Category: AI

Creating an Automated Agent to Post Historical Computer Events in Teams Daily

image

I recently did a video here –

Video link = https://www.youtube.com/watch?v=KZkhK41lynI

but I’ve now been able to produce the following steps for your to replicate this.

Automate Daily Updates in Teams with Copilot Studio & Power Automate: A Step-by-Step Guide

Ever wanted a little bot to automatically post daily updates, fun facts, or important reminders into your Microsoft Teams channel? Maybe a “This Day in History” update, a daily project status reminder, or a motivational quote?

In this guide, we’ll walk through how to build an automated agent using Microsoft Copilot Studio and Power Automate that posts information to a Teams channel on a daily schedule. We’ll use the example from the video: creating a bot that posts significant computer history events for the current day.

What You’ll Need:

  1. A Microsoft 365 account.

  2. Appropriate licenses to use Power Automate and Copilot Studio.

  3. Access to Microsoft Teams and permission to post in a specific channel.

The Overall Process:

We’ll create a system with a few interconnected parts:

  1. Power Automate Flow #1 (Trigger): Runs once a day on a schedule.

  2. Copilot Studio Agent: Receives a prompt from Flow #1, uses its general knowledge (AI) to find the relevant information (e.g., historical events).

  3. Copilot Studio Topic: Takes the AI-generated response and triggers another flow.

  4. Power Automate Flow #2 (Action): Receives the formatted response from the Copilot Topic and posts it to a designated Teams channel.

Let’s break it down!

Step 1: Create Your Copilot in Copilot Studio

  1. Navigate to Microsoft Copilot Studio.

  2. Create a New Copilot. Let’s name it “History Bot” for this example (the video used “History”).

  3. Configure Basic Details:

    • Name: History Bot

    • Description: An agent that posts historical events daily.

    • General Instructions: Use general knowledge to create a list of historical events that happened on this day relating to computers. (Adapt this instruction based on the type of information you want the bot to post).

  4. Enable Orchestration: Ensure the “Use generative AI to determine how best to respond…” toggle under Orchestration is Enabled. This allows the Copilot to understand the instructions and use AI.

  5. Configure Knowledge:

    • Go to the Knowledge section (you might need to scroll down or find it in the left navigation).

    • Ensure “Allow the AI to use its own general knowledge” is Enabled. This lets the bot search the web based on your instructions. We won’t add specific documents for this example.

Step 2: Create the Daily Trigger Flow (Power Automate Flow #1)

This flow starts the process each day.

  1. Go to Microsoft Power Automate.

  2. Create a New Flow > Scheduled cloud flow.

  3. Configure the Trigger:

    • Give your flow a name (e.g., “Daily History Trigger”).

    • Set the schedule: Repeat every 1 Day.

    • Choose a specific time for it to run (e.g., 12:45 PM as shown in the video).

  4. Add Action: Send Prompt to Copilot:

    • Click “+ New step”.

    • Search for and select the “Copilot Studio” connector.

    • Choose the action “Sends a prompt to the specified copilot for processing (Preview)”.

    • Select your Copilot: Choose the “History Bot” (or whatever you named it) from the dropdown.

    • Prompt: Enter the text you want to send to the Copilot each day. Based on the video and our Copilot instructions, this would be something like: Please tell me about today in history with computers.

  5. Save this flow.

Step 3: Create the Posting Topic in Copilot Studio

This topic handles the response from the AI and sends it to the next flow for posting.

  1. Go back to your History Bot in Copilot Studio.

  2. Navigate to the Topics section.

  3. Optional Cleanup: The video creator removed the default/generic system topics. You might want to do this for a dedicated bot like this to keep things clean, but it’s not strictly necessary.

  4. Create a New Topic > From blank.

  5. Name the Topic: Call it “Post Result”.

  6. Configure the Topic Trigger:

    • Click on the default “Phrase” trigger and delete it.

    • Add a new trigger. Select the trigger type: AI response generated (or similar wording like “On Generated Response”). This means the topic starts after the Copilot AI has formulated its answer based on the prompt from Flow #1.

  7. Add Action: Call Power Automate Flow:

    • Click the + below the trigger and select Call an action > Create a flow. This will open Power Automate in a new tab to create Flow #2.

