The End-of-Life Deadline for Windows 10 – Why It Matters
The End-of-Life Deadline for Windows 10 – Why It Matters The countdown has begun: Windows 10 support officially ends on 14 October 2025 After this date, Microsoft will no longer provide security updates, bug fixes, or technical support, leaving businesses and individual users exposed to cyber threats, software incompatibility, and operational disruptions. While October 2025 may seem far off (to some people): Waiting too long to upgrade could put your security, compliance, and productivity at risk IT managers, business owners, and everyday users must act now to ensure a smooth transition before it’s too late. In this post, we’ll break down what Windows 10’s End-of-Life (EOL) means, why upgrading to Windows 11 – or exploring alternative solutions – is essential, and what hardware and software considerations you need to address. Now is the time to prepare. Let’s dive in What Does End-of-Life (EOL) Mean for Windows 10? When Microsoft ends support for an operating system, it doesn’t just stop providing updates it leaves millions of devices vulnerable to security threats, software failures, and compliance risks. After 14 October 2025, businesses and individual users still relying on Windows 10 will face serious challenges that go far beyond outdated software. For Windows 10 users, this means: No More Security Patches – Newly discovered vulnerabilities will remain unpatched, leaving devices, networks, and sensitive data open to cyberattacks. No Technical Support – Microsoft will no longer provide assistance for Windows 10 issues. Reduced Software Compatibility – Over time, new applications, drivers, and security tools built for Windows 11, lead to performance issues, missing features, and software incompatibilities on Windows 10. Significant Compliance Risks – Businesses in regulated industries could fail security audits or face legal consequences for running an unsupported OS. With these risks in mind, businesses and users must start preparing now to ensure a secure and seamless transition. Compliance Risks For businesses holding Cyber Essentials, Cyber Essentials Plus, or ISO 27001:2022 certification, continuing to use Windows 10 after its End-of-Life (EOL) isn’t just a security risk, it could lead to non-compliance, financial penalties, and loss of certification. These accreditation frameworks require up-to-date, secure systems, meaning that running an unsupported OS can have serious consequences for security standards, risk management, and overall business operations. Cyber Essentials / Cyber Essentials Plus Mandates supported and up-to-date software – Running Windows 10 beyond its EOL date directly violates Cyber Essentials’ security requirements, putting certification at risk. Increased risk of cyber threats – Without security patches, ransomware and malware attacks become a major risk, potentially leading to cyber insurance complications and breach of contract obligations. For businesses handling sensitive data or operating in regulated industries, running Windows 10 past its EOL could lead to certification loss, compliance failures, and even contract terminations. Beyond Windows 10: The Bigger Picture The Windows 10 End-of-Life (EOL) isn’t just about retiring an operating system – it’s part of a larger shift that businesses must navigate to stay secure and efficient. Alongside Windows 10, Microsoft Office 2016 and Office 2019 are also reaching their own EOL deadlines, increasing the urgency for organisations to modernise their IT environments before support ends. Office 2016: Support ends on 14 October 2025, the same day as Windows 10’s EOL. Office 2019: While mainstream support has already ended, extended support ends on 14 October 2025. Businesses still relying on these versions will face challenges on two fronts: outdated operating systems and unsupported productivity software, increasing risks across their IT infrastructure. The Risks of Ignoring These Deadlines With multiple Microsoft products reaching their EOL, businesses must act now to avoid serious disruptions. Failing to upgrade both Windows 10 and legacy Office applications can result in: Security Threats: Unsupported software is a prime target for cybercriminals. Compliance Issues: Organisations accredited with Cyber Essentials or Cyber Essentials Plus must use supported software to maintain compliance or they could face certification loss, fines, or reputational damage. Compatibility Headaches: Modern applications and services, including Microsoft 365, will increasingly rely on newer operating systems and software. To stay secure, compliant, and efficient, businesses must begin planning their transition now before these critical deadlines arrive. Why Businesses and IT Managers Need to Act Now The Windows 10 End-of-Life (EOL) deadline isn’t just a routine software update; it’s a turning point that will impact business security, compliance, and operational stability. After 14 October 2025, Windows 10 will officially become obsolete, forcing organisations to upgrade or face significant risks. Businesses must begin planning their transitions now, considering upgrades to Microsoft 365, Office 2021, or newer cloud-based solutions. With the simultaneous EOL dates for both Windows 10 and Office 2016/2019, organisations should take a holistic approach to ensure seamless updates across their IT environments. It isn’t just about compliance it’s an opportunity to enhance security, improve productivity, and unlock modern collaboration tools. A last-minute Windows 11 upgrade is not a viable strategy. Businesses must assess hardware compatibility, application readiness, licensing implications, and deployment plans well in advance to avoid major disruptions. Key Challenges Businesses Must Address Successfully upgrading to Windows 11 requires careful planning across multiple areas, including hardware, applications, and user adoption. Key challenges include: Assessing device compatibility: Many older laptops and desktops do not meet Windows 11’s strict hardware requirements and may need replacing. Evaluating application compatibility: Will legacy software function correctly on Windows 11, or will it require upgrades or replacements? Deployment planning: Businesses must plan device rollouts, licensing transitions, and data migration to ensure a smooth transition with minimal downtime. Without a proactive upgrade plan, organisations risk downtime, cybersecurity vulnerabilities, and rising IT costs all of which could have been avoided with early preparation. What to Expect Navigating Windows 10’s End-of-Life transition can be complex, but this guide will break it down into four key sections to help your business prepare smoothly and effectively: Windows 11 Benefits vs Windows 10: Why Windows 11 is not just an upgrade but a fundamental improvement in security, performance, and features. Upgrade
