Stop Paying for Software You Don’t Use — A Licensing Reality Check

I had a conversation with a business owner a few weeks back that I keep thinking about. We were going through his monthly expenses, and when we got to software, he genuinely couldn’t tell me what half of it was for. There was a project management tool nobody had logged into since the bloke who set it up had left. A standalone video conferencing subscription, paid annually, sitting right beside the Microsoft 365 licences that already included Teams. A note-taking app the marketing person swore by, except marketing had moved on eighteen months ago.

None of these were big numbers on their own. Twelve dollars here, forty there. But added up across a year, he was handing over the cost of a part-time wage for software that was doing precisely nothing. And the part that stung wasn’t the money. It was that he had no idea it was happening.

The quiet leak nobody’s watching

Software waste doesn’t announce itself. There’s no alarm when a tool stops being used. The direct debit just keeps going, month after month, long after the person who championed it has gone or the project it supported has wrapped up. We call it shelfware, and almost every small business I look at has more of it than the owner expects.

The trouble is that nobody actually owns the question “are we still using this?” The person who signed up has moved on. Finance sees a line item but not a behaviour. And because each subscription feels small, it never quite makes it to the top of anyone’s to-do list. So it sits there, quietly compounding.

What makes it worse is duplication. You’d be amazed how often I find a business paying for a separate tool to do something Microsoft 365 already does. A third-party file-sharing service running alongside SharePoint and OneDrive. A standalone form builder when Microsoft Forms is sitting right there. A digital signature product when the basics are already covered. You’re not just paying for shelfware — you’re paying twice for the same job.

Do the audit you keep putting off

Here’s the good news: finding the waste is far easier than people assume, and you’ve already paying for the tools to do it.

Start in the Microsoft 365 admin centre. The usage reports will show you, plainly, who has signed into what and when. If you’ve got people assigned licences they haven’t touched in ninety days, that’s a conversation worth having. If you’ve got Copilot or premium licences sitting on accounts that don’t need them, that’s money you can claw back this afternoon.

Then turn Copilot loose on the question. Drop your last twelve months of software invoices into a folder and ask Copilot to pull every recurring software charge into a single list, grouped by vendor, with the annual cost beside each one. What used to be a tedious afternoon of scrolling through bank statements becomes a five-minute job. Ask it to flag anything that looks like it overlaps with a capability you already have in Microsoft 365, and you’ll have your shortlist of suspects before your coffee’s gone cold.

The point isn’t to cancel everything. Some of those subscriptions earn their keep. The point is to make a deliberate decision about each one, rather than letting inertia decide for you.

Consolidation is the real saving

Once you can see the full picture, the pattern usually becomes obvious. A handful of scattered tools, each solving one small problem, most of which the stack you already pay for could handle. Trimming the dead subscriptions feels good. But folding three overlapping tools back into Microsoft 365 is where the real money is — and you get the bonus of everything living in one place, with one login and one support number instead of five.

I’m not suggesting you rip everything out tomorrow. Specialist tools exist for good reasons, and sometimes the dedicated product genuinely is the better fit. But “we’ve always paid for it” is not a reason. Neither is “someone set it up once.”

The habit, not the one-off

The owner I mentioned trimmed his software spend by nearly a third in an afternoon. The bigger win was the habit. Now he runs the same check every quarter — a recurring task in Planner, fifteen minutes, no drama.

Your software bill is one of the few costs you can cut without touching a single person or a single customer. That’s rare. Go and have a look at what you’re actually paying for. I suspect you’ll be surprised.

The Real Cost of Cheap IT (And Why It’s Always More Expensive)

Every so often a business owner tells me, with a certain pride, that they’ve just slashed their IT bill. They found someone cheaper. They dropped a subscription. They put off an upgrade for another year. And I always think the same thing: I’ll see you in about eight months, when the bill comes due.