Step 4: Create the Posting Flow (Power Automate Flow #2)

This flow takes the Copilot’s response and posts it to Teams.

  1. Power Automate should have opened with a trigger “When an agent calls the flow (Preview)”. This trigger will have an input field ready.

  2. Define Input:

    • Click on the trigger step.

    • Add an input of type Text. Name it something descriptive like CopilotResponseContent. This is where the Copilot topic will pass the AI’s generated text.

  3. Add Action: Post to Teams:

    • Click “+ New step”.

    • Search for the “Microsoft Teams” connector.

    • Select the action “Post message in a chat or channel”.

    • Post as: Choose Flow bot.

    • Post in: Select Channel.

    • Team: Select the Team you want to post to.

    • Channel: Select the specific Channel within that Team.

    • Message: Click in the message box. The dynamic content panel should appear. Select the CopilotResponseContent input variable you defined in the trigger step. This inserts the text generated by the Copilot.

  4. Add Action: Respond to Agent:

    • Click “+ New step”.

    • Search for “Copilot Studio” connector.

    • Select the action “Respond to the agent”. (This step simply tells the Copilot topic that the flow has finished). You usually don’t need to add outputs here for this simple scenario.

  5. Save this flow. Give it a name like “Post History Bot Result to Teams”.

Step 5: Connect the Topic to the Flow

  1. Go back to the Copilot Studio tab where you were editing the “Post Result” topic.

  2. The “Call an action” step should now let you select the flow you just created (“Post History Bot Result to Teams”). Select it.

  3. Map Inputs: You’ll see the CopilotResponseContent input field you created in Flow #2. You need to tell the topic what to send to this input.

    • Click the input field.

    • Select the lightning bolt icon (Insert variable).

    • Go to the System variables.

    • Find and select Response.FormattedText. This variable holds the final, formatted answer from the Copilot’s AI generation process.

  4. End the Topic: Add a final step to the topic: End conversation > End current topic.

  5. Save the topic.

Step 6: Testing and Troubleshooting

  1. Test Flow #1: In Power Automate, open the “Daily History Trigger” flow. Click Test > Manually > Run flow. This simulates the daily schedule.

  2. Check Copilot Activity: In Copilot Studio, go to the Activity tab for your “History Bot”. You should see a new session started by the “History Trigger”. It will show steps like “Knowledge sources used” and eventually call the “Post Result” topic.

  3. Check Teams: Look in the designated Teams channel. The message should appear shortly after the flows run successfully.

  4. Troubleshooting Connection Issues (Common Problem):

    • Symptom: In the Copilot Studio Activity > Transcript view, you might see the process get stuck on “Waiting for user” and display a card saying “Additional permissions are required to run this action. To proceed, please select ‘Connect’…” This usually means the connection for Flow #2 (posting to Teams) isn’t working correctly.

    • Problem: The “Connect” button on that card might not work reliably.

    • Workaround 1 (Recommended): In Copilot Studio, go to the Test your agent pane > click the More options (…) menu > Manage connections. This opens the connection management page. Find the connection related to your “Post History Bot Result to Teams” flow (it will likely show an error or ask for reconnection) and fix it, ensuring it’s properly authenticated to Teams.

    • Workaround 2 (Advanced): As shown in the video, you can use your browser’s Developer Tools (F12). Inspect the non-working “Connect” button element in the transcript view. Find the aria-label or similar attribute containing a URL (it will look something like https://copilotstudio.microsoft.com/c2/tenants/…/user-connections). Copy this URL, paste it into a new browser tab, and follow the prompts to fix the connection.

    • After fixing the connection, you may need to re-test Flow #1.

Conclusion

That’s it! You’ve now built an automated system where Power Automate triggers a Copilot Studio agent daily, the agent uses AI to generate content, and another Power Automate flow posts that content into Teams.

You can adapt the Copilot’s instructions, the trigger schedule, and the final Teams message formatting to suit countless automation needs. Happy automating!

Creating an Automated Agent to Post Historical Computer Events in Teams Daily

Video link = https://www.youtube.com/watch?v=KZkhK41lynI

In this video, I walk you through the process of creating an automated agent that posts daily historical computer events in a Teams channel. Starting from copilotstudio.microsoft.com, I show you how to set up the agent, configure triggers, and manage connections. Learn how to troubleshoot common issues and ensure your agent runs smoothly. Join me as I share tips and insights to help you leverage AI for regular updates in your business. Don’t miss out on this practical guide to enhancing your team’s productivity with automation!