Segmenting Your Microsoft 365 Global Address List for Multi-Domain Organisations
Segmenting Your Microsoft 365 Global Address List for Multi-Domain Organisations In an era where mergers, acquisitions and multi-academy consolidations are commonplace, centralising multiple domains into a single Microsoft 365 tenant delivers undeniable efficiencies in security, licensing and administration. Yet with consolidation comes the hidden risk of an unwieldy Global Address List (GAL) – a single directory that exposes every mailbox, group and resource across your entire tenant. For an education trust of a dozen schools, this can mean a teacher accidentally emailing safeguarding records to the wrong academy. For a merged enterprise, it may result in sensitive financial forecasts landing in a newly acquired subsidiary’s inbox. This article presents a fully-up-to-date approach – using native Exchange Online Address Book Policies (ABPs) – to carve a monolithic GAL into secure, domain or division specific views You’ll gain: An understanding of why a single GAL poses security, compliance and productivity challenges A clear description of ABP components and their interplay Detail and plain-English explanations of PowerShell implementation patterns Expanded sections on Security & Compliance, Extending Segmentation into Teams and Beyond, and Governance Wherever possible, I’ve drawn directly from Microsoft’s latest documentation to ensure accuracy. Why a Single GAL Becomes a Liability Many organisations believe a centralised directory is inherently beneficial: one search bar to rule them all. In practice, users endure information overload when they must sift through hundreds or thousands of irrelevant entries to find a colleague or resource. Worse, autocomplete treats internal and external addresses the same, so a slip of the finger can expose confidential data to unintended recipients. For multi-academy education trusts, safeguarding student information is non-negotiable. A misplaced click can send pupil assessment data or pastoral notes to the wrong school, risking GDPR breaches and parental complaints. In corporate scenarios – say, a company acquiring a competitor – financial controllers might inadvertently share year-end bonus details with executives of the acquired entity. These are not hypothetical concerns; every mis-addressed email carries reputational damage, regulatory fines and erosion of stakeholder trust. IT helpdesks bear the brunt of this chaos, fielding reported incident tickets such as “Why can’t I find Mrs Jones in my academy?” or “Why am I seeing rooms from the finance department?” These repetitive queries divert valuable IT capacity from strategic projects – be it rolling out a new learning-management system or deploying advanced security analytics. As tenant scale grows, so too do the hidden costs of a monolithic GAL. Address Book Policies: Virtual Segmentation Rather than fragment your environment into separate tenants – an approach that multiplies licences, security boundaries and operational overhead – Exchange Online’s Address Book Policies (ABPs) offer a “virtual partition” within your existing tenant. An ABP bundles together four filtered directory view components so that users see only the objects assigned to their business unit or academy all while retaining centralised governance and compliance controls. At its core, an ABP comprises: A Global Address List (GAL) scoped by a recipient filter, defining which mail-enabled objects appear in name-resolution requests. An Offline Address Book (OAB) downloaded by Outlook clients in cached mode, ensuring offline users browse the same filtered directory. A Room List, for filtering resource mailboxes (meeting rooms, shared equipment) to prevent cross-unit booking conflicts. Custom Address Lists, enabling category-based browsing (e.g. by department or faculty) within the defined scope. By tagging mailboxes using a custom attribute or SMTP domain suffix you drive these filters automatically, so new users immediately inherit the correct ABP without manual reassignment. The Address Book Policy Routing agent further enforces isolation by marking out-of-scope lookups as “external” ﹘ preventing misleading “internal” display names in autocomplete once you enable it with: Set-TransportConfig -AddressBookPolicyRoutingEnabled $true Dissecting the Four ABP Pillars Global Address List (GAL) When a user types a name into the To: field in Outlook or OWA, the directory lookup consults the GAL. A domain-specific GAL (e.g. GAL_Contoso) ensures that Division A staff resolve only their own colleagues, distribution lists and contacts. This scoping is driven by a recipient filter, most commonly mapping CustomAttribute1 to a division code, such as “Contoso”. Offline Address Book (OAB) Outlook’s cached-mode clients download the OAB every eight hours by default. When you create an OAB that points to the same filtered GAL and address lists (e.g. OAB_Contoso), offline users maintain the same segmented experience even when disconnected from the network. This is critical for remote or bandwidth-constrained environments where cached-mode Outlook is the norm. Room List Resource mailboxes (meeting rooms, hot desks, equipment) often clutter the global directory. By creating a Room List object filtered on both the RecipientDisplayType (e.g. ConferenceRoomMailbox) and your division tag, you surface only the relevant rooms in meeting-room pickers preventing double bookings and administrative friction across units. Custom Address Lists Under each GAL, you can present one or more Custom Address Lists for instance, “Finance Teams” or “Faculty Staff” using the same division filter. These lists appear as categories in Outlook’s address-book pane, enabling structured browsing rather than free-form search. Together, all four components weave a seamless, tailored directory experience for each business unit. Security & Compliance: Fortifying Your Boundaries Segmentation does more than improve usability – it underpins your security and compliance strategy with multiple, reinforcing controls. Data Loss Prevention (DLP) becomes markedly more precise With a monolithic GAL, DLP policies must blanket the entire tenant, triggering false positives when users legitimately email across divisions. By contrast, ABP segmentation lets you craft targeted DLP rules that apply within each directory silo. For example, exam results can circulate freely within an academy but are blocked when addressed outside its ABP, sharply reducing administrative overhead in policy tuning and alert triage. eDiscovery and legal-hold scenarios Segmented GALs shrink your search scope. Compliance officers can restrict Content Searches to a single ABP, slashing processing time and data volumes. In education trusts, this ensures that subject-access requests remain tightly confined to the relevant academy, a critical requirement under GDPR and UK data-protection regulations. Auditability improvement Exchange’s Admin Audit Logs record