Because cheap IT doesn’t make the cost disappear. It just moves it somewhere you can’t see it yet — and adds interest.

The bill you don’t get an invoice for

Here’s the trap. IT done well is mostly invisible. Nothing breaks, nobody’s locked out, the backups run, the laptops just work. So it’s easy to look at that calm and decide you’re paying too much for not much. You trim it back to the cheapest option that still technically functions.

Then a staff member spends forty minutes fighting a file that won’t sync, twice a week. Then an invoice goes out with last quarter’s pricing because the document everyone was working from wasn’t the real one. Then someone clicks a link they shouldn’t have, and suddenly you’re not saving money — you’re paying a security firm by the hour and explaining yourself to clients.

None of those land as a line item. There’s no invoice that says “rework: $14,000”. But it’s real money, and you paid it. You just paid it in lost hours, redone work, and the slow drag of people working around problems instead of through them.

“Expense” and “investment” aren’t the same sentence

The language we use shapes the decision. The moment you file IT under “expenses”, it sits next to the stationery order and the cleaning contract — things you’re naturally trying to shrink. And shrinking it feels responsible.

But you don’t talk about your best salesperson as an expense to be minimised. You talk about what they return. IT deserves the same question: not “how little can I spend on this?” but “what does this give back?”

Take something as ordinary as Microsoft 365. Plenty of businesses run the cheapest plan, treat it as email-and-a-spreadsheet, and never look again. Meanwhile the business down the road is using the same platform as an actual operating layer — documents living in SharePoint instead of scattered across desktops, a quick approval running through Teams instead of a three-day email chain, Copilot in Outlook turning a tangled forty-message thread into a clear summary before a meeting, or drafting the first version of a proposal so someone isn’t staring at a blank page for an hour.

Same vendor. Same monthly cost, give or take. Wildly different return. One business bought a licence. The other bought time back.

Cheap is a decision you make again every week

The thing about underspending on IT is that it isn’t a one-off saving. It’s a recurring tax. Every week the slow systems are still slow. Every week the manual process is still manual. Every week the thing you didn’t secure is still sitting there, unsecured. You congratulated yourself on the saving once, but you pay for it continuously.

And the cruel part is that it compounds in the wrong direction. The longer you defer, the further behind your setup drifts, the more painful and expensive the eventual catch-up becomes. Cheap today quietly guarantees expensive tomorrow.

I’m not arguing for spending more for its own sake. Throwing money at IT is just a different kind of waste. The point is to spend deliberately — on the things that actually move your business. Ask what a tool returns, not just what it costs. Ask what an hour of downtime costs you, then look again at the price of preventing it. Ask whether your people are working with their tools or fighting them.

The real question

So when you’re staring at an IT quote and the cheaper option is winking at you, don’t ask which one costs less. Ask which one costs less over the next three years — once you’ve counted the downtime, the rework, the risk, and the hours your team gets back when things simply work.

Cheap IT isn’t a saving. It’s a loan you take out against your future, and the repayments show up exactly when you can least afford them. The businesses that treat technology as something that earns its keep — Microsoft 365 and Copilot included — aren’t spending more. They’re just refusing to pay the expensive kind of cheap.

AI Is Coming for Your Business — Will It Be Your Best Hire or Your Biggest Risk?

Last week I watched a business owner ask Copilot to summarise a forty-message email thread, draft a reply, and pull the three action items into a list — all before his coffee had cooled. He looked up and said, half-joking, “That’s better than the temp I hired last summer.” Then his face changed. “Wait. Is this thing safe? Where did all that just go?”

That single moment is the whole argument. The same tool that feels like your sharpest new employee can, in the wrong setup, feel like your most exposed liability. Both reactions are correct. The question isn’t whether AI is coming for your business — it already walked in the door the day you switched on Microsoft 365 Copilot. The question is which version of it you’ve actually hired.