Copilot agent stuck on Waiting for user

Screenshot 2025-04-26 083251

I’ve been working on an autonomous action in Copilot Studio and found that it seems ot get stuck on”Waiting for user” as shown above.

Screenshot 2025-04-26 083410

When I open that activity, again you’ll see that it says “Waiting on user”

Screenshot 2025-04-26 083508

If I go to the top right and select Transcript from the menu as shown above.

Screenshot 2025-04-26 082748

I see these two buttons, as shown above. Problem is, neither of them actually do anything! this appears to be a bug.

The solution is to put your browser into developer mode. Search the element for the text:

copilotstudio.microsoft.com/c2

This the start of the URL that the button should use. Copy that elment and paste it into Notepad.

Screenshot 2025-04-26 084058

Remove everything but teh URL like so:

Screenshot 2025-04-26 084153

Copy that URL and paste it into a new browser tab in the same session and you should now see the following page:

Screenshot 2025-04-26 084517

You will probably see that it isn’t connected as shown above. if so, click the Connect button to reconnect the service.

Screenshot 2025-04-26 084309

When it properly connected it should appear as shown above and now your Copilot Studio action should work and no longer be paused at Waiting for user going forward.

A huge shout out to Shervin Shaffie from Microsoft whose YouTube video provide the solution for me. The video is here:

https://youtu.be/4s7Qa_cYZyQ?si=4-TSkrr-T6_CNqdD&t=1320

at timestamp 22:00 where he walks through fixing the problem as I have outlined in this blog post.

Hopefully, Microsoft is now aware of this issue and will resolve it soon.

Use AI to provide better spam protection and detection with exchange online

image

Let’s break down how AI enhances spam and phishing protection within Microsoft Exchange Online Protection (EOP) and Microsoft Defender for Office 365 (MDO), along with configuration examples.

How AI Powers Spam/Phishing Protection in Exchange Online

Instead of just relying on static rules (like blocking specific keywords or known bad IPs), AI (specifically Machine Learning models) introduces several powerful capabilities:

  1. Advanced Pattern Recognition: AI models analyze vast amounts of global email data (billions of messages daily) from Microsoft’s network. They identify subtle and evolving patterns associated with spam, phishing, malware, and impersonation attempts that rule-based systems would miss. This includes:

    • Linguistic Analysis: Understanding the nuances of language, tone, urgency cues, grammatical errors common in phishing, and topic shifts often used to bypass simple filters.

    • Structural Analysis: Examining message headers, sending infrastructure reputation, URL structures, attachment types, and email formatting anomalies.

    • Behavioural Analysis: Learning normal communication patterns for your organization and flagging deviations (e.g., a sudden email from the “CEO” asking for gift cards, which is out of character).

  2. Adaptive Learning: Spammers constantly change tactics. AI models continuously learn and adapt to these new threats in near real-time, significantly reducing the window of vulnerability compared to waiting for manual rule updates. When new spam campaigns emerge, the models retrain based on newly classified samples.

  3. Contextual Understanding: AI helps differentiate between legitimate and malicious use of similar content. For example, an “invoice” email from a known supplier vs. a generic “invoice” from an unknown sender with a suspicious link. AI considers sender reputation, recipient history, link destinations, etc.

  4. Impersonation Detection (MDO): This is heavily AI-driven.

    • User Impersonation: Mailbox Intelligence learns the frequent contacts and communication style of protected users (e.g., executives). It flags emails claiming to be from that user but originating externally or exhibiting unusual patterns.

    • Domain Impersonation: AI detects attempts to use domains that look very similar to your own (e.g., yourc0mpany.com instead of yourcompany.com) or legitimate external domains (e.g., spoofing a well-known supplier).

  5. Enhanced Heuristics & Reputation: AI refines the calculation of Spam Confidence Levels (SCL) and Bulk Complaint Levels (BCL) by incorporating more complex signals than just IP/domain blocklists. It considers the “neighborhood” of sending IPs, historical sending behavior, and feedback loops (user submissions, junk reports).

  6. Zero-Hour Auto Purge (ZAP): Even if a malicious email initially bypasses filters and lands in an inbox, AI continues analyzing signals. If the message is later identified as spam or phishing (often through updated AI models or user reports), ZAP can automatically pull it from user mailboxes.

Specific Configuration Examples (Using the Microsoft 365 Defender Portal)

Most AI capabilities are inherently part of the features. You don’t toggle “AI On/Off,” but you configure the policies that leverage AI.

Prerequisites:

  • Access to the Microsoft 365 Defender portal (https://security.microsoft.com).

  • Appropriate permissions (e.g., Security Administrator, Global Administrator).

  • Note: Some advanced features (like Impersonation, Safe Links, Safe Attachments) require Microsoft Defender for Office 365 Plan 1 or Plan 2 licenses, beyond the basic EOP included with Exchange Online.

Example 1: Tuning Anti-Spam Inbound Policy (Leverages AI for SCL)

AI determines the SCL score based on numerous factors. You configure the actions based on those AI-determined scores.

  1. Navigate to Email & collaboration > Policies & rules > Threat policies > Anti-spam.

  2. Select the Anti-spam inbound policy (Default) or click Create policy > Inbound for a custom policy.

  3. In the policy settings, locate the Bulk email threshold & spam properties section and click Edit actions.

  4. Spam Confidence Level (SCL) Actions:
    • Spam: Action: Move message to Junk Email folder (Recommended Default). SCL levels typically 5, 6.

    • High confidence spam: Action: Quarantine message (Recommended). SCL levels typically 7, 8, 9. You could choose Redirect message to email address, Delete message, or Move message to Junk Email folder. Quarantine is generally safest.

    • AI Impact: The determination of which message gets an SCL of 5 vs. 7 vs. 9 is heavily AI-driven based on content, sender, structure, etc.
  5. Bulk Complaint Level (BCL) Threshold: Set a threshold (e.g., 6 or 7). Messages exceeding this BCL (often unwanted marketing mail) will take the specified action (e.g., Move message to Junk Email folder). AI helps differentiate bulk from true spam.

  6. Zero-hour auto purge (ZAP): Ensure “Enable for spam messages” and “Enable for phishing messages” are turned On. This allows AI to retroactively remove messages.

  7. Save the changes.

Example 2: Configuring Anti-Phishing Policy (Leverages AI for Impersonation & Spoofing)

Requires MDO licenses for advanced features.

  1. Navigate to Email & collaboration > Policies & rules > Threat policies > Anti-phishing.

  2. Click Create to make a new policy (recommended) or edit the Default policy.

  3. Phishing threshold & protection:
    • Enable spoof intelligence: Ensure this is On. AI helps identify and classify spoofing attempts (legitimate vs. malicious). You can review/override its findings later under “Spoof intelligence insight”.

    • Impersonation Protection (Key AI Area):
      • Click Edit next to Users to protect. Click Manage sender(s) and add email addresses of key personnel (CEO, CFO, HR Managers, up to 350). AI (Mailbox Intelligence) learns their communication patterns.

      • Click Edit next to Domains to protect. Add your own company domains and consider adding custom domains that are visually similar or frequently targeted. AI flags emails spoofing these domains or using lookalike domains.
      • Enable Mailbox Intelligence: Ensure this is On. This activates the AI learning for the protected users’ contact graphs and communication patterns.

      • Enable intelligence for impersonation protection: Ensure this is On. Uses AI to improve detection based on learned senders/patterns.
    • Actions: Configure actions for detected impersonation (User/Domain) and spoofing. Recommended actions often include Quarantine the message or Redirect message to administrator address and displaying safety tips.
  4. Advanced phishing thresholds: Set the level (e.g., 2: Aggressive, 3: More aggressive, 4: Most aggressive). Higher levels use more sensitive AI/ML models but might increase false positives. Start with 1: Standard or 2: Aggressive and monitor.

  5. Assign the policy to specific users, groups, or the entire domain.

  6. Save the policy.

Example 3: Enabling Safe Links & Safe Attachments (Leverages AI for Analysis)

Requires MDO licenses. These features use sandboxing (detonation) and URL reputation checks, heavily augmented by AI analysis.

  1. Safe Attachments:

    • Navigate to Email & collaboration > Policies & rules > Threat policies > Safe Attachments.

    • Click Create or edit an existing policy.

    • Choose an action like Block (blocks email with detected malware) or Dynamic Delivery (delivers email body immediately, attaches placeholder until attachment scan completes – often preferred for user experience).

    • Enable Redirect messages with detected attachments and specify an admin mailbox for review if desired.

    • Apply the policy to users/groups/domains.

    • AI Impact: AI models perform static analysis before detonation and analyze the behavior of the file during detonation in the sandbox to identify novel/zero-day malware.

  2. Safe Links:

    • Navigate to Email & collaboration > Policies & rules > Threat policies > Safe Links.

    • Click Create or edit an existing policy.

    • Ensure On: Safe Links checks a list of known, malicious links when users click links in email is selected under URL & click protection settings.

    • Enable Apply Safe Links to email messages.

    • Enable Apply real-time URL scanning for suspicious links and links that point to files. (This uses AI and other heuristics).

    • Configure Wait for URL scanning to complete before delivering the message (more secure, slight delay) or leave it off (less secure, no delay).

    • Choose actions for malicious URLs within Microsoft Teams and Office 365 Apps if applicable.

    • Configure Do not rewrite the following URLs for any trusted internal/external sites that break due to rewriting (use sparingly).

    • Apply the policy to users/groups/domains.

    • AI Impact: AI powers the reputation lookups and real-time scanning analysis of URLs, identifying phishing sites, malware hosts, and command-and-control servers even if they aren’t on a static blocklist yet.

Key Takeaways:

  • AI is Integrated: You configure features like Anti-Spam, Anti-Phishing, Safe Links/Attachments, and AI works behind the scenes within those features.

  • MDO is Crucial: The most advanced AI-driven protections (impersonation, advanced phishing detection, Safe Links/Attachments) require Microsoft Defender for Office 365 licenses.

  • Configuration is Tuning: You adjust thresholds (SCL, BCL), enable specific protections (Impersonation), and define actions (Quarantine, Junk, Delete).

  • Monitor & Adapt: Regularly review quarantine, user submissions (use the Report Message Add-in!), and threat reports in the Defender portal to fine-tune policies and understand how AI is performing in your environment. Feedback helps the AI models learn.

By leveraging these AI-powered features and configuring them appropriately, you can significantly improve your organization’s defense against increasingly sophisticated spam and phishing attacks in Exchange Online.

Governing AI usage with Microsoft 365 Business Premium

image

Here’s the best way to leverage M365 Business Premium for AI governance, covering both Microsoft’s AI (like Copilot) and third-party services:

Core Principle: Governance relies on controlling Access, protecting Data, managing Endpoints, and Monitoring activity, layered with clear Policies and user Training.

1. Establish Clear AI Usage Policies & Training (Foundation)

  • What: Define acceptable use policies for AI. Specify:

    • Which AI tools are approved (if any beyond Microsoft’s).

    • What types of company data (if any) are permissible to input into any AI tool (especially public/third-party ones). Prohibit inputting sensitive, confidential, or PII data into non-approved or public AI.

    • Guidelines for verifying AI output accuracy and avoiding plagiarism.

    • Ethical considerations and bias awareness.

    • Consequences for policy violations.
  • How (M365 Support):
    • Use SharePoint to host and distribute the official AI policy documents.

    • Use Microsoft Teams channels for discussion, Q&A, and announcements regarding AI policies.

    • Utilize tools like Microsoft Forms or integrate with Learning Management Systems (LMS) for tracking policy acknowledgment and training completion.

2. Control Access to AI Services

  • Microsoft AI (Copilot for Microsoft 365):
    • What: Control who gets access to Copilot features within M365 apps.

    • How:
      • Licensing: Copilot for M365 is an add-on license. Assign licenses only to approved users or groups via the Microsoft 365 Admin Center or Microsoft Entra ID (formerly Azure AD) group-based licensing. This is your primary control gate.
  • Third-Party AI Services (e.g., ChatGPT, Midjourney, niche AI tools):
    • What: Limit or block access to unapproved external AI websites and applications.

    • How (M365 BP Tools):
      • Microsoft Defender for Business: Use its Web Content Filtering capabilities. Create policies to block categories (like “Artificial Intelligence” if available) or specific URLs of unapproved AI services accessed via web browsers on managed devices.

      • Microsoft Intune:
        • For company-managed devices (MDM): You can configure browser policies or potentially deploy endpoint protection configurations that restrict access to certain sites.

        • If third-party AI tools have installable applications, use Intune to block their installation on managed devices.
      • Microsoft Entra Conditional Access (Requires Entra ID P1 – included in M365 BP):
        • If a third-party AI service integrates with Entra ID for Single Sign-On (SSO), you can create Conditional Access policies to block or limit access based on user, group, device compliance, location, etc.

        • Limitation: This primarily works for AI services using Entra ID for authentication. It won’t block access to public web AI services that don’t require organizational login.

3. Protect Data Used With or Generated By AI

  • What: Prevent sensitive company data from being leaked into AI models (especially public ones) and ensure data handled by approved AI (like Copilot) remains secure.

  • How (M365 BP Tools):
    • Microsoft Purview Information Protection (Sensitivity Labels):
      • Classify Data: Implement sensitivity labels (e.g., Public, General, Confidential, Highly Confidential). Train users to apply labels correctly to documents and emails.

      • Apply Protection: Configure labels to apply encryption and access restrictions. Encrypted content generally cannot be processed by external AI tools if pasted. Copilot for M365 respects these labels and permissions.
    • Microsoft Purview Data Loss Prevention (DLP):
      • Define Policies: Create DLP policies to detect sensitive information types (credit card numbers, PII, custom sensitive data based on keywords or patterns) within M365 services (Exchange, SharePoint, OneDrive, Teams) and on endpoints.

      • Endpoint DLP (Crucial for Third-Party AI): Configure Endpoint DLP policies to monitor and block actions like copying sensitive content to USB drives, network shares, cloud services, or pasting into web browsers accessing specific non-allowed domains (like public AI websites). You can set policies to block, warn, or just audit.

      • Copilot Context: Copilot for M365 operates within your M365 tenant boundary and respects existing DLP policies and permissions. Data isn’t used to train public models.
    • Microsoft Intune App Protection Policies (MAM – for Mobile/BYOD):
      • Control Data Flow: If users access M365 data on personal devices (BYOD), use Intune MAM policies to prevent copy/pasting data from managed apps (like Outlook, OneDrive) into unmanaged apps (like a personal browser accessing a public AI tool).

4. Manage Endpoints

  • What: Ensure devices accessing company data and potentially AI tools are secure and compliant.

  • How (M365 BP Tools):
    • Microsoft Intune (MDM/MAM): Enroll devices (Windows, macOS, iOS, Android) for management. Enforce security baselines, require endpoint protection (Defender), encryption, and patching. Non-compliant devices can be blocked from accessing corporate resources via Conditional Access.

    • Microsoft Defender for Business: Provides endpoint security (Antivirus, Attack Surface Reduction, Endpoint Detection & Response). Helps protect against malware or compromised endpoints that could exfiltrate data used with AI.

5. Monitor and Audit AI-Related Activity

  • What: Track usage patterns, potential policy violations, and data access related to AI.

  • How (M365 BP Tools):
    • Microsoft Purview Audit Log: Search for activities related to file access, sensitivity label application/changes, and DLP policy matches (including Endpoint DLP events showing attempts to paste sensitive data into blocked sites). While it won’t show what was typed into an external AI, it shows attempts to move sensitive data towards it.

    • Microsoft Defender for Business Reports: Review web filtering reports to see attempts to access blocked AI sites.

    • Entra ID Sign-in Logs: Monitor logins to any Entra ID-integrated AI applications.

    • Copilot Usage Reports (via M365 Admin Center): Track adoption and usage patterns for Microsoft Copilot across different apps.

Summary: The “Best Way” using M365 Business Premium

  1. Foundation: Start with clear Policies and Training. This is non-negotiable.

  2. Control Access: Use Licensing for Copilot. Use Defender Web Filtering and potentially Intune/Conditional Access to restrict access to unapproved third-party AI.

  3. Protect Data: Implement Sensitivity Labels to classify and protect data at rest. Use Endpoint DLP aggressively to block sensitive data from being pasted into browsers/unapproved apps. Use Intune MAM for BYOD data leakage prevention.

  4. Secure Endpoints: Ensure devices are managed and secured via Intune and Defender for Business.

  5. Monitor: Regularly review Purview Audit Logs, DLP Reports, and Defender Reports for policy violations and risky behavior.

