09
guys in a unified MSP moving forward.
22:11
Look out for episode two, three, four,
22:14
five, six, seven, and eight. Um, and
22:15
hopefully this is proving some value.
22:17
Thank you very much for your time,
Copilot: What you do & don't know! - Episode 2: Where does Copilot get its data?
Hello everyone. Welcome to the defend, govern, improve uh YouTube series that we've got running here. Just to give you guys a bit of background, this is an eight-part um series that talks around about around the Microsoft 365 environment, but focusing on the MSP stack problem. Uh we've titled it defend, govern, and improve because we want to talk around the three pillars of building out a really good secure environment that works for managed service providers that can be
0:28
implemented to customers. Um and I and
0:31
this whole series goes through every
0:33
element where you can leverage Microsoft
0:36
um but where it fits within the the
0:38
world of security governance and proving
0:40
that for regulatory businesses,
0:42
insurance providers and also just your
0:44
customers generally.
0:46
So give you guys a bit of background. My
0:48
name is Tim. I'm one of our 365
0:49
solutions architects. I've been with
0:52
Enforcer for nearly 6 months uh from
0:54
date of this publishment.
0:57
And my role here is to enable MSPs to be
1:02
the best they can and the most efficient
1:04
proactive business that delivers
1:07
security, compliance, governance, and
1:09
protection to their customers. My job is
1:12
to make sure you guys are as efficient
1:14
as you can be, but leveraging the tools
1:16
to be proactive, less reactive, and and
1:20
scalable. We want scalability and
1:22
reliability and efficiency when we talk
1:24
to our MSPs. We're a partner for the
1:27
MSPs we work with. And this is why we
1:29
focus on giving these kind of content,
1:31
web content series, and theor um
1:34
webinars, YouTube series to to our
1:36
customers. And this is one of those key
1:38
topics that I think really resonates
1:40
when we talk about building out a good
1:43
technology stack or tooling for MSPs to
1:46
deliver the best they can for their
1:47
customers. Prior to my role here, I was
1:51
an MSP. I was I've been at three or four
1:53
MSPs over the last 12 years focusing
1:56
around Microsoft 365, whether that's
1:58
Azure, modern workplace as solutions
2:00
architect, more recently for an MSP in
2:03
central London that really focused
2:05
around financial services. So really hot
2:07
on security, governance and compliance.
2:10
Um so I've leveraged all of Microsoft
2:12
plenty of third party tools. Um and then
2:15
and then kind of really focusing on
2:17
purview in recent years. So this series
2:21
is to talk about that that MSP or
2:24
unifying MSP stacks, making sure we're
2:26
leveraging the right tools for the
2:29
customers that we service and support.
2:31
And I truly do think that sits with
2:33
leveraging Microsoft and that's why
2:35
we're doing this series. So it's part of
2:37
the defend govern. This episode today is
2:40
focused on the MSP stack problem. I want
2:43
to talk about the tools that we're
2:44
currently using previously versus what
2:47
we're using now or what we could be
2:48
using now. And then moving forward,
2:51
we're going to be doing things around
2:52
managed email security, endpoint
2:54
security. Uh we have some live webinars
2:57
that will be talking around this
2:58
throughout the course of 2026 um and
3:01
beyond. We've got plenty to come. But in
3:03
the meantime, uh sit back. Hopefully
3:06
you'll find this quite useful. So
3:09
today's episode is around the MSP stack
3:11
problem. If you're an MSP, I would
3:14
always encourage you guys to start
3:15
counting how many portals you need to
3:17
log in before 10 10:00 a.m. The reality
3:20
is it's going to be far more than six.