The best hire you’ve ever made

Let me be honest about why people fall in love with this stuff. A good hire doesn’t need everything spelled out. They pick up context, remember what happened last quarter, and get on with it. That’s exactly what Copilot does when it’s grounded in your own data.

Ask it in Outlook to catch you up on a client you haven’t spoken to in a month, and it reads the thread history, the meeting notes in Teams, and the proposal sitting in SharePoint — then hands you a briefing. Drop a messy spreadsheet of sales numbers into Excel and ask which region slipped, and it tells you, with the reasoning, in seconds. Walk into a meeting late and Copilot in Teams gives you what you missed and what you’re expected to say.

This isn’t a chatbot answering trivia. It’s a capable assistant working across your inbox, your documents, your calendar — the same surfaces your team already lives in. For a small business that can’t afford a chief of staff, that’s genuinely levelling. I’ve seen one-person operations punch well above their size simply because the admin grind stopped eating their day.

The biggest risk you haven’t priced in

Here’s where I get less comfortable. The thing that makes Copilot powerful — it can see your data — is exactly the thing that should make you cautious. A new hire who can read every file in the building is only safe if the building has locks on the right doors.

Most small businesses don’t. Permissions sprawl over years. That old SharePoint site “everyone” can access. The shared mailbox nobody cleaned up. The folder of contracts a departing staff member could still open. For years that mess was survivable because nobody had the time to go digging through it. Copilot has all the time in the world, and it digs instantly. Ask it the wrong question and it might cheerfully surface salary figures, a confidential deal, or a client’s private details to someone who was never meant to see them.

That’s not Copilot misbehaving. That’s Copilot doing precisely what you asked, on top of a foundation you never tidied. The tool didn’t create the risk — it just made your existing mess searchable at the speed of conversation. Tools like Microsoft Purview and proper access reviews in Entra exist for this reason, but most businesses I talk to haven’t touched them.

So which one did you hire?

The uncomfortable truth is that you don’t get to choose between “best hire” and “biggest risk” as two different products. They’re the same product. The difference is entirely in the preparation you did before turning it loose.

A great new employee with no onboarding, no boundaries, and access to everything is a liability waiting to happen — that’s true of people and it’s true of AI. The businesses getting real value from Copilot are the ones that did the boring work first: cleaned up who can see what, set sensitivity labels on the documents that matter, and decided deliberately what the tool should and shouldn’t reach.

The ones treating it as a magic switch are the ones who’ll have a very bad day, probably one they won’t even notice until a client mentions seeing something they shouldn’t have.

I’m not in the camp that says slow down and wait. The advantage is real and the businesses that move now will pull ahead. But I am firmly in the camp that says you wouldn’t hand a new starter the keys to the entire business on day one without a single conversation about boundaries. Give your AI the same respect.

Hire it well, and it’s the best decision you’ll make this year. Hire it carelessly, and it’s the breach you’ll spend next year explaining.

Our Business Isn’t Too Small to Be a Target — It’s the Perfect One

I hear the same line at least once a month. It usually comes near the end of a conversation, after I’ve raised the idea of tightening up someone’s security. The owner leans back, gives a little shrug, and says some version of: “Mate, we’re tiny. Why would anyone bother with us?”

I understand the instinct. When you’re running a ten-person business out of a converted warehouse, the idea that someone in another country has you in their sights feels absurd. You’re not a bank. You’re not a government department. You’re just trying to get invoices out and keep the team paid. Surely the criminals are off chasing bigger fish.

That’s exactly the thinking they’re counting on.

Nobody Is Picking You by Name

Here’s the part most owners get wrong. They picture a hacker hunched over a keyboard, deliberately choosing their business out of all the businesses in the world. That’s not how it works. Almost none of it is personal.

Modern attacks are automated. Software quietly scans enormous ranges of the internet, day and night, knocking on every door it can find and noting which ones are unlocked. It doesn’t know you’re a plumbing supplier in Penrith or a three-person design studio. It only knows your front door opened when it shouldn’t have. To that software, “too small to matter” simply doesn’t exist as a category. There’s only “easy” and “hard.”