Limitations to Consider:

  • No foolproof blocking: Highly determined users might find ways around web filtering (e.g., personal devices not managed, VPNs not routed through corporate controls).

  • Limited insight into third-party AI: M365 tools can block access and prevent data input but cannot see what users do inside an allowed third-party AI tool or analyze its output directly.

  • Requires Configuration: These tools are powerful but require proper setup, configuration, and ongoing management.

By implementing these layers using the tools within Microsoft 365 Business Premium, you can establish robust governance over AI usage, balancing productivity benefits with security and compliance needs.

Likelihood of SMB MSP Survival

image

The consensus is that AI presents both a significant challenge and a substantial opportunity for SMB MSPs. Survival is not guaranteed for those who stand still, but highly likely for those who adapt and evolve.

  • The Threat: AI and automation will inevitably take over many routine, repetitive tasks currently performed by MSPs. This includes basic monitoring, patch management, Level 1 support ticket resolution, automated reporting, and even some aspects of threat detection. MSPs whose business models rely heavily only on these basic, commoditized services are at the highest risk of becoming obsolete or facing intense price pressure.
  • The Opportunity: AI also creates immense opportunities.
    • Increased Efficiency: MSPs can leverage AI internally to automate their own processes, freeing up technicians for higher-value tasks, reducing costs, and improving service delivery speed and accuracy.
    • Enhanced Service Offerings: AI enables more sophisticated services like predictive analytics for hardware failure, advanced cybersecurity threat hunting (using AI to detect anomalies humans might miss), optimized cloud management, and data-driven business insights for clients.
    • New Service Lines: There’s a growing need for businesses, especially SMBs, to understand, implement, and manage AI tools safely and effectively. MSPs are perfectly positioned to become AI consultants and implementation partners for their clients, guiding AI adoption strategies.
    • Cybersecurity Imperative: As cyber threats become more sophisticated (partially driven by AI used by attackers), the need for advanced, AI-enhanced cybersecurity services provided by MSPs will increase.

Conclusion on Likelihood: The traditional MSP model focused solely on basic IT support is under threat. However, the role of the MSP is evolving, not disappearing. Those MSPs that embrace AI, automate internally, and shift their focus to higher-value, strategic services have a strong likelihood of survival and even significant growth. Industry reports show optimism among MSPs, viewing AI as a driver for future business opportunities, particularly in AI consulting and cybersecurity.

Best Business Strategies for SMB MSPs to Survive and Thrive

  1. Embrace AI and Automation Internally:

    • Adopt AIOps: Use AI for IT Operations to automate routine tasks (ticketing, monitoring, patching, root cause analysis).
    • Streamline Processes: Implement AI tools for billing, reporting, customer relationship management (CRM), and even sales proposal generation to boost efficiency and reduce errors.

    • Free Up Human Resources: Allow AI to handle repetitive tasks so skilled technicians can focus on complex problem-solving, strategic planning, and client relationships.

  2. Move Up the Value Chain – Become a Strategic Partner:

    • Shift from IT Support to Business Advisor: Focus on understanding clients’ business goals and how technology (including AI) can help achieve them.

    • Offer Strategic IT Consulting: Provide guidance on digital transformation, cloud strategy, data governance, and AI adoption roadmaps.

    • Become the AI Guide: Help SMB clients navigate the complexities of choosing, implementing, securing, and managing AI tools within their own businesses.

  3. Deepen Cybersecurity Expertise:

    • Leverage AI for Security: Implement and manage advanced AI-powered security tools (Managed Detection and Response – MDR, Security Information and Event Management – SIEM, anomaly detection).
    • Offer Comprehensive Security Services: Expand beyond basic antivirus to include vulnerability assessments, penetration testing, security awareness training, incident response planning, and compliance management (including cyber hygiene assessments for AI readiness).

    • Address AI-Specific Risks: Help clients understand and mitigate the security and ethical risks associated with AI implementation (data privacy, bias, new attack vectors).

  4. Specialize:

    • Vertical Focus: Develop deep expertise in specific industries (e.g., healthcare, finance, manufacturing) and tailor services to their unique needs and compliance requirements.

    • Technology Focus: Become experts in specific high-demand areas like specific cloud platforms, advanced data analytics, or particular AI applications.