3:23
And it is, you know, we've got our
3:25
documentation solution, RMM solution. We
3:28
need to be logging into 365. Perhaps by
3:31
10 a.m. If you're a service desk
3:32
engineer, you've logged into three or
3:34
four different Microsoft 365 portals to
3:37
service problems or fix issues,
3:38
particularly on a Monday morning with
3:40
password resets. It's a continuous
3:42
journey for ourselves. We are constantly
3:44
having to log into different portals,
3:46
cloud backup solutions, um, additional
3:49
platforms, antivirus platforms that are
3:51
third party, all of these things. I'd
3:54
even include all the portals within
3:55
Microsoft 365 in this in this solution
3:58
that I'm discussing here. We've built
4:00
the modern MSP stack to protect
4:02
everything. As as MSPs, we focused on
4:05
making sure when we support a customer,
4:08
they are secure on the endpoint. Their
4:10
emails are secure. We can remote monitor
4:13
and manage their environment, i.e. the
4:15
RMM. We're backing things up. We're
4:17
keeping things protected. Maybe it's a
4:19
sock. We're getting alerts in providing
4:21
a reactive solution and a service. Live
4:24
responses are are critical. The thing
4:27
is, we don't need more tools. that what
4:30
we actually need is better trust in a
4:32
single platform or or better trust in in
4:35
minimal platforms and it starts with
4:37
making sure the tools that we leverage
4:39
provide more of the products or
4:41
solutions and services that we need and
4:44
for me I'm obviously working at enforcer
4:46
the conversation here is around enforcer
4:48
at the end of the day that single
4:51
platform for me I do believe most of it
4:53
can be solved with enforcer so we can
4:55
discuss that bit later on throughout the
4:57
course of this series in
5:00
So let's talk let's talk about the stack
5:02
and how it's spiraling. So previously
5:05
and I have I have this on another slide.
5:08
We've used and we've leveraged multiple
5:10
tools over the last several 15 plus
5:13
years. We look at that stack of
5:15
solutions that we need. The constant
5:17
renewal cycles is a pain in the ass.
5:19
Portal overload. Let's be transparent.
5:22
It's fatigue for your engineers when we
5:24
have to start teaching them 10 different
5:26
portals, 10 different policies within
5:28
those portals, def 10 different roles,
5:31
configurations, sign multiple platforms
5:34
to say we accept the risks associated
5:36
with using yet another portal, patch
5:39
management, EDR, IM, email security,
5:42
backup, seam solutions, compliance
5:44
tools, you name it. There are so many
5:46
and it's a stack of solutions for MSPs
5:50
that's going to drive us mad. Our
5:51
finance team probably go crazy when we
5:54
talk about yet another license or
5:56
another license renewal. Another thing
5:58
we have to keep on. We're building a
6:00
skyscraper of complexity and we need to
6:04
consider particularly for this year and
6:06
moving forward with AI coming into the
6:08
forefront more cyber security risks. We
6:11
need to start a consolidation. The more
6:12
tools we have, yeah, it spreads the load
6:15
maybe in terms of risk of things going
6:17
down, but let's be transparent. most of
6:20
the this day and age we leveraging
6:22
Microsoft 365 across the globe millions
6:25
and millions of companies are using it
6:27
if if the product goes down it doesn't
6:29
matter if email doesn't work because at
6:32
the end of the day our our spam filter
6:35
is useless if it's external because our
6:37
emails are down unless we've got
6:39
redundancy with mailflow um and we can
6:42
send emails elsewhere most companies
6:43
solely rely on it so it doesn't matter
6:45
if we've got an external email solution
6:47
for fishing it's already integrated and
6:50
baked into Microsoft 365. Should we not
6:52
consider using this already? My
6:55
suggestion is probably we should. We
6:56
don't need to have another tool, another
6:58
login for ourselves to use when
7:00
Microsoft's already injected 20 billion
7:03
pounds into email or into security
7:05
within their environment. It's more than
7:07
most leading providers for EDR
7:10
solutions, security solutions out there.
7:13
We should be considering how do we
7:15
consolidate stacks of solutions into one
7:18
single tool. I think Microsoft is a big
7:20
driver for that.
7:23
What's the cost complexity?
7:25
I mean, when we look at what's been
7:27
happening over the last 5 years, we've
7:29
clearly had a 30 to 50% rise in the
7:32
costs of most of the products we're
7:34
using. That might seem like only 10 20
7:36
30p per end user, but we're then
7:39
offsetting that either by ourselves.
