In this example, enabling Microsoft Security Copilot, even if you are licensed with E5, on a relatively small Microsoft tenant, resulted in thousands of dollars of unexpected charges in under a month – while producing little actionable output.

At VOSS, this aligns with what we see across AI adoption in enterprise collaboration and security environments. AI promises productivity, insights, and automation – but value is never automatic. Without the right telemetry, workflows, and governance, enterprises risk paying consumption-based charges for capacity and capability that isn’t delivering meaningful business impact or value.

From this experience, three critical lessons emerge:

AI compute resources like Security Compute Units (SCUs) are billed continuously. Without careful provisioning and monitoring, costs can escalate rapidly, even in small deployments.

Technical readiness isn’t just licensing; it includes active telemetry, mature security tools, and processes that allow AI outputs to be actionable.

Workflows and use cases need to be defined before enablement. AI is a productivity multiplier, not a magic solution. Its real value comes when it’s embedded into clear, operational workflows that teams can leverage.

For enterprises adopting AI in UC, security, or network operations, the lesson is clear: don’t enable AI because it’s available – enable it when your environment, processes, and governance are ready to support it.

At VOSS, we help our customers navigate this balance, ensuring AI and automation deliver measurable outcomes, improve efficiency, and protect against unintended costs. By approaching AI adoption with readiness and governance at the forefront, enterprises can transform AI from a costly experiment into a powerful business asset.

Please get in touch to discuss your requirements or concerns in more detail.

Microsoft Exchange Online is central to enterprise communication but managing it at scale in an enterprise environment can be challenging – especially for organizations with multiple regions, different time zones, diverse user groups, and distributed support teams.

Existing admin tools – while functional – can fall short when dealing with high volumes of service requests. They often require Microsoft technical expertise and don’t offer tight security controls at the local level. Tasks like mailbox provisioning, distribution list updates, and permission changes often become bottlenecks. Automation attempts may fail due to inconsistent data, rigid workflows, or lack of validation.

One global organization faced several challenges: service requests for the simplest of tasks were slow and prone to errors due to inconsistent handling by service desk teams; administrative access was too widespread, creating both usability and security risks; native admin interfaces proved difficult to navigate at scale; and existing automation tools lacked the flexibility needed to manage the environment’s complexity.

To address these challenges, VOSS collaborated closely with the organization to implement a comprehensive service management solution designed to streamline and secure their Exchange Online service. VOSS introduced a delegated administration model that empowered local service teams by providing role-based access controls and clearly defined organizational hierarchies, ensuring both operational efficiency and improved security. Alongside this, smarter automation workflows were developed featuring intuitive user interfaces, guided input fields, and embedded validation rules that significantly reduced errors and made the process easier for service desk agents of varying skill levels.

The solution also included performance-optimized automation, capable of handling high volumes of requests while remaining flexible enough to adapt to the specific needs of different regions. Finally, integration with the organization’s existing ServiceNow ticketing system enabled seamless end-to-end automation of service requests, supported by standardized templates to further increase accuracy and speed of delivery.

The results were dramatic. The VOSS implementation led to a series of measurable improvements across the organization, including:

• Most standard service requests were handled in minutes with automation, without the need for any manual intervention by the service desk
• There were fewer calls on senior technical staff, with most requests being resolved locally
• There were less errors and faster turnaround, thanks to guided workflows and validation
• There was a significant cost-to-serve reduction of over 27% through automation
• Security controls were improved by replacing global admin roles with local administrator accounts with reduced access rights, supported by robust audit change logs

Managing Exchange Online doesn’t have to be complex. With the right combination of automation, delegation, and control, even the largest environments can run efficiently and securely – freeing up resources for innovation.

If you’re struggling with the limits of existing tools or are burdened by manual processes, now is the time to explore a smarter approach. Please get in touch to discuss your requirements.

There’s an interesting article on UC Today, around the recent work at Microsoft to restrict elevated permissions, as used by applications, in the M365 ecosystem. It finds that many breaches are through access to login credentials tied to elevated or global administrator rights.

• Microsoft Security Enhancements for 365 Platform – UC Today

It asks the question – do you know how many people on your Microsoft 365 service are configured at this level, and if so, do they really need that level of access. As Microsoft points out: IT leaders must actively adapt their environments by auditing permissions, updating authentication methods, and continuously monitoring access.

I’ve extracted the key points made by Kevin Kieller from enableUC, in his recent eBook The IT Pro’s Ultimate Microsoft 365 Management Checklist that are relevant here.

• Do you regularly review and optimize your automation workflows to ensure they remain efficient and effective? Are you confident in your ability to protect sensitive data within your Microsoft 365 tenant from both internal and external threats?
• Do you have robust security controls in place, such as multi-factor authentication (MFA), conditional access policies, and data loss prevention (DLP) rules, to prevent unauthorized access and configuration changes?
• Are you meeting all relevant compliance requirements for data privacy and security (e.g., GDPR, HIPAA, SOC 2) applicable to your industry and region?

• Can you easily audit user activity, track changes made within your environment, and generate reports for compliance purposes?
• Do you have a comprehensive strategy for managing and responding to security incidents within your Microsoft 365 environment?
• Are you regularly reviewing and updating your security policies and configurations to address evolving threats and best practices?

At VOSS we can help answer these questions and have made security an integral part of lifecycle service management within our VOSS for Microsoft solutions.  You can read more detail here, or for more information on VOSS, please do get in touch. 

Read more about Microsoft 365 management, in the eBook from Kevin Kieller: