COMMENTARY: AI is affecting everything. It is also becoming a real opportunity for MSPs, but only if they treat it as more than a license sale. SMBs may be asking about Copilot or other AI tools, but they need a lot more help than that. They need someone to clean up their data, tighten permissions, manage shadow AI risk, and show employees how to use AI safely. That is the opportunity for MSPs - as consultants and advisors. The partners that win here will be the ones that turn AI into an ongoing service, not a one-time rollout. Done right, it gives MSPs a new way to stay close to customers and prove their value.
Artificial Intelligence (AI) is quickly becoming a crucial part of the small and medium-sized business (SMB’s) technology stack, offering productivity and efficiency benefits that were previously unimaginable. The demand for AI services is so strong that, perhaps for the first time, SMBs are shaping the services that Managed Service Providers (MSPs) need to deliver.
There is mounting pressure for MSPs to deliver managed AI services: supporting their customers through AI rollout, adoption, and optimisation. While demand has been prevalent, the MSP market has been fairly slow to respond. Many MSPs are still lacking the internal expertise, infrastructure, and management tools needed to deliver AI services at scale.
The most successful MSPs will be those who look at AI as an opportunity, rather than an unwanted pressure. AI will not eliminate the MSP role; it will transform it. The MSPs best positioned for success will be those able to evolve beyond traditional IT support and offer structured AI services grounded in strong security and data governance. MSPs that can provide this level of comprehensive support will stand out in an increasingly competitive market, while those unable to adapt risk becoming replaceable.
What should a managed AI service include?
To create a scalable and repeatable AI service, MSPs need to do far more than just sell a license or software. They need to create an end-to-end service spanning support, security, enablement, and consultancy that takes customers from readiness to rollout and beyond.
Managing Shadow AI usage
Shadow AI, the use of unapproved AI tools at work, is already widespread, with 90% of companies reporting regular use of personal AI tools for work tasks. This comes with significant risks. Inputting sensitive business data into OpenAI sources such as ChatGPT or Claude results in the information being sent to servers outside of the organization’s control, which increases the risk of a breach.
MSPs have a responsibility to educate their SMB customers about the potential risks of shadow AI. SMBs expect their MSPs to keep them cyber secure. If an SMB customer experienced a breach as a result of Shadow AI use, they would look to their MSP for answers first.
MSPs need to clearly explain the risks of shadow AI, monitor for dangerous shadow AI usage within their customer base, identify potential vulnerabilities, and help their customers create a plan for ongoing secure use.
As part of this, MSPs should encourage their customers to use an AI tool designed specifically for business use: Microsoft Copilot. As Copilot integrates with Microsoft 365, and all the data input remains within the security boundaries of the organization with the license, the risks of shadow AI are significantly decreased.
Tenant security and data governance
Although Copilot reduces the risks of shadow AI, there are other security concerns to consider. Copilot uses an organisation’s internal data to inform its answers, meaning properly organized, structured, and governed Microsoft 365 data is essential. Reviewing access permissions and strengthening data access controls is also essential, as it prevents Copilot from sharing sensitive information with unauthorised users.
Tenant security and data governance underpin any successful AI offering, ensuring that rollout and adoption are both scalable and secure. The good news is, cybersecurity services are not new for MSPs. The most innovative and effective MSPs can reposition their data governance and security services for the era of AI.
Before beginning an AI rollout, an MSP should audit their customers’ Microsoft 365 environments, configure and enforce best practice policy sets, and continue to monitor for configuration drift or security vulnerabilities. They should then define rules, purposes, and role assignments for Microsoft 365 workspaces, review internal permissions, and strengthen data access controls to protect confidential information by applying sensitivity labels and Conditional Access policies.
The most successful MSPs will not be those who rush to roll out AI across their customer bases, but those who do so in a secure and thoughtful way. For SMBs in the early stages of their AI journeys, the support, education, and enablement they need can be built on top of existing MSP services.
Ongoing advisory services
Of course, the MSP model is built around securing recurring revenue. MSPs can’t rely on individual Copilot rollout projects for this; they need to build an ongoing service. Advisory and enablement services are the key to this. MSPs need to help their customers identify return on investment by highlighting power users and departments who are utilising their Copilot licenses most. On the other side of this, they can spotlight users who are not leveraging their license to encourage the most cost-effective license attribution model. MSPs can also suggest relevant business cases that are specific to their customers’ needs, helping SMBs align their AI usage with their overarching business objectives.
As AI adoption continues to rise, MSPs need to capitalise on its potential. Building managed AI services, grounded in security and enablement, will help set apart those MSPs who will thrive in the new AI era.
ChannelE2E Perspectives columns are written by trusted members of the managed services, value-added reseller, and solution provider channels or ChannelE2E staff. Do you have a unique perspective you want to share? Check out our guidelines here and send a pitch to [email protected]. 