7:40
we're just absorbing that cost and
7:42
giving it to our third party vendors or
7:44
we're having to go to the customer and
7:45
say you need to pay let's say an extra
7:47
two pound per per user per month. We're
7:50
we're in a world where there's always
7:52
rising costs and it's going to continue
7:54
to rise. If we are duplicating costs
7:57
because we're paying for one license
7:58
that's perhaps already included in say
8:00
business premium we're using at the
8:01
moment with Microsoft. We're duplicating
8:03
value or duplicating costs that we're
8:06
then offboarding or or lending or
8:08
providing back to the customer or we're
8:10
absorbing ourselves. Should we be doing
8:12
that? I would be questioning that we
8:14
don't. And the reality is clients don't
8:17
care at what the how many tools we use
8:19
or the tools that we're using. The
8:21
reality is they only care about how safe
8:23
they can feel. and clearly and how
8:25
clearly you could prove it as an MSP.
8:28
And I will probably admit and I I will
8:31
put my hand up to this, some customers
8:32
don't even care how safe they feel. They
8:34
just want to know that it's handled by
8:36
someone else. But for us as MSPs, our
8:39
focus should be on security, compliance,
8:42
governance, and proving the value of
8:44
what we're delivering. And the one thing
8:46
we quite often forget is enforcing an
8:48
environment, i.e. the governance piece,
8:51
and and proving it. Like if a risk came
8:53
into play and we're talking to a
8:54
customer that doesn't care about how
8:56
safe they are, but they have just
8:57
assumed it's handled by you, you need to
9:00
be able to go back to them and prove to
9:01
them that you have implemented the best
9:03
policies you could based on the
9:05
conversations you've had. And it starts
9:07
with making sure that we are keeping
9:08
things safe, secure, and the real MSP
9:11
impacts are clear. We have rising costs.
9:14
We're having alert overload with
9:16
productivity down and fatigue up because
9:18
we're getting alerts from all over the
9:19
place from different portals. Fragmented
9:22
reporting, inconsistent client
9:24
visibility is a big factor when we talk
9:26
about customers that do care about their
9:28
environment, their technology. We need
9:30
to make sure that our reports are
9:32
consistent to the customer. They are
9:34
getting the right information. It's
9:35
coming from the right value. And lastly,
9:38
that single source, the audit prep,
9:40
multiple readiness is really required
9:43
nowadays. making sure that we are
9:45
providing a single source or a single
9:48
pane of glass with the right reports and
9:51
enforcer focuses around Microsoft 365
9:53
which is why I'm driving this focus on
9:55
unifying our MSP stack to to a product
9:58
that's freely available but you guys are
10:00
already leveraging Microsoft as a
10:02
multi-tenant solution currently we have
10:05
hundreds if not thousands of of tenants
10:07
that we support depending on the MSP on
10:09
this discussion and call at the moment
10:12
how do we make sure that we are leverage
10:14
ing the products we already have
10:15
available and then once we do how do we
10:18
measure and enforce those pro processes
10:21
i.e. the governance drift detection and
10:23
then more importantly proving it. We
10:25
need to be able to run reports and prove
10:27
that value to the customer and that
10:29
starts with looking at that single
10:32
source of truth and unifying the stack
10:34
that we currently have.
10:36
So I want to talk about the shift. I
10:39
think particularly the last five years
10:42
and I think particularly more critically
10:44
the next five years people are going to
10:47
start focusing on Microsoft being that
10:48
central pillar. It started as just a
10:51
single piece of the puzzle i.e. email
10:54
maybe some share filing for shareepoint
10:56
but a single piece for that complex
10:59
security
11:00
product. Whereas now Microsoft with
11:03
their $20 billion injection of security
11:06
improvements, we now have Entra ID, the
11:09
identity protection and governance
11:10
piece. We have Intune device compliance
11:13
and management. We've got the purview
11:15
piece that data governance, the data
11:17
loss prevention and auditing platform.
11:18
That's the area we're looking at for
11:20
reporting and ongoing governance of an
11:22
environment. We have I've put 365e5
11:26
licensing because I'm a lover of that
11:27
product or license, but I know that
11:29
we've got business premium, defender
11:31
suite for business, which covers more
11:33
than enough for our SMB customers. Um,
11:36
and then we've got the XDR suite that
11:38
that license uplift with defender suite
11:40
for business really covers that single
11:42
security plane that we discussed with
11:43
our customers.
11:45
This is really critical. Microsoft have
11:48
basically said, look, we know that you
11:50
guys are using different companies. is
11:52
we know that there are competitors out
11:54
there, but let us build you a single
11:56
unified platform for you to be able to
11:58
deliver the best practice for your
12:00
customers. This is targeted for
12:01
enterprise businesses. There's no doubt
12:03
about it. Um, and Microsoft are openly
12:05
admitting this with Intune for MSPs.
12:08
They're deliberately saying use Enforcer
12:11
to focus on a unified multi-tenant
12:13
management solution. So you can leverage
12:15
those enterprise platforms but from a
12:17
single source i.e. enforcer for MSPs
12:21
that means you can replace those six
12:23
vendors with one stack i.e. Microsoft
12:26
and then leverage those outcomes and
12:28
those deliveries with enforcer that
12:30
single pane of glass even Microsoft's
12:33
power doesn't solve the last piece of
12:35
the puzzle. So it doesn't solve
12:37
necessarily that proof and that's the
12:39
gap when we talk about defend govern and
12:41
improve. Microsoft are taking defense
12:43
they're giving us that configuration
12:45
piece the ability to configure and
12:47
manage those policies providing that
12:50
entry id in tune perview the fender
12:53
suite that encompass solution. They're
12:55
allowing us to govern it with the right
12:57
licensing. We've got data governance.
12:58
We've got governance in identity
13:00
protection with conditional access.
13:02
Governance isn't just about data.
13:05
is about making sure that what we
13:07
implement and configure is enforced
13:09
across the business and we can measure
13:10
that enforcement but we need to be able
13:12
to prove that value and that's really
13:15
where that gap sits and that's where I
13:17
think enforcer provides that gap and
13:20
this is why we talk about defend govern
13:22
and prove that compliance gap the
13:25
evidence that we need to be able to
13:26
prove that we are implementing these
13:28
things and we're providing the value for
13:30
the customer and I think the statement
13:32
we always get with at least one if not
13:34
several customers every year is what am
13:36
I getting for my money when I'm paying
13:38
you per user or per device per month?
13:41
And the reality is we give customers a
13:44
reactive report. This is how many
13:46
tickets we're providing you a support
13:48
resolution. But I really challenge an
13:50
MSP to look further past just a reactive
13:53
measure. We always talk about being
13:55
proactive. For the first time, I think
13:57
in years, we have the ability to
13:59
demonstrate governance and proof as a
14:02
proactive measure to customers. We don't
14:04
want to just do a single deployment,
14:07
make sure it's configured, a single
14:09
point configuration, and then foxtra
14:11
Oscar to the next project. We need to be
14:13
able to go to the to from professional
14:15
service one-time delivery to ongoing
14:18
managed governance delivery. Governance
14:20
as a service isn't just data governance.
14:23
It's making sure that the
14:24
implementations we've configured stick.
14:27
So when we have an exclusion, someone is
14:29
excluded from a policy or a policyy's
14:31
changed, we need to measure that change.
14:33
We need to identify what change was
14:35
made, the metric that's been made, why
14:37
it's been made, who made it, and should
14:39
it have been made. That's governance as
14:41
a service. That's ongoing protection.
14:43
That's ongoing security analysis. All of
14:46
that sits with the governance piece. And
14:48
fundamentally, we then need to prove it.
14:51
So with Enforcer, we can dive drift
14:53
detection. we can make sure that we are
14:55
keeping customers aligned continuously,
14:57
whether that's partial alignment or a
14:59
full alignment to our best practices in
15:01
MSP.
15:03
And I say this and I'll always say, I'll
15:04
probably even say it in the next episode
15:06
and the episode after that, an MSP
15:08
doesn't need to have a unique security
15:10
baseline. It needs to be secure. And
15:13
that's secure across the board. Every
15:15
single person that we talk to, anyone
15:17
that's reading this or listening to this
15:19
uh this YouTube series now, it's not
15:22
about being unique. Every customer is
15:24
going to have some unique policies, but
15:26
the foundations of a good governed and
15:28
well-defensed environment or defended
15:31
environment starts with the same
15:33
security measures. And there are lots of
15:36
people out there that provide
15:37
recommendations of security measures
15:38
they could put in place. But
15:40
fundamentally, it's all about being
15:41
secure. And then we have to govern that.
15:43
Governing
15:46
Enforcer to make sure drift detections
15:48
in place for those alerting single day
15:50
value, day one value. when we talk about
15:52
bringing on all our customers into a
15:54
single platform like Enforcer is can we
15:57
make sure that we are governing that
15:59
environment? Can we make sure that
16:00
changes made we're being alerted to it?
16:02
And if you haven't got them in a single
16:04
source like Enforcer, you're not going
16:05
to get that governance piece. The second
16:08
part is the evidence. So let's take away
16:11
the governance. How do we prove that
16:13
value? So that statement, what am I
16:15
getting for my money? Rings true for
16:17
most of our customers. How do we
16:19
demonstrate we are providing that
16:21
governance piece? How do we make sure
16:23
that we are proving that? And that
16:25
starts with reporting. Starts with drift
16:27
detection email alerts to say, "Hey,
16:29
look, we are being proactive. We've
16:30
received an alert to say Jeffrey is the
16:33
head of IT for your business has made a
16:34
change. We've previously agreed with you
16:36
we wouldn't make any changes to this, so
16:38
we've reverted it." Or perhaps it's an
16:40
auto remediation. It's autoreverted back
16:42
based on your alignment piece. It's that
16:44
multi-tenant blind spot. We need to see
16:47
a unified platform, a single pane of
16:50
glass to make sure our customers are on
16:52
track to being secure and readily
16:55
available. And proof doesn't sit with
16:56
just the customer. Proof sits with your
16:59
business owners, the CEOs that are
17:00
watching this, the ones that want to
17:02
make sure that the customers they're
17:04
supporting really are secure. That
17:06
multi-tenant blind spot is so important.
17:08
We need to make sure we can see our
17:10
customers and they're aligned to our
17:12
best practices, our security values. And
17:14
when I say owl, I mean your best
17:16
practices in security. Almost all of us
17:18
will have the same security measures.
17:20
They just could be named differently.
17:22
Different named policy, different
17:23
configuration, maybe something that
17:25
doesn't matter for one industry that
17:26
does for another. Um when we talk about
17:29
industries that we support, financial,
17:31
medical, pharmaceutical, and so on. And
17:34
the last thing is being able to provide
17:36
that evidence. So running those
17:38
alignment reports that you have within
17:40
Forscer, the ability to produce a report
17:42
that shows you you are aligned to our
17:44
best practice. We can measure that with
17:46
policy tagging to determine this policy
17:49
aderes to door configurations for
17:51
example. We can leverage those that
17:53
we've got configured and we can
17:54
demonstrate that with an alignment
17:56
report. It's prospecting. We're bringing
17:58
on a customer that's going to start that
18:00
three that three tier pillar with us.
18:02
Defense, governance, proof. We need to
18:04
be able to prove this is where you were
18:05
from day one and this is where you are
18:07
for day two and this is where you're
18:09
going to be at day 143. And the next
18:12
episode I'm going to be talking about
18:13
which is coming up shortly is fixing
18:16
that framework understanding those
18:17
steps.
18:19
So let's look at framework here. We've
18:22
spoken about that unified piece. I
18:23
probably spoken about these slides
18:25
already but the framework sits for us
18:29
around defense governance and proof. And
18:31
this is the triangle the pillar that we
18:33
talk about when we unify a solution and
18:35
we talk specifically around enforcer.
