The Lessons Only Show Up After You Commit

Someone said to me recently that the things you experience from actually going all in on something will change the way you think and the way you experience life. I sat with that for a few days, and I keep coming back to how true it is. The lessons I’ve learnt that actually shaped me — the ones I still use — never arrived from reading about them or watching someone else do it. They arrived after I committed. After I hit publish on the video. After I greenlit the project. After I said yes to the thing that might not work.

You can’t think your way to the lesson

For years I noticed a pattern in my own work. The plans that lived in a Word doc were always cleaner than the plans I actually shipped. The launches I’d rehearsed in my head were always smoother than the ones in the wild. But the rehearsal never taught me anything. The shipping did. You only find out what your audience actually wants once you put something in front of them. You only find out where the workflow breaks once a real client sits in it on a Tuesday morning.

This is where I think a tool like Copilot has quietly changed how I move. I used to delay things because the draft email wasn’t right, the outline wasn’t sharp enough, the slides weren’t worth showing yet. Now I’ll ask Copilot in Outlook to give me a first pass on a reply, sit with it for a minute, and send something that’s eighty per cent of where it needs to be. I’ll spin up a rough deck in PowerPoint with Copilot drafting from a Word doc I’ve already written, and I’ll show it to someone for feedback the same afternoon instead of next week. The point isn’t that Copilot writes the thing for me. The point is that it removes the excuse to keep polishing before I commit.

Not every bet pays off — and that’s the lesson

I’ve greenlit plenty of projects that didn’t go anywhere. Videos that landed flat. Ideas I was sure would resonate that quietly didn’t. If I’d waited for certainty on any of them, I wouldn’t have learnt what my audience actually responds to. I wouldn’t know which formats earn attention and which ones don’t. I wouldn’t have built the muscle of recovering from a miss and trying again the next week.

What I notice now in clients I work with is the same pattern. The teams that are getting real value from Microsoft 365 and Copilot aren’t the ones who ran a six-month readiness program. They’re the ones who picked a use case, tried it inside Teams or in a SharePoint workspace, watched what happened, and adjusted. They committed first and refined second. The ones still building the business case in a Loop component are usually the ones falling further behind.

The shift is in your thinking

Going all in changes you because it forces you to live with the result. You learn what works because you watched it land. You learn what doesn’t because you felt it. That kind of knowledge doesn’t come from analysis — it comes from being in the arena.

I’d rather ship something imperfect this week and know what to fix next week, than spend a month protecting an idea that never meets the world. Every meaningful jump I’ve made in my business started with that decision. Hit publish. Greenlight it. Find out.

The Audit You Keep Avoiding

You go through your numbers each month. You sit down with your team and review what’s working. You poke at your processes when something breaks. That’s normal business hygiene.

But there’s one thing on the books almost no one runs a proper audit on — and it’s the one most likely to be quietly costing you money.

It’s you. Specifically, your energy.

The hidden line item in your P&L

I’ve been in business long enough to notice a pattern. The weeks I sleep badly, eat rubbish, and skip my walk are the same weeks I send the email that lands the wrong way. Or I sit on a quote for three days when it should have gone out in three hours. Or I miss something obvious in a client conversation that I’d have caught when I was sharper.

None of that shows up on a balance sheet. But the cost is real. A deal that drifts. A client who feels half-listened-to. A reply that creates a problem instead of closing one.

You can’t see it in your numbers, but it’s in there. Every time.

No tactic survives a flat battery

Here’s the part people don’t want to hear: there’s no strategy, framework, or new hire that fixes a depleted owner. I see business owners trying to out-work, out-tool, or out-source their way around tiredness. It doesn’t work. The decisions still have to come through you, and the quality of those decisions tracks the quality of your sleep, your food, and your movement more closely than most of us care to admit.

And ironically, the tools we now have should make this easier, not harder. I use Copilot in Outlook to do the first pass on long replies, and Copilot in Teams to recap a meeting I half-listened to because the day got away from me. That’s not laziness — that’s protecting the limited number of sharp hours I actually have. Letting the machine do the rummaging means I get to spend my energy on the call that matters, not the inbox triage.