And small businesses, on the whole, are easy. No dedicated IT person. Passwords reused across half a dozen logins. Multi-factor authentication switched off because it felt like a hassle. That combination is gold to an attacker, because the effort is low and the payoff is real. A single compromised Microsoft 365 account can read every email, reset other passwords, and quietly send invoices with the bank details changed to theirs. You don’t need to be big to be worth a few thousand dollars of someone’s afternoon.

The Invisibility You Feel Is the Vulnerability They Want

The cruel irony is that the very feeling protecting your peace of mind — “we’re invisible, nobody’s looking” — is the thing that leaves you exposed. Because if you believe nobody’s looking, you don’t bother locking up. You stay on the basic plan. You skip the security review. You assume the defaults are fine.

I had a client go through exactly this last year. Small operation, well run, no reason to think they were on anyone’s radar. One staff member clicked a convincing email, typed their password into a fake login page, and that was it. The attacker sat inside the mailbox for the better part of a week — reading, watching, learning the rhythm of how money moved — before redirecting a genuine client payment. The owner’s first words to me were, “I didn’t think we were big enough for this to happen.”

That’s the trap, summed up in one sentence. Feeling small doesn’t make you safe. It just makes you slow to defend yourself.

The Good News: The Locks Are Already in the Building

Here’s what I tell people, and it’s the part worth holding on to. You don’t need an enterprise budget to stop the overwhelming majority of this. The tools are very likely sitting in the Microsoft 365 subscription you already pay for.

Turn on multi-factor authentication for every account — it’s the single biggest difference you can make, and it blocks the password-stealing attack I just described almost entirely. Switch on the security defaults in Microsoft Entra so the obvious gaps close themselves. Let Microsoft Defender do what it’s built to do: catch dodgy attachments and links before a tired staff member clicks them at 4pm on a Friday.

You can even put Copilot to work here. Ask it in plain English to summarise the recent sign-in activity across your tenant, or to walk you through what your current security settings actually mean. I’ve watched owners who’d never open an admin console suddenly understand their own exposure because Copilot explained it in language that made sense to them, sitting right there in their browser.

None of this is glamorous. None of it makes for an exciting Monday. But it’s the difference between being a hard door and an easy one — and easy is the only thing the software scanning the internet actually cares about.

So drop the idea that you’re too small to bother with. You’re not invisible. You’re convenient. The sooner you stop feeling safe and start being protected, the less interesting you become to the only audience that matters here — and that’s a very good place for a small business to sit.

Exchange Online Protection anti-spam / anti-phish policy stacking

Most people think email security in Microsoft 365 is a switch. It’s not. It’s a stack.

And the stack runs in an order you don’t get to vote on.

I see the same thing on tenant after tenant. Someone opened the anti-spam policy years ago, nudged a slider, ticked a box they’d read about on a forum, and walked away. The default phishing policy has never been touched. Connection filter? Empty. Then a dodgy invoice lands in the MD’s inbox and everyone’s surprised.

Here’s the part that catches people out. Those custom tweaks you made? They might be the reason the bad mail got through.

Stop hand-building policies. Turn on the presets and learn the order things fire in. That’s the whole job.

What is policy stacking, really?

Every inbound message runs a gauntlet. Connection filtering checks the source IP. Anti-malware scans the payload. Anti-spam scores the content. Anti-phishing checks for spoofing and impersonation. Each layer has its own policy, and each policy has a priority number.

That’s not one setting. That’s five layers, each with its own verdict, stacked on top of each other.

The catch is precedence. When two policies could apply to the same person, only one wins — the one with the highest priority. Your hand-rolled custom policy beats the preset. The preset beats the default. So if you built a loose custom anti-spam policy back in 2021 and switched on the Standard preset last week, the custom one still wins. The preset you thought protected everyone is being skipped for those users.

Microsoft lays out the full order of precedence — read it once and it’ll save you a dozen support tickets.

Step-by-Step: turn on the stack

You do all of this in the Microsoft Defender portal. No PowerShell. No Exchange admin center.

Open the presets

Go to security.microsoft.com → Email & collaboration → Policies & rules → Threat policies → Preset Security Policies.

Turn on Standard for everyone

Flip Standard protection to On and apply it to All recipients. That covers anti-spam, anti-malware, anti-phishing — and, if you’re licensed for Defender, Safe Links and Safe Attachments — all on Microsoft’s recommended settings, all maintained for you.

Turn on Strict for the people who get targeted

Flip Strict protection on and scope it to the MD, finance, payroll, and anyone with signing authority. Strict catches more and complains more. That trade is worth it for the accounts attackers actually go after.

Add your impersonation names

In the Strict wizard, add the names and addresses of your VIPs to impersonation protection. This is the bit that stops “Hi, it’s the boss, can you buy some gift cards.”

Delete the cruft

Go back to your custom anti-spam and anti-phishing policies. Any old one that’s weaker than the preset is now a hole. Remove it, or you’ve armoured the front door and left a window wide open.

Notice what’s missing from that list?

Inbound mail flow:
  Connection filter → Anti-malware → Anti-spam → Anti-phishing

Standard preset  → All recipients
Strict preset    → VIPs + impersonation list

No sliders. No SCL thresholds. No ASF tick-boxes you read about once and never quite understood. The presets carry all of that, and Microsoft updates them as the threats move. You’re not tuning a spam filter any more. You’re choosing who gets the strong one.

Why this actually changes behaviour

“We’ve always had email security on.”

Sure. But “on” and “correctly ordered” are two different sentences. Most tenants I audit have layers fighting each other — a custom policy quietly overriding the preset, an exclusion nobody remembers, a default policy doing the bare minimum for half the staff.

Presets end that argument. Everyone gets a known-good baseline. Your VIPs get more. And because the settings aren’t yours to drift, the config still makes sense in two years when someone else opens it.

For an MSP, that’s gold. You deploy the same posture across every client in an afternoon, document it in one screenshot, and stop defending slider choices in a review. Consistency is a security control. Drift is the vulnerability.

If you’re still hand-tuning spam policies client by client, you’re doing unpaid work that makes them less safe.

Turn on the presets. Fix the order. Delete the rest.

That’s not a spam setting. It’s a security baseline — and it’s already in the licence you sold them.

The Gap Is The Point

Someone asked me last week what my goals were for the next twelve months. I gave the usual answer — bigger speaking calendar, more clients, a couple of certifications I’ve been putting off. Standard stuff. Then I drove home and realised the answer I’d just given was the version of me that exists today talking. Not the version I’m trying to become. There’s a difference, and most of us never sit with it long enough to feel it.

I’ve started thinking about my future self as a separate person. Not a fantasy figure, but the version of me five years from now who reads what I’m reading now, sits in the rooms I’m sitting in now, eats what I’m eating, wakes up with the habits I’m building today. That person already exists in outline. Every choice I’m making is voting for who they turn out to be.

The inputs are the outputs

The honest truth is that almost nobody wakes up in five years and accidentally becomes someone better. The reading you do, the people you stay close to, what you put on your plate at lunch, the routines you let calcify — those are the materials. There is no secret fifth ingredient. If you don’t like where you’re heading, change one of the four. That’s the whole lever.

The trap is thinking the future version of you is waiting for some big reinvention moment. A course, a milestone, a quiet six months. That moment never arrives. The future you is being built right now, in the tiny decisions you barely notice — the email you snap off in two seconds versus the one you take three minutes to write properly, the meeting you let drift versus the one you tighten with an agenda before walking in.

What would the better version do right now

This is the question I keep coming back to. Not what would I do — what would the sharper, calmer, more focused version of me do with this hour? The one I’m trying to become. It reframes everything. The reply I was about to send, the meeting I was about to accept, the rabbit hole I was about to fall into. Most of the time the answer is obvious; I just don’t want to hear it.

This is also where Copilot has quietly changed how I work. When I open Outlook in the morning and ask Copilot to summarise overnight threads, the better version of me actually has time to think instead of reacting to a triage queue. When I sit down to a Teams meeting and let Copilot handle the recap, I’m fully present in the conversation rather than half-scribbling notes. The point isn’t the feature — it’s that the friction keeping me stuck in version-of-me-today gets quietly removed. The future me has more room to show up.

Direction, not failure

Most people read the gap between who they are and who they want to be as evidence they’re falling short. I read it the other way. The gap is the only signal that tells you which way to walk. If there’s no gap, you’ve stopped growing. If the gap is huge, that’s not a problem — that’s a map.

So this week I’m watching what I read, who I sit with, what I put on my plate, and which habits I’m letting form by accident. Five years sounds like a long time. It isn’t. It’s about 1,800 versions of today, stacked on top of each other. The future me is being built in the next hour. So is yours.

Copilot audit logs in Purview

Most people ask the wrong question about Copilot.

They ask “is it safe?” What they mean is “can it leak our stuff?” Fair worry. But it’s the wrong place to start.

The real question a client should be asking is “can you show me what Copilot has been doing?” Because if the answer is no, safe or not doesn’t matter. You’re flying blind.

Here’s the thing nobody tells you in the licensing pitch. Every Copilot interaction is already being recorded. You don’t have to buy anything. You don’t have to flip a switch. It’s been sitting in the unified audit log the whole time, waiting for someone to go look.

Most MSPs never do.

What is Copilot audit logging, really?

It’s the receipt for every conversation your users have with Copilot.

When someone asks Copilot in Word to summarise a document, or asks Copilot in Teams what they missed, that interaction writes a record into Microsoft Purview. Who did it. When. Which Copilot app. And — this is the part that matters — which files and resources Copilot reached into to answer.

This happens automatically as part of Audit (Standard), which is on by default for business tenants. If auditing is running, Copilot logging is running. Microsoft spells it out in the audit logs for Copilot and AI applications docs: no extra steps, no separate config.

That’s not a feature you enable. That’s a feature you’ve been ignoring.

Step-by-Step: finding Copilot activity in Purview

Open the Audit solution

Go to the Microsoft Purview portal at purview.microsoft.com, sign in, and pick Audit from the Solutions list on the left. If you’ve got the Audit Logs or View-Only Audit Logs role, you’ll land on the search page. If you don’t, that’s your first job — sort the permissions, per the search the audit log guidance.

Set your date range and activity

Pick a start and end date. Then in the activities filter, search for the Copilot record type.

RecordType: CopilotInteraction
Activity:   Interacted with Copilot

Notice what’s missing? No prompt text in that filter. The audit row tells you that a conversation happened and what files it touched — it doesn’t hand you the back-and-forth wording. That content lives elsewhere, retained for eDiscovery and Communication Compliance, not in the row you’re reading. Knowing that distinction is what separates someone who’s read the docs from someone who’s guessing.

Run the search and read the resources

Start the job. It keeps running even if you close the browser, and finished searches stick around for 30 days. Open a result and look at the AccessedResources field. That’s the gold. It shows the actual files Copilot pulled in to ground its answer.

This is where oversharing shows up. If Copilot is referencing a payroll spreadsheet for someone in the warehouse, you didn’t find a Copilot problem. You found a permissions problem Copilot just made visible.

Export when you need a paper trail

Push the results to CSV. Now you’ve got evidence, not anecdotes.

Why this actually changes the client conversation

Walk into a renewal with “Copilot is secure, trust me” and you sound like every other reseller.

Walk in with “here’s a report of every file Copilot accessed last quarter, and here are the three oversharing issues we caught and fixed” — that’s a different meeting. That’s you doing governance, not selling a licence.

“Wait, so I can actually prove Copilot isn’t quietly reading files it shouldn’t?”

Yes. And that single sentence is worth more to a nervous business owner than any feature slide.

One caveat worth knowing. Retention isn’t infinite and it isn’t equal. On most Business Premium tenants you’re looking at 180 days. On E5, key workloads stretch to a year, and you can build longer audit log retention policies if compliance demands it. If a client needs to answer “what happened nine months ago,” check the retention before you promise the answer exists.

This is the stuff cyber insurance forms ask about. It’s what SMB1001 and Essential Eight assessors want to see. Not “do you have Copilot.” But “can you account for what it did.”

Copilot doesn’t forget. Make sure you can read what it remembers.

If you’ve rolled Copilot out to a client and you can’t pull this report, you haven’t finished the rollout. You’ve just started the part nobody bothered to do.

Why Your Marketing Keeps Disappearing

I see the same pattern in MSP after MSP. The pipeline thins out, sales gets nervous, and suddenly there’s a flurry of activity. A newsletter goes out. A few posts appear on LinkedIn. Someone dusts off the old webinar deck. Leads start trickling in, projects get signed, and the team gets buried in delivery. Six weeks later, the marketing has gone quiet again. No newsletter. No posts. No webinar. Just heads down, tickets, and onboarding.

Then the pipeline thins out again. And the cycle starts over.

What surprises me is how few owners recognise this as the actual problem. They tell me they’re tired of marketing. That it doesn’t work. That they’ve tried it. But when I push a little, what they’ve actually tried is marketing in panic mode — a short, intense burst when sales were already down. Of course it didn’t work. It was never given enough time to.

The exhaustion is the symptom, not the cause

The story most owners tell themselves sounds reasonable. “I stopped because I was exhausted.” Sit with it for a minute and the logic flips. You weren’t exhausted because you were marketing. You were exhausted because you were doing everything in catch-up mode — chasing leads you should have already had, writing content you should have written months ago, scrambling for testimonials you should have collected at the time of delivery.

Steady marketing isn’t what wears people out. The on-again, off-again version is what wears people out. And every time you stop, you guarantee the next round will be harder than the last, because you’re always starting cold.

Make the boring part automatic

This is the part where Microsoft 365 quietly earns its keep. Most MSPs already pay for it. Few of them use it for their own business the way they sell it to clients.

Pick one rhythm and protect it. A weekly post. A fortnightly newsletter. A monthly client tip. Whatever the cadence, build it inside the tools you already live in. I’ll sit down on a Sunday morning, open Copilot in Word, and ask it to turn a few rough notes from the week into a draft post. Ten minutes later I have something to work with rather than a blank page. In Outlook, Copilot can take a long internal email — a war story from a recent project, an interesting client question — and reshape it into something appropriate for an audience.

Park the ideas as they happen. A Loop component pinned in a Teams channel called “marketing scraps” is enough. A Planner board with one column for “next post”, one for “next newsletter”, and one for “case study someday” gives you a queue instead of a panic. None of this is glamorous. It’s plumbing. But the plumbing is what keeps the tap running when you’re flat out delivering.

Steady beats clever

I’ve never met an MSP that grew because of one brilliant campaign. I’ve met plenty that grew because they kept showing up — every week, every month, regardless of how the pipeline looked that quarter. The content wasn’t always sharp. The newsletter wasn’t always polished. But it was there.

If your marketing only appears when you need sales, your prospects learn the pattern too. They see the silence and read it correctly. The fix isn’t a bigger push. It’s a smaller, steadier one — and an honest look at why the quiet stretches keep happening.

You’re not exhausted by marketing. You’re exhausted by stopping.