Microsoft just dropped the GSA Operations Guide on Microsoft Learn — for MSPs who’ve been hesitating on Entra’s secure access features, this is the structured deployment and Day 2 operations playbook that was missing. If your GSA rollouts have been ad-hoc, it’s time to realign.
Microsoft shipped two things