The same goes for the weekly running of the business. A clean Planner board, a proper SharePoint home for your documents, a few Power Automate flows handling the boring approvals — these aren’t productivity bling. They’re how you stop bleeding decision-making capacity on things that don’t deserve it.

Treat yourself like the asset you are

Run the audit on yourself the same way you’d run it on the business.

How did you sleep this week? When did you last move? What does the food in your kitchen actually look like? When was the last full day you took off — not “worked from home in a t-shirt”, but actually off?

I’m not pretending I get this right every week. I don’t. But when I notice the slide, I treat it the way I’d treat a leaking margin: stop, look at the inputs, fix what’s fixable. Block the walk in the calendar. Push the late meeting. Let Copilot draft the thing tonight so I can be in bed at a reasonable hour.

The business sits on top of you. If the foundation is shaky, nothing built on it is going to hold.

Audit the owner first.

The next wave of millionaires won’t be coders. They’ll be the people who know how to ask.

I sat across from a small business owner last week who was running a five-person company out of a single browser window. No engineering team. No marketing department. No sales operations. Just her, an Outlook tab, an Excel sheet, a Teams chat with her bookkeeper, and Copilot stitching the whole lot together. She wasn’t writing code. She wasn’t filming videos. She wasn’t cold-calling anyone. She was directing — asking the right thing, of the right tool, at the right moment. And quietly, almost without realising it, she was out-earning people I know with three times her headcount.

That image has stayed with me. For most of my career, the people who built real wealth in small business fell into three buckets — they could build the thing, sell the thing, or reach an audience. The bottleneck was always one of those three. AI has just removed two and a half of them.

The compounding point has moved

Software used to be the hard part. Then writing was. Then distribution. Each wave produced its own millionaires — the engineer-founders, the creators, the inside-sales operators with a phone and a CRM. The pattern was the same every time: somebody figured out how to compound their output past what a single human could reasonably produce, and the market paid them for it.

Copilot has quietly opened that same door for an entirely different kind of person. The new compounding skill isn’t writing code or shooting reels. It’s knowing what to ask, what to push back on, and what “good” looks like when something comes back at you. The advantage has moved from making to directing.

The unglamorous skill nobody talks about

The owners I see pulling ahead this year aren’t the ones using the most apps. They’re the ones who’ve learned to live inside Copilot in the surfaces they already use. They draft a difficult client email in Outlook, then ask Copilot to soften the tone before they send. They drop a messy supplier statement into Excel and ask Copilot to find the months that don’t reconcile. They walk out of a Teams meeting and ask Copilot for the three things they actually committed to. None of this looks heroic. It just adds up.

What separates the power users from everyone else is taste. They know when the first draft is wrong and they keep asking. They know which spreadsheet question will surface the real answer. They’ve built a private library of prompts the way previous generations built rolodexes. That instinct — the one that decides whether to trust a draft or rewrite it — is the new scarce skill, and almost nobody is teaching it.

The quiet wealth shift

I don’t think this is a story about technology displacing people. I think it’s a story about advantage shifting toward whoever can direct an intelligent tool well — and that’s not always the most technical person in the room. Often it’s the operator, the bookkeeper, the franchise owner, the practice manager. People who were already good at making decisions, now equipped with an assistant that turns a good decision into ten finished pieces of work. The wealth doesn’t show up as a single big windfall. It shows up as a quietly higher margin, a smaller payroll, a calendar with more white space than their competitors’.

Watch the small operators in your own network over the next twelve months. The ones quietly buying back time, taking on more clients without hiring, and looking suspiciously relaxed on a Friday afternoon — they aren’t working harder. They’re just better at asking.

Copilot Agents Are the Next Real MSP Conversation

I’ve been having a lot of conversations lately with MSP owners who are still treating Copilot as a licence SKU to resell. They tick the box, push the price up, and wait on the renewal. Meanwhile a small group of their clients are quietly building agents in Copilot Studio and starting to ask sharper questions — questions about data, permissions, governance, and ownership. If your MSP isn’t in those conversations, somebody else is.

Agents are not “Copilot, but more.” They are a different shape of work. And they are the first part of the Copilot story where technical depth genuinely matters again.

Agents change what your clients ask you for

For two years the Copilot pitch has been “draft my email, summarise my meeting, polish my deck.” That is a user training problem dressed up as a technology problem. Agents are different. An agent is a piece of configured behaviour — a declarative agent in Microsoft 365, an agent built in Copilot Studio with actions, or a SharePoint agent grounded in a specific library — that does a specific job, with specific knowledge, for a specific group of people.

The moment a client builds one, the questions change. Which SharePoint sites is it allowed to read? What happens when somebody who shouldn’t see a document asks the agent about it? Who owns it when the person who built it leaves? These are not user questions. These are MSP questions. Nobody else in the client’s world is set up to answer them, and frankly, nobody else should be.

The technical groundwork is the billable work

Here is the part I keep flagging in peer groups. Before an agent is useful, the tenant has to be in shape. SharePoint permissions need to actually reflect reality, not the historical sediment of five years of “just give them access.” Sensitivity labels need to exist and be applied. Purview DLP policies need tuning for the way Copilot grounds answers. Entra ID app governance needs to be switched on, so a rogue agent in Copilot Studio can’t quietly start calling external connectors against a client’s data.

None of that is glamorous. All of it is billable, repeatable, and exactly the kind of work an MSP should be packaging right now. I’d rather sell a tenant readiness engagement than another round of “Copilot adoption training” that doesn’t survive contact with a real inbox.

Agents are how MSPs stop being interchangeable

The MSPs I see pulling ahead aren’t the ones with the slickest Copilot demo. They are the ones building reusable agents for their own clients — a client onboarding agent grounded in a policy library in SharePoint, a compliance Q&A agent pinned in Teams, a quoting assistant that reads the price book and drafts the response in Outlook. Each one is small. Each one is specific. Each one is harder for the next MSP down the road to replicate, because it sits inside the client’s data and inside the client’s workflow.

That is a moat. Not a big one, but a real one — and it compounds.

The watch-this-space part

I think the next twelve months are when the gap between MSPs who treat Copilot as a licence and MSPs who treat it as a platform starts to show up in client retention. Agents are the lever. The technical work to make them safe and useful is squarely in our lane. The MSPs who pick that work up early get to keep having the interesting conversations. The ones who don’t will find their clients having those conversations with somebody else.

AI Is Coming for Your Business — Will It Be Your Best Hire or Your Biggest Risk?

Last week I watched a business owner ask Copilot to summarise a forty-message email thread, draft a reply, and pull the three action items into a list — all before his coffee had cooled. He looked up and said, half-joking, “That’s better than the temp I hired last summer.” Then his face changed. “Wait. Is this thing safe? Where did all that just go?”

That single moment is the whole argument. The same tool that feels like your sharpest new employee can, in the wrong setup, feel like your most exposed liability. Both reactions are correct. The question isn’t whether AI is coming for your business — it already walked in the door the day you switched on Microsoft 365 Copilot. The question is which version of it you’ve actually hired.

The best hire you’ve ever made

Let me be honest about why people fall in love with this stuff. A good hire doesn’t need everything spelled out. They pick up context, remember what happened last quarter, and get on with it. That’s exactly what Copilot does when it’s grounded in your own data.

Ask it in Outlook to catch you up on a client you haven’t spoken to in a month, and it reads the thread history, the meeting notes in Teams, and the proposal sitting in SharePoint — then hands you a briefing. Drop a messy spreadsheet of sales numbers into Excel and ask which region slipped, and it tells you, with the reasoning, in seconds. Walk into a meeting late and Copilot in Teams gives you what you missed and what you’re expected to say.

This isn’t a chatbot answering trivia. It’s a capable assistant working across your inbox, your documents, your calendar — the same surfaces your team already lives in. For a small business that can’t afford a chief of staff, that’s genuinely levelling. I’ve seen one-person operations punch well above their size simply because the admin grind stopped eating their day.