18:38
Microsoft covers the defense. Microsoft
18:41
is giving us the ability with a single
18:42
tool to understand defender entra. So
18:47
defender for office defender for
18:48
endpoint identity protection device
18:51
management. All of that's available in
18:53
that single source that defending piece.
18:56
Then we want to look at governance. And
18:58
that governance sits with data
18:59
governance, device governance ongoing.
19:02
But if we take data governance to start
19:04
with, that's purview. That's data loss
19:06
prevention. That's policies across your
19:08
estate. We need to be able to measure
19:10
and protect against that. So that
19:12
ongoing governance piece starts with
19:14
leveraging drift detection, utilizing a
19:17
single pane of glass and enforcer for
19:19
your alignment piece, making sure
19:20
they're governed correctly. We are using
19:23
Enforcer not just to provide the right
19:25
security deployments for policies and
19:27
your best practices, but we're governing
19:29
it by making sure they're aligned to our
19:31
best practice and we're receiving drift
19:32
detections for that proactive step to to
19:36
sort out remediations. And then finally,
19:38
on top of that pillar, the area that we
19:40
always forget, and this is really where
19:42
Enforcer gives day one value is that
19:45
proof. running those reports, looking at
19:48
those measurements, demonstrating the
19:50
value that we bring as a business, as an
19:52
MSP to our customers. All of that's
19:55
available with the proof that we're
19:56
looking for with Enforcer.
19:59
I think this is the new MSP model and
20:01
that's why we're doing this series. This
20:03
is why this eight-part series covers
20:05
this. We need to defend our co our
20:07
clients. We need to govern the
20:09
environments we're looking at. We need
20:10
that single single pane of glass for all
20:13
of our tenants, not just a handful. When
20:14
we on board customers, I often see 20,
20:18
30, 40 tenants being added of an estate
20:20
that maybe has a thousand. That's not a
20:22
single pane of glass. We might be
20:24
looking at using it just to make sure
20:26
it's we're comfortable with the tool,
20:27
but the reality is we're leveraging
20:29
tools like Enforcer for that day one
20:31
value, being able to govern the
20:33
environments we're seeing through that
20:35
value. And the last point of that is the
20:38
proof of the value. making sure that the
20:39
tools you're using, we can demonstrate
20:41
the value for our customers, demonstrate
20:43
the value for our business owners,
20:45
demonstrate the value for regulatory
20:46
businesses, uh the reg regulatory
20:49
bodies, auditors, all of that starts
20:52
with making sure we have the right
20:53
products, the right reports under that
20:55
single pillar and that's that triangle
20:58
for us. The pyramids that we're talking
21:00
about, Microsoft do this really well
21:01
with their own pyramids of solutions
21:03
they offer um and it covers it
21:05
perfectly. But for when we talk about
21:07
the the three pillars defend, govern and
21:09
prove all of that sits here. The ability
21:12
to leverage Microsoft utilize governance
21:15
through purview through enforcer and
21:17
prove that value leveraging enforcers
21:20
environment.
21:22
So moving forward, what's next? So I've
21:25
spoken to you and I hope this has been
21:27
really valuable seeing where we should
21:29
be going as MSPs and what we could look
21:31
at. But next episode I want to do is
21:34
about managed email security managed
21:36
stack that we're using, what we've used
21:38
previously versus what we can be
21:39
leveraging. Now this is going to be a
21:42
small demo. We're going to go through a
21:44
few slides. We'll go through what
21:46
Microsoft has to offer currently in the
21:48
security suite around email security and
21:51
then we might dip into some of the
21:53
enforcer product as well depending on
21:55
time. Hope this has been really useful.
21:57
Any questions at all? Again, reach out
22:00
to Enforcer, get some demos booked, look
22:02
at ourselves, see the platform, see what
22:05
we're trying to deliver through those
22:06
three pillars. Um, and let's get you
22:09
guys in a unified MSP moving forward.
22:11
Look out for episode two, three, four,
22:14
five, six, seven, and eight. Um, and
22:15
hopefully this is proving some value.
22:17
Thank you very much for your time,
Episode 1 - What the Copilot is going on?