  5. Enhance Customer Experience and Relationships:

    • Personalization: Use AI insights (e.g., analyzing support tickets, client feedback) to anticipate needs and personalize service delivery, but maintain the crucial human touch.

    • Focus on Trust: While AI handles tasks, the human element of trust, strategic advice, and relationship management becomes a key differentiator.

    • Client Education: Proactively educate clients on evolving technology landscapes, security threats, and the benefits/risks of AI.

  6. Invest in Training and Talent:

    • Upskill Current Staff: Train technicians on new AI tools, cybersecurity practices, data analysis, and consultative skills.

    • Strategic Hiring: Consider hiring personnel with data science or AI-specific expertise if needed.

  7. Develop Robust Data Management and Governance Practices:

    • For Clients: Offer services to help clients manage their data effectively, which is crucial for successful AI implementation.
    • Internally: Ensure high-quality data hygiene within the MSP’s own systems to maximize the effectiveness of internal AI tools and analytics.

By adopting these strategies, SMB MSPs can transition from potentially threatened basic IT providers to indispensable strategic technology partners, well-equipped to navigate and capitalize on the changes brought by AI.

PowerShell script to report EntraID signin update

One the things that I have tasked myself with is to go back through my scripts and using AI (aka Github Copilot) to improve my code.

Screenshot 2025-04-18 095201

The latest script to get this treatment is:

https://github.com/directorcia/Office365/blob/master/graph-signins-get.ps1

which now has greater flexibility and speed. I also used Copilot to produce documentation for the script which is here:

https://github.com/directorcia/Office365/wiki/Get-tenant-signins

In my Visual Studio Code editor what I did was simply to open up the script.

Screenshot 2025-04-18 100356

I then set Copilot to operate in ‘agent’ mode, as shown above. I also selected an AI model to use. I have the default choices of:

Screenshot 2025-04-18 100555

I can also configure others like Gemini if I want. This time I selected Claude 3.7 and then basically told Copilot to ‘improve’ my code. After that I asked it to provide options for using paging to get more results as well as ensuring the output was in local time.

After one update to the time format it produced an error when it ran but I simply told Copilot to fix that error and it did so. The code once again executed.

Thus, the updated script and documentation is now available via the links above and I am amazed at how easy it was to make all these changes to get the result that I wanted without having to type any additional code myself into the script! I suppose he downside is that the code is more complex and I don’t intrinsically understand it as well as if I had written every line, but I have Copilot to help explain any part of the code to me if needed and the time savings getting to a result speak for themselves.

The functionality that AI provided for me via Github Copilot is enormous and should make short work of any PowerShell automation I do in the future. If you are using PowerShell (or any code) then you really need to be looking at the benefits AI will provide you.

Enhancing Your Copilot Studio Agent with Topics and Actions

Video URL = https://www.youtube.com/watch?v=O-nHz5Z3Avk

In this video, we explore how to extend the capabilities of your Copilot Studio agent by integrating external knowledge sources using topics and actions. Here’s a step-by-step guide based on the video content:

1. Creating the Agent:

  • Start by creating an agent as usual, providing a description and general instructions. Ensure the orchestration option is selected and enabled. 0:12

  • The initial knowledge source selected is a single site, which allows the agent to answer questions in a basic manner. 0:23

2. Improving Information Retrieval:

  • To enhance the agent’s responses, especially for current news, create an action using Brave search. 0:54

  • Set up a free Brave account and obtain the API key for Brave search. 1:08

  • Configure the action to use Brave search for web news queries. 1:18

3. Creating and Configuring Topics:

  • Add a new topic that triggers when users ask about news. 2:01

  • Describe the trigger conditions and steps for the topic. 2:13

  • Create a search query variable to feed into the Brave search action. 2:31

  • Ensure the variable captures the prompt and keywords from the user’s query. 3:09

4. Testing and Publishing:

  • Test the setup by asking the agent for the latest news on a specific topic, such as “Alpine” or “Ferrari”. 3:58

  • Verify that the topic triggers correctly and retrieves detailed news results via Brave search. 4:19

  • Publish the updated agent to make the enhancements live. 4:35

By following these steps, you can significantly improve the relevance and detail of the information your Copilot Studio agent provides, leveraging external knowledge sources effectively.

Thank you for watching the video!