The biggest risk you haven’t priced in

Here’s where I get less comfortable. The thing that makes Copilot powerful — it can see your data — is exactly the thing that should make you cautious. A new hire who can read every file in the building is only safe if the building has locks on the right doors.

Most small businesses don’t. Permissions sprawl over years. That old SharePoint site “everyone” can access. The shared mailbox nobody cleaned up. The folder of contracts a departing staff member could still open. For years that mess was survivable because nobody had the time to go digging through it. Copilot has all the time in the world, and it digs instantly. Ask it the wrong question and it might cheerfully surface salary figures, a confidential deal, or a client’s private details to someone who was never meant to see them.

That’s not Copilot misbehaving. That’s Copilot doing precisely what you asked, on top of a foundation you never tidied. The tool didn’t create the risk — it just made your existing mess searchable at the speed of conversation. Tools like Microsoft Purview and proper access reviews in Entra exist for this reason, but most businesses I talk to haven’t touched them.

So which one did you hire?

The uncomfortable truth is that you don’t get to choose between “best hire” and “biggest risk” as two different products. They’re the same product. The difference is entirely in the preparation you did before turning it loose.

A great new employee with no onboarding, no boundaries, and access to everything is a liability waiting to happen — that’s true of people and it’s true of AI. The businesses getting real value from Copilot are the ones that did the boring work first: cleaned up who can see what, set sensitivity labels on the documents that matter, and decided deliberately what the tool should and shouldn’t reach.

The ones treating it as a magic switch are the ones who’ll have a very bad day, probably one they won’t even notice until a client mentions seeing something they shouldn’t have.

I’m not in the camp that says slow down and wait. The advantage is real and the businesses that move now will pull ahead. But I am firmly in the camp that says you wouldn’t hand a new starter the keys to the entire business on day one without a single conversation about boundaries. Give your AI the same respect.

Hire it well, and it’s the best decision you’ll make this year. Hire it carelessly, and it’s the breach you’ll spend next year explaining.

The Gap Is The Point

Someone asked me last week what my goals were for the next twelve months. I gave the usual answer — bigger speaking calendar, more clients, a couple of certifications I’ve been putting off. Standard stuff. Then I drove home and realised the answer I’d just given was the version of me that exists today talking. Not the version I’m trying to become. There’s a difference, and most of us never sit with it long enough to feel it.

I’ve started thinking about my future self as a separate person. Not a fantasy figure, but the version of me five years from now who reads what I’m reading now, sits in the rooms I’m sitting in now, eats what I’m eating, wakes up with the habits I’m building today. That person already exists in outline. Every choice I’m making is voting for who they turn out to be.

The inputs are the outputs

The honest truth is that almost nobody wakes up in five years and accidentally becomes someone better. The reading you do, the people you stay close to, what you put on your plate at lunch, the routines you let calcify — those are the materials. There is no secret fifth ingredient. If you don’t like where you’re heading, change one of the four. That’s the whole lever.

The trap is thinking the future version of you is waiting for some big reinvention moment. A course, a milestone, a quiet six months. That moment never arrives. The future you is being built right now, in the tiny decisions you barely notice — the email you snap off in two seconds versus the one you take three minutes to write properly, the meeting you let drift versus the one you tighten with an agenda before walking in.

What would the better version do right now

This is the question I keep coming back to. Not what would I do — what would the sharper, calmer, more focused version of me do with this hour? The one I’m trying to become. It reframes everything. The reply I was about to send, the meeting I was about to accept, the rabbit hole I was about to fall into. Most of the time the answer is obvious; I just don’t want to hear it.

This is also where Copilot has quietly changed how I work. When I open Outlook in the morning and ask Copilot to summarise overnight threads, the better version of me actually has time to think instead of reacting to a triage queue. When I sit down to a Teams meeting and let Copilot handle the recap, I’m fully present in the conversation rather than half-scribbling notes. The point isn’t the feature — it’s that the friction keeping me stuck in version-of-me-today gets quietly removed. The future me has more room to show up.

Direction, not failure

Most people read the gap between who they are and who they want to be as evidence they’re falling short. I read it the other way. The gap is the only signal that tells you which way to walk. If there’s no gap, you’ve stopped growing. If the gap is huge, that’s not a problem — that’s a map.

So this week I’m watching what I read, who I sit with, what I put on my plate, and which habits I’m letting form by accident. Five years sounds like a long time. It isn’t. It’s about 1,800 versions of today, stacked on top of each other. The future me is being built in the next hour. So is yours.

Copilot audit logs in Purview

Most people ask the wrong question about Copilot.

They ask “is it safe?” What they mean is “can it leak our stuff?” Fair worry. But it’s the wrong place to start.

The real question a client should be asking is “can you show me what Copilot has been doing?” Because if the answer is no, safe or not doesn’t matter. You’re flying blind.

Here’s the thing nobody tells you in the licensing pitch. Every Copilot interaction is already being recorded. You don’t have to buy anything. You don’t have to flip a switch. It’s been sitting in the unified audit log the whole time, waiting for someone to go look.

Most MSPs never do.

What is Copilot audit logging, really?

It’s the receipt for every conversation your users have with Copilot.

When someone asks Copilot in Word to summarise a document, or asks Copilot in Teams what they missed, that interaction writes a record into Microsoft Purview. Who did it. When. Which Copilot app. And — this is the part that matters — which files and resources Copilot reached into to answer.

This happens automatically as part of Audit (Standard), which is on by default for business tenants. If auditing is running, Copilot logging is running. Microsoft spells it out in the audit logs for Copilot and AI applications docs: no extra steps, no separate config.

That’s not a feature you enable. That’s a feature you’ve been ignoring.

Step-by-Step: finding Copilot activity in Purview

Open the Audit solution

Go to the Microsoft Purview portal at purview.microsoft.com, sign in, and pick Audit from the Solutions list on the left. If you’ve got the Audit Logs or View-Only Audit Logs role, you’ll land on the search page. If you don’t, that’s your first job — sort the permissions, per the search the audit log guidance.

Set your date range and activity

Pick a start and end date. Then in the activities filter, search for the Copilot record type.

RecordType: CopilotInteraction
Activity:   Interacted with Copilot

Notice what’s missing? No prompt text in that filter. The audit row tells you that a conversation happened and what files it touched — it doesn’t hand you the back-and-forth wording. That content lives elsewhere, retained for eDiscovery and Communication Compliance, not in the row you’re reading. Knowing that distinction is what separates someone who’s read the docs from someone who’s guessing.

Run the search and read the resources

Start the job. It keeps running even if you close the browser, and finished searches stick around for 30 days. Open a result and look at the AccessedResources field. That’s the gold. It shows the actual files Copilot pulled in to ground its answer.

This is where oversharing shows up. If Copilot is referencing a payroll spreadsheet for someone in the warehouse, you didn’t find a Copilot problem. You found a permissions problem Copilot just made visible.

Export when you need a paper trail

Push the results to CSV. Now you’ve got evidence, not anecdotes.

Why this actually changes the client conversation

Walk into a renewal with “Copilot is secure, trust me” and you sound like every other reseller.

Walk in with “here’s a report of every file Copilot accessed last quarter, and here are the three oversharing issues we caught and fixed” — that’s a different meeting. That’s you doing governance, not selling a licence.

“Wait, so I can actually prove Copilot isn’t quietly reading files it shouldn’t?”

Yes. And that single sentence is worth more to a nervous business owner than any feature slide.

One caveat worth knowing. Retention isn’t infinite and it isn’t equal. On most Business Premium tenants you’re looking at 180 days. On E5, key workloads stretch to a year, and you can build longer audit log retention policies if compliance demands it. If a client needs to answer “what happened nine months ago,” check the retention before you promise the answer exists.