Microsoft Graph vs Azure PowerShell: Key Differences & Capabilities
Microsoft Graph vs Azure PowerShell: Key Differences & Capabilities Introduction I have been asked a number of times by connections and in DMs over the last few weeks about Microsoft Graph and Azure PowerShell – so I figured I would put together a post on this topic – afterall knowledge sharing is knowledge learned. Both Microsoft Graph and Azure PowerShell are powerful tools for managing Microsoft cloud services, but they serve different purposes. Microsoft Graph is the unified REST API that spans across Microsoft 365 services (Azure AD, Teams, Exchange, SharePoint, etc.), while Azure PowerShell refers to the PowerShell modules for managing Azure resources (and previously Azure AD) in a command-line context. Understanding the differences is important for administrators, especially as Microsoft is moving more functionality to Graph (and deprecating some older Azure PowerShell modules). In this post, I will compare their key differences, see how each can be used in practice, and discuss transitioning from Azure PowerShell (AzureAD/MSOL) to Microsoft Graph. Comparison Table: Microsoft Graph vs Azure PowerShell Below is a comparison of key aspects of Microsoft Graph (PowerShell SDK) and Azure PowerShell (specifically the AzureAD PowerShell module for Azure Active Directory tasks, as an example): Practical Scenario & PowerShell Script Examples To illustrate the difference in execution, consider a practical scenario: Creating a new user in Entra ID (Azure AD). Below are two script snippets that achieve the same goal – one using Microsoft Graph PowerShell and one using the AzureAD PowerShell module. Both will create a new user account, but notice the differences in how they authenticate and the cmdlet syntax: Using Microsoft Graph PowerShell: # Connect to Microsoft Graph with the necessary scope (permission) for user management Connect-MgGraph -Scopes “User.ReadWrite.All” # Define a password profile for the new user $passwordProfile = @{ Password = “P@ssw0rd!” } # Create a new user via Microsoft Graph API (through the Graph PowerShell SDK) New-MgUser -DisplayName “John Doe” ` -UserPrincipalName “john.doe@contoso.com” ` -MailNickname “john.doe” ` -AccountEnabled $true ` -PasswordProfile $passwordProfile # The above commands connect to Microsoft Graph and then create a new Azure AD user named John Doe with the specified UPN and password. # Benefit: This uses Microsoft Graph’s up-to-date API, allowing access to the latest Azure AD features and ensuring compatibility with future updates (Graph is the modern approach). Using Azure PowerShell (AzureAD module): # Connect to Azure AD using the AzureAD module Connect-AzureAD # Prepare a password profile object for the new user (AzureAD module requires a specific object type) $newUserPassword = New-Object -TypeName Microsoft.Graph.PowerShell.Models.MicrosoftGraphPasswordProfile $newUserPassword.Password = “P@ssw0rd!” # Create a new user using AzureAD PowerShell module New-AzureADUser -DisplayName “John Doe” ` -UserPrincipalName “john.doe@contoso.com” ` -MailNickname “john.doe” ` -AccountEnabled $true ` -PasswordProfile $newUserPassword # This connects to Azure AD and creates the same user. # Benefit: AzureAD cmdlets are simple and were purpose-built for Azure AD tasks, which made them easy to use for administrators familiar with PowerShell. Explanation In the Graph script, we use Connect-MgGraph with an OAuth scope, reflecting Graph’s need for consent to specific permissions. We then call New-MgUser – a Graph cmdlet – to create the user. In the AzureAD version, we simply do Connect-AzureAD (which uses your account’s credentials) and then New-AzureADUser. One immediate difference is authentication; Graph encourages a scoped OAuth token (more secure and fine-grained), whereas AzureAD module uses your account context directly. Also, Graph’s cmdlet is part of a broader SDK that can manage more than just users, whereas New-AzureADUser is from a module solely focused on Azure AD. # Update Note # Original $newUserPassword in the AzureAD module was: $newUserPassword = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile # Changed to: $newUserPassword = New-Object -TypeName Microsoft.Graph.PowerShell.Models.MicrosoftGraphPasswordProfile # Change Reason: #Microsoft.Open.AzureAD.Model.PasswordProfile was the part of Azure AD for Graph (Azure AD v2), and Azure AD for Graph (Azure AD v2) is deprecated. Migration & Best Practices With Microsoft’s shift toward Graph, many organisations are transitioning from AzureAD/MSOL PowerShell modules to Microsoft Graph PowerShell. In fact, Microsoft Graph PowerShell is the official replacement for the AzureAD and MSOL modules. Here are some key points and best practices for migrating and working across both tools: Plan the Migration: Start by identifying all scripts and processes that use the AzureAD or MSOL modules. These legacy modules are deprecated and may run the risk of stopping entirely after the retirement date (30 March, 2025). List out those scripts – for each, there should be an equivalent approach using Microsoft Graph PowerShell SDK (https://tinyurl.com/4rwp8c4y). Map Out Equivalent Cmdlets: The Graph PowerShell SDK cmdlet names are different from AzureAD module cmdlets. For example, Get-AzureADUser becomes Get-MgUser, New-AzureADGroup becomes New-MgGroup, etc. Microsoft has provided a migration guide (https://tinyurl.com/2s3p3cyh) to help find Graph equivalents. Update your scripts by replacing old commands with the new Graph commands. Keep in mind that parameters might differ slightly, and Graph cmdlets may require specifying properties or filters to get the same data. Modernise Authentication: One of the key differences when migrating is how you handle authentication. The AzureAD module allowed using Azure AD credentials (often with less granular permissions). In Graph, you should use Connect-MgGraph with the appropriate scopes, or set up an app registration for app-only access in automation scenarios. This means possibly updating how your scripts authenticate – e.g., using certificate-based auth for unattended scripts or interactive device login for ad-hoc runs. The benefit is improved security (MSAL and modern auth with token scopes) compared to legacy ADAL-based auth. Ensure your environment is ready for this (you might need to register an Azure AD app and grant it admin-consent for certain Graph scopes). Test Thoroughly: Because the output objects and behaviors can differ, test your updated scripts in a non-production environment. For instance, Graph cmdlets might return different default properties than AzureAD cmdlets did. Verify that the new scripts perform the intended tasks (create the users, update the groups, etc.) and that all required data is being handled. Pay attention to any Graph-specific considerations, like throttling limits or required permission consent – adjust your approach if needed
30 Years In IT Series Closure – Looking Ahead: The Next 10 Years in IT
30 Years In IT Series Closure – Looking Ahead: The Next 10 Years in IT As I wrap up my #30YearsInIT series, it feels only right to take a step back and look ahead toward the future of IT and how it might evolve over the next decade. By the time I reach my 40 Years In IT milestone, I expect we will see profound transformations across the technology landscape, driven by innovation and shifting needs within the Microsoft ecosystem and the broader world of IT. This post is my reflection on the potential of where we might be headed, what technologies and trends could reshape our industry, and how IT professionals must adapt to meet these new challenges. Applications: A Future Beyond the Conventional Over the next decade, I foresee applications becoming even more intuitive, intelligent, and deeply integrated into our day-to-day lives. Today, we are already seeing how Microsoft Copilot and other AI tools are transforming (enhancing???) productivity. By the time I mark #40YearsInIT (yes I will be close to retirement then – Mark), applications will likely become predictive assistants, capable of understanding not just workflows but also proactively anticipating needs. In the Microsoft ecosystem, this means Office tools and platforms like Microsoft Teams may evolve to become highly autonomous, learning user habits and actively suggesting solutions, automating tasks, and even drafting documents without prompting. For UK businesses, particularly in the Education and Non-Profit sectors, I imagine applications will become the enablers of individualised learning and tailored experiences. Teachers might leverage AI-powered tools that adapt lesson plans to each student’s progress, while charities could automate more of their administrative tasks, allowing them to focus more energy on their causes. In the Private and Public sectors, integration will be key. Dynamics 365 could become the central nervous system of businesses, connecting every part of an organisation seamlessly, from customer service to sales and from finance to operations, fuelled by AI that analyses and improves processes in real-time. Lets not forget about how the Power Platform will evolve and along with AI, be able to meticulously change the time and effort involved in write documentation, performing data analysis and assisting with Dynamics 365 across the business. Tine saved equals effective cost management equals increased profitability. Devices: From Hardware to the Invisible Interface When it comes to devices, I expect to see a significant reduction in hardware dependency. The last 30 years have brought us desktops, laptops, smartphones, and tablets. But as I look to the future, I see the rise of wearables, augmented reality (AR) headsets, and perhaps most intriguingly, the concept of invisible interfaces, where physical hardware becomes less of a focus. Devices may not necessarily disappear, but their role will evolve to seamlessly blend into the environment, AR glasses, voice interactions, and gesture-based controls could become commonplace, eliminating the need for traditional screens. For Microsoft, this might mean expanding Windows beyond a PC operating system into something far more pervasive. Imagine the operating system existing across all devices and experiences, from HoloLens for immersive business collaboration to smart surfaces and even wearable interfaces. In the education sector, this could mean students interacting with learning materials through mixed-reality environments, creating more engaging and practical experiences that far exceed what we have today. Infrastructure: The Cloud Evolves and Edge Computing Takes Over The next ten years will likely see a complete transformation in how IT infrastructure is conceived and managed. Cloud computing will continue to dominate, but the focus will shift more towards hybrid models and edge computing. Edge computing, in particular, will bring the processing power closer to where data is generated, reducing latency and enabling faster, more responsive services. For UK businesses in sectors like Public Services and Healthcare, this will be a game changer, enabling real-time data processing and ensuring compliance with stringent data privacy regulations. Within the Microsoft ecosystem, services like Azure are already leading this movement, but in the coming decade, I anticipate that Azure will become even more integral. We will see Azure Arc extending the capabilities of Azure to needed (likely to still be required for certain government/global businesses) on-premises, multi-cloud, and edge computing environments, offering consistent security, identity management, and DevOps capabilities across all workloads, wherever they reside. For IT professionals, this evolution will mean shifting skillsets towards managing these distributed, interconnected environments that offer the flexibility of the cloud with the performance of on-premises setups. Automation: Intelligence at Scale Automation will be one of the most significant areas of transformation, impacting every facet of IT, from infrastructure management to user experience. As automation technologies mature, I expect that more and more of the routine, repetitive tasks will be delegated to intelligent bots (or AI agents) and automated workflows. In the Microsoft ecosystem, tools like Power Automate and Logic Apps are paving the way, but ten years from now, these tools could enable a level of operational automation that we can only dream about today. For instance, business process automation will no longer be something managed solely by IT departments but could be managed by any department user, regardless of technical skills, who will have the tools at their disposal to build and modify workflows, tailor business processes, and automate key tasks without writing a single line of code. This will create opportunities for all sectors, Education, Non-Profit, Public, and Private, to drive efficiency, reduce costs, and improve overall service delivery. In schools, for example, automation could help reduce the administrative burden on teachers, allowing them to focus more on teaching. In the Non-Profit sector, repetitive tasks like donor management and event planning could be automated, freeing up staff to engage more deeply with their causes. For Public sector organisations, automation could streamline processes like licensing, permitting, and citizen services, enhancing the overall efficiency of governance. The Role of AI: Embedded in Every Aspect Finally, it’s impossible to discuss the future of IT without acknowledging the role of AI. In ten years, AI won’t just be a tool; it will be
Artificial Intelligence – AI: Friend or Foe
Artificial Intelligence – AI: Friend or Foe? In the last but one part of my #30YearsInIT series, I find myself turning to a topic that has stirred up plenty of curiosity, debate, and even a little anxiety across industries: Artificial Intelligence. Specifically, I want to explore Microsoft’s introduction of AI into their ecosystem, branded as Copilot. These are my personal thoughts and opinions, built on my experience as technology has moved at an unprecedented speed, and the research I’ve gathered to understand where we’re heading with AI. Let’s dive in – what does AI in the Microsoft ecosystem mean for you, your team, and your business? What Is Microsoft Copilot? Microsoft Copilot represents the next chapter in productivity tools, integrating AI to assist in everyday tasks within the Microsoft 365 environment. It’s built using OpenAI’s GPT-4 model, the latest and most advanced generative AI, designed to help people work smarter by embedding itself into familiar tools like Word, Excel, Outlook, and Teams. But what can it bring to an organisation, a project team, or end users? What does “Copilot” actually mean? A “copilot” is typically the second pilot in an aircraft, assisting the main pilot with navigation, communication, and other flight duties. In a broader sense, it refers to someone who helps or supports another person in their tasks. In the context of technology, like Microsoft Copilot, it means an “AI assistant“ designed to help users with various tasks, making their work more efficient and productive. Imagine an assistant who understands your workflows, helps write and summarise documents, automates repetitive tasks, and even provides data insights directly in your work environment – all within your Microsoft 365 apps. The promise here is one of less time spent on mundane tasks and more on creative, strategic work. Copilot can help generate content drafts, propose recommendations based on your data, and enhance meeting productivity by summarising key points in Microsoft Teams. But is it all smooth sailing? Can this AI truly be trusted to handle critical data securely and accurately? What AI Can Bring to an Organisation The potential impact of Copilot on productivity is significant. For project teams, Copilot can speed up the drafting of project plans, assist in scheduling, and generate instant data visualisations in Excel or PowerBI, helping turn raw data into actionable insights faster than ever before. The potential gains in efficiency are unmeasurable (differs based on organisation size and the experience and knowledge of existing employees) when daily or routine but time-consuming tasks are delegated to an AI assistant, allowing team members to focus on more creative, high-value work. For end users, whether they are content writers, project managers, or data analysts, Copilot can serve as a partner in drafting professional, polished emails, creating complex formulas in Excel, or even suggesting improvements to the language and structure of reports in Word. This represents a major shift in how we work no longer struggling with tasks that are outside our expertise but instead having AI to bridge those gaps seamlessly. For organisations as a whole, Copilot offers not only efficiency gains but also improved consistency in communication, quality in deliverables, and the ability to standardise best practices across the workforce. It can help businesses of all sizes make sense of their data, improve communication channels through automated meeting notes and summaries, and reduce the manual burden on support teams through AI-driven helpdesk solutions. The Risks and Concerns: Is AI Safe? With the promise of AI also comes valid questions and concerns: Is AI safe? Can we trust it with sensitive business data? What happens if it gets things wrong? Who is at fault for AI failures? Who is blamed? These are the questions I believe every IT leader, manager, and even end user is asking, and rightly so. Data Security and Compliance: One of the key assurances Microsoft offers is that Copilot is built on top of Microsoft’s security, compliance, and privacy controls. The data used by Copilot is not trained on external datasets or used to train the broader AI model it remains within the boundaries of the customer’s Microsoft 365 tenant. This distinction is crucial for maintaining data privacy and ensuring compliance with regulations such as GDPR. For organisations that have spent years building secure on-premises environments, these guarantees are paramount to feeling comfortable transitioning to AI. Accuracy and Reliability: Copilot, like all AI, is not 100% accurate. There is always the risk of inaccuracies, especially when asked to generate content, write development code, or summarise complex discussions. Microsoft has acknowledged this by positioning Copilot as a collaborative partner (an assistant, an agent) rather than a standalone solution. It’s meant to enhance human creativity and productivity, but the responsibility for checking and verifying the output ultimately remains with the user. This approach makes sense; AI can be incredibly powerful, but without human oversight, mistakes are inevitable and if not tested, documented, or managed can lead to unknown and unimaginable challenges and failures: Preventing Abuse and Misinformation: Microsoft is aware of the potential for abuse using AI to spread misinformation or for malicious purposes such as click-bait, phishing, or fraudulent activity. To combat this, the company has implemented Guardrails, a series of measures designed to prevent misuse. This includes content moderation filters, abuse detection systems, and monitoring capabilities that can detect and stop the abusive use of AI. By ensuring that Copilot is embedded within Microsoft’s trusted environment, the goal is to mitigate these risks and provide users with tools that are as safe as possible. An Argument: The Future of AI – Is It the Best Path Forward? AI is undeniably a powerful tool, but it also introduces complexities that can make decision-makers hesitant. For many organisations, the thought of AI generating content autonomously feels uncomfortable, particularly for those accustomed to tight control over
The Future of SharePoint On-Premises: A Glimpse into SharePoint 2022, 2025, and Beyond
The Future of SharePoint On-Premises: A Glimpse into SharePoint 2022, 2025, and Beyond As I write the final three articles in my continuing #30YearsInIT series, I arrive at a crucial point for many organisations still invested in on-premises infrastructure and solutions – SharePoint On-Premises. While much of the focus today is on the cloud and how it empowers modern workplaces, SharePoint’s on-premises versions continue to evolve, meeting the unique needs of businesses that require greater control over their infrastructure. This post takes a look at SharePoint 2022 SE, previews the upcoming SharePoint 2025?(not officially named by Microsoft at the time of writing), and speculates on what the future may hold for SharePoint on-premises. SharePoint 2022 SE: The Subscription Edition The current latest version, SharePoint Server 2022 Subscription Edition (SE), represents a shift in the framework of how Microsoft approaches on-premises SharePoint deployments. Moving away from major version upgrades every year, the Subscription Edition focuses on continuous updates that ensure the product remains current without requiring complete overhauls every few years. This shift means that on-premises users can enjoy modern features similar to those in SharePoint Online but with the flexibility of managing everything locally. Key features introduced in SharePoint 2022 SE include: Support for Modern Development: SharePoint SE introduces support for SharePoint Framework (SPFx) 1.5.1, which enhances customisation scenarios, allowing developers to use modern web technologies to build responsive applications and productive experiences. The integration of SPFx means that developers working in on-premises environments now have access to a set of tools and methodologies previously reserved for SharePoint Online, enabling more modern, interactive features to enhance user engagement. Granular Security Enhancements: There’s also improved private key management for certificates, ensuring robust security, and native support for TLS 1.3, offering the latest in secure communication between systems. Antimalware Scan Interface (AMSI) integration also represents a critical addition to protect against evolving cyber threats. AMSI allows for deep integration with on-server antimalware tools, ensuring that SharePoint deployments are protected against potentially malicious requests. Infrastructure Modernisation: Recompiled with Visual C++ 2022, SharePoint 2022 SE is now built on a modern development stack, making it capable of taking advantage of the latest server hardware improvements, boosting performance and reliability in enterprise environments. This modernisation is crucial in improving compatibility with newer versions of Windows Server, specifically Windows Server 2022, which ensures enhanced stability and performance. User Experience and Productivity Improvements: The modern document libraries and lists introduced in SharePoint 2022 SE offer a streamlined and user-friendly experience, akin to what users are familiar with in SharePoint Online. These modern libraries come with features like bulk editing, improved copy and move capabilities, and column formatting enhancements, allowing for better data visualisation and interaction. Button web parts now make it easier for users to create actionable pages, improving intranet usability for business teams. Hybrid Flexibility: SharePoint 2022 SE has also enhanced hybrid connectivity capabilities. Organisations that want to bridge their on-premises environment with the cloud can take advantage of improved hybrid search, which allows data from both on-premises and cloud-based SharePoint environments to be searchable from one unified search experience. The continuous update model of SharePoint 2022 SE means that new features are released twice a year, bringing predictability to feature rollouts. These feature updates are also bundled into monthly public updates that include security and quality enhancements, ensuring organisations remain secure while having access to the latest productivity tools. SharePoint 2025: Looking Ahead – A Personal Opinion Microsoft has made no official announcements regarding SharePoint 2025 (Not sure if it will even release at this time), but if the recent progression (and existing 3 year release schedules) is any indicator, we will likely see further alignment with the Microsoft 365 ecosystem due to the constant frequency of updates made to the cloud. SharePoint 2025 may continue the trend of building on the Subscription Edition, incorporating further advancements such as: Deeper Integration with Cloud Services: As hybrid models become more understandable and useable, future on-premises versions could make hybrid deployments more seamless. For instance, better integration with Power Platform services such as Power Automate for workflows might enable businesses to bridge on-premises data with cloud automation services. By leveraging the Power Platform, organisations could create sophisticated workflows that include both on-premises and cloud-stored (and accessible) data, ensuring efficient data processing and business logic management across environments. AI and Machine Learning on Premises: Leveraging AI capabilities seen in Microsoft 365, SharePoint 2025 could potentially introduce on-premises AI capabilities for enhanced search, document classification, and automated metadata tagging, giving on-premises users some of the power that SharePoint Online users enjoy. With AI and machine learning, on-premises environments could benefit from advanced content organisation, helping users find information faster and reducing the overhead involved in managing large volumes of documents. Improved Collaboration Features: Expect improvements to hybrid collaboration tools, further integration with Microsoft Teams, and enhanced real-time co-authoring capabilities, even in environments with limited external connectivity. SharePoint 2025 may also push for better integration with Microsoft’s suite of collaboration tools, making it possible for on-premises users to interact seamlessly with cloud users within the same Teams and SharePoint channels. Expanded Hybrid Search Capabilities: Microsoft could expand hybrid search capabilities to allow even more seamless interaction between on-premises and cloud environments. This might include new ways of indexing and searching content stored on different systems, providing a unified interface to users irrespective of where data resides. Enhanced Microsoft Graph integration might also bring more personalised search experiences to on-premises deployments. Low-Code Development and Automation: The push towards enabling citizen developers will continue, with SharePoint 2025 likely to enhance support for PowerApps and Power Automate, enabling more low-code/no-code solutions for on-premises users. This could allow organisations to empower their workforce to develop business apps and workflows independently, reducing dependency on IT teams while boosting efficiency. The Future: SharePoint 2028 and Beyond – A Personal Opinion If we look beyond the current horizon, it’s plausible to see SharePoint 2028 pushing the boundaries of what “on-premises” really means.
Azure and Power Platform: A Catalyst for Growth
Azure and Power Platform: A Catalyst for Growth Continuing my #30YearsInIT series, I reflect on a transformative chapter that began in 2020, when I joined a company that pushed my knowledge boundaries like never before. This period was defined by two key pillars of the Microsoft ecosystem; Azure and the Power Platform. While the journey included many elements of Service desk Management, Change Management, and M365 projects, it was the deep dive into Azure and Power Platform that made these years truly remarkable and transformative for both myself and the organisation I worked with. Embracing the Vast Capabilities of Azure When joining this company, I took on the role of a Senior IT Consultant, a position that would immerse me in the huge scope of Microsoft Azure. It was a role that presented new challenges every day, demanding continuous learning and a drive to succeed. Azure is not just a cloud platform; it’s a network of interconnected services designed to help businesses achieve scalability, security, and flexibility in their IT environments. Over the next two years, I found myself delving into multiple areas of Azure, each requiring me to stretch my capabilities and embrace continuous learning. One of the standout areas was Security and Compliance. As the organisation pushed toward the UK IASME Cyber Essentials Plus accreditation, I learned first-hand the importance of secure cloud architecture. This included understanding Azure Security Centre, implementing Network Security Groups (NSGs), and ensuring data integrity and security within Azure Storage. Compliance frameworks (GDPR, DPA2018, etc,.), particularly within the UK regulatory environment, played a significant role in shaping the cloud configurations. Azure’s comprehensive suite of security tools allowed the organisation to set up robust systems, providing reassurance that our cloud assets were secure from evolving threats. Azure was not just about security; it was also about building and managing infrastructure at scale. I gained knowledge and experience in setting up and managing Virtual Machines (VMs) that I now have running within my own Microsoft tenant, understanding how to balance cost and performance effectively. Using Azure Monitor and Log Analytics, I gained insight into application performance, availability, and the operational health of services. Additionally, Azure’s Virtual Network (VNet) capabilities enabled the organisation to create secure, isolated networks for different applications, ensuring both flexibility and security in the cloud architecture. Azure’s role in Mobile Device Management (MDM) and Mobile Application Management (MAM) also stood out as particularly valuable. Using Microsoft Intune, we were able to ensure that mobile devices whether corporate-owned or BYOD adhered to the security policies, providing controlled access to company resources. This helped facilitate remote working and reinforced our commitment to security, particularly in a landscape where flexible work arrangements were becoming increasingly essential. Another intriguing area was the use of Azure Logic Apps. These serverless workflows allowed us to automate numerous business processes, connect disparate systems, and ultimately simplify complex workflows. This was particularly beneficial when managing the integration between Azure services and Microsoft 365, streamlining processes and reducing manual tasks. In 2024, Microsoft has made significant updates across its Azure services, including enhanced security for cloud-native applications. For example, Azure Chaos Studio now supports resource tags, which adds another layer of structured security across services, a feature beneficial for organisations seeking robust control and governance in cloud operations. Additionally, Azure Monitor expanded its pipeline capabilities to edge environments, which helped businesses gather high-scale data insights beyond traditional boundaries, supporting a more comprehensive operational picture. The Power Platform: Unleashing Business Intelligence and Automation Alongside my work in Azure, I was engaged substantially more with the Power Platform, and this has become another major component of my journey. The Power Platform encompasses Power BI, PowerApps, Power Automate, Power Pages, and Power Virtual Agents, and is focused on empowering individuals within an organisation to solve business challenges through data insights, application development, and workflow automation. Power BI quickly became an invaluable tool for the organisation. Its ability to create interactive dashboards and detailed visualisations enabled us to extract insights from data that previously would have been buried within spreadsheets. For both the internal teams and the clients, the reports and dashboards created in Power BI provided actionable intelligence that drove decision-making. Being able to pull data from multiple sources and create real-time visualisations was not only a technical achievement but also a huge driver for improved business agility. Over time, I began to explore the capabilities of PowerApps and Power Automate. PowerApps allowed the creation of custom applications that suited the unique needs of the organisation, with a particular emphasis on modernising (and replacing) legacy processes. These applications were often built effectively to best practices and could be deployed without extensive developer resources, providing a cost-effective way to solve business challenges. The process of understanding the user requirements, designing a user interface, and iterating based on feedback was rewarding and showcased how technology can directly meet business needs. Power Automate was another game-changer. By automating repetitive tasks, the organisation was able to free up valuable time for team members to focus on more strategic initiatives. From simple workflows that handled document approvals to more complex integrations across different services, Power Automate helped to simplify many aspects of daily operations. It was gratifying to see how automation could impact productivity, and this made me appreciate even more the value of tools that allow businesses to work smarter, not harder. The Power Platform has evolved significantly since its initial inception, with Power BI now integrating deeply with Azure services like Azure Synapse Analytics for advanced data processing and analysis. This integration allows businesses to create seamless data workflows, from data import to business intelligence visualisation, enhancing the way companies interact with their data. The Importance of Daily Challenges and Continuous Learning This chapter of my career taught me more than just technical skills; it taught me the importance of resilience and a growth mindset. Azure and Power Platform presented new challenges every day, but it was in facing these challenges that real growth occurred. The UK IASME
Microsoft 365: Embrace a Future in the Cloud
Microsoft 365: Embrace a Future in the Cloud As I continue my #30YearsInIT series, I want to take a moment to explore one of the most pivotal advancements in enterprise technology – Microsoft 365. For businesses unfamiliar with Microsoft 365, or those wondering if the platform could be the answer to modernising their IT infrastructure, this is for you. This post dives into what Microsoft 365 offers and why it has become a cornerstone of productivity for millions of organisations worldwide. The shift towards cloud computing has been transformative for organisations of all sizes. Microsoft 365, launched as the evolution of Office 365, has become synonymous with this change – bringing powerful applications, security features, and collaboration capabilities to organisations across the globe without the need for traditional on-premises infrastructure. Microsoft 365 is more than just Office in the cloud; it is an interlinked ecosystem that enhances productivity, improves communication, and simplifies IT management in a way that was unimaginable just a decade ago. What is Microsoft 365 and Why Does It Matter? At its core, Microsoft 365 is a subscription-based suite of tools and services designed to drive productivity and collaboration across your organisation. It includes familiar applications like Word, Excel, PowerPoint, and Outlook, which have all evolved to take full advantage of cloud integration. But beyond these core apps, Microsoft 365 is a fully integrated platform that also features Teams, OneDrive, SharePoint, and many other tools each playing a role in creating a seamless digital workspace. For organisations considering moving away from on-premises systems or other cloud platforms, Microsoft 365 provides several compelling advantages: Seamless Collaboration: Microsoft Teams acts as the heart of the collaboration experience, integrating messaging, voice, video meetings, and file sharing into a single hub. Whether you are working from the office, home, or on the go, Teams ensures everyone stays connected and productive. Anywhere, Anytime Access: With Microsoft 365, users have the freedom to access their files and applications from virtually anywhere whether it’s through a desktop, laptop, tablet, or smartphone. OneDrive provides each user with 1 TB of cloud storage, enabling seamless file access and collaboration on documents from any device. This ability to work wherever you are helps ensure that business continues uninterrupted, regardless of location. Real-Time Collaboration and Co-Authoring: With SharePoint Online and OneDrive, your team can collaborate on documents in real-time. Whether you’re working on an Excel spreadsheet or a PowerPoint presentation, multiple users can edit the document simultaneously, which reduces the back-and-forth of version control. It is this kind of functionality that takes productivity to new heights by eliminating inefficiencies. Security and Compliance: Microsoft 365 places significant emphasis on security and compliance, something that on-premises environments often struggle to maintain without considerable cost and effort. Microsoft provides built-in security features such as Microsoft Defender, Advanced Threat Protection, Data Loss Prevention (DLP), and multi-factor authentication (MFA). These features provide enterprise-grade security to protect your data and meet compliance needs across industries. Integrated Productivity: Planner, Forms, Microsoft Bookings, and Outlook are just a few examples of how Microsoft 365 integrates tools for managing tasks, projects, appointments, and communications all in one place. These applications enhance the capability to track work, schedule meetings, and automate simple tasks, helping organisations streamline operations and improve efficiency. Power Platform Integration: Power Platform is a vital part of Microsoft 365 that empowers users to create, automate, and analyse data to solve business problems. Power BI provides powerful analytics and data visualisation capabilities that help businesses make data-driven decisions. PowerApps allows users to create custom business applications without the need for extensive coding skills, giving organisations the ability to quickly build solutions tailored to their specific needs. Power Automate simplifies workflow automation, enabling users to automate repetitive tasks and integrate various services within the Microsoft 365 ecosystem, improving efficiency and productivity across the board. Microsoft Viva: Microsoft Viva is a newer addition to Microsoft 365, focused on employee experience and engagement. It integrates seamlessly with Teams and other Microsoft 365 applications to help employees stay connected, access relevant information, and grow professionally. Viva consists of several modules like Viva Connections for fostering company culture, Viva Learning for professional development, and Viva Insights for well-being and productivity analysis. By offering tools that enhance employee satisfaction and performance, Microsoft Viva ensures that the workforce remains engaged and productive, even in hybrid or remote working environments. Why Businesses Should Consider Microsoft 365 For many organisations, the shift from on-premises solutions to Microsoft 365 is about more than just cost savings, it is about enabling growth, improving flexibility, and being prepared for the future. Compared to maintaining a complex, on-premises IT infrastructure, Microsoft 365 offers an operational expenditure model with predictable monthly or yearly costs, which can be especially attractive to small and medium-sized businesses (SMBs) looking to optimise their budgets. One of the biggest advantages of Microsoft 365 is its continual innovation. Unlike traditional software that requires periodic major upgrades, Microsoft 365 delivers regular updates, ensuring you always have access to the latest features and improvements. This constant evolution helps businesses stay ahead of the curve, with tools that reflect the latest trends in productivity, collaboration, and security. For organisations that have previously relied on other cloud providers like Google Workspace or AWS, Microsoft 365 presents an opportunity to integrate productivity tools deeply with existing Microsoft environments, such as Windows and Microsoft Entra ID (formerly Azure Active Directory). This level of integration is difficult to achieve with disparate tools, making Microsoft 365 a standout choice for businesses already embedded in the Microsoft ecosystem. Transforming How an Organisation Operates With the introduction of Microsoft 365, organisations have an opportunity to fundamentally transform how they work. This isn’t just about giving employees the ability to create documents or send emails; it is about creating a truly connected and digital workplace. Microsoft Teams has become the hub for collaboration, while OneDrive and SharePoint Online provide the backbone for file sharing and document management. By unifying