This is the stuff cyber insurance forms ask about. It’s what SMB1001 and Essential Eight assessors want to see. Not “do you have Copilot.” But “can you account for what it did.”

Copilot doesn’t forget. Make sure you can read what it remembers.

If you’ve rolled Copilot out to a client and you can’t pull this report, you haven’t finished the rollout. You’ve just started the part nobody bothered to do.

Copilot in Outlook

Most people meet Copilot in Outlook through the Draft button. They click it, type “write a reply saying yes”, watch it produce three paragraphs of corporate waffle, and quietly decide the whole thing is overrated.

I get why. That’s the demo everyone shows. It’s also the least interesting thing Copilot does in your inbox.

The real value isn’t writing email faster. It’s reading it faster.

Think about where your time actually goes. It’s not composing. It’s the forty-message thread you got CC’d on at 4pm — the one you have to scroll to the bottom of and reconstruct before you can say anything useful. That’s the tax.

So before you write a single prompt, flip the question. Don’t ask “what can Copilot write for me?” Ask “what am I wasting time reading?”

What is Copilot in Outlook, really?

It’s two jobs wearing one badge.

The first job is Summarize. Open a long thread and there’s a “Summary by Copilot” card sitting at the top. One click boils the thread down to who said what and what’s still outstanding — with little numbered references back to the actual messages, so you can check it didn’t invent anything.

The second job is Draft. You give it an instruction, it writes the email, you fix the bits it got wrong. Tone and length are dials, not destiny.

Notice the order I put those in. Summarize first. For most people that’s eighty percent of the value — and nobody demos it.

Step-by-Step: getting actual value out of it

Summarise before you read

Open any thread more than a few replies deep. Click Summary by Copilot at the top of the message. Read the summary, then jump straight to the messages it references. You’ve just skipped the scroll.

Draft by pointing, not pleading

Here’s the prompt pattern that works:

Reply to the client agreeing to the Tuesday 2pm slot,
confirm I'll send the agenda by Friday, keep it short and warm.

Notice what’s missing? No “please write a professional email that…”. No throat-clearing. You point at the decision and the facts, and Copilot handles the wording. Vague in, vague out — every time.

Set the tone, then get out of the way

Before you generate, open the tone and length options. Pick direct and short for internal mail. Save formal for the email going to a client’s lawyer. Microsoft’s own walkthrough covers drafting an email with Copilot if you want the full button tour.

Always read it before you send

Copilot will confidently add a detail you never gave it. The draft is a starting point, not an outbox.

The shared mailbox trap that catches everyone

Here’s the one that generates support tickets.

Your client runs everything out of info@ or accounts@. They turn on Copilot, open the shared mailbox, hit Summarize… and nothing. The button’s missing, or it tells them it has no knowledge of that mailbox.

For a long time, Copilot in Outlook only worked on your primary mailbox. Shared and delegate mailboxes were off-limits — the single most common “is this thing broken?” question I get.

That’s finally changing. Microsoft now supports Copilot in shared and delegate mailboxes, but the fine print matters: the person using it needs the right level of access, the mailbox has to live in Exchange Online, and encrypted messages still can’t be read. So when a client says “it doesn’t work in our support inbox”, you can tell them why — and what to check — instead of shrugging.

That’s the difference between an MSP who resold Copilot and one who understands it.

Why this actually changes behaviour

“I’ll get to my inbox after lunch.”

That sentence is a productivity confession. Inbox triage gets deferred because it’s expensive — every thread is a small act of reconstruction before you can act.

Summarize makes that cost almost nothing. When reading a forty-message thread takes ten seconds instead of ten minutes, you stop quarantining email into a dreaded afternoon block and start clearing it in the gaps between meetings.

That’s not a feature. That’s a different relationship with your inbox.

Your inbox doesn’t pay you to read. It pays you to decide.

My recommendation? Teach clients Summarize first, Draft second. Draft is the headline. Summarize is the reason they’ll keep the licence.

If you’re not showing them both — and the shared mailbox gotcha — you’re leaving the best part of what they’re already paying for sitting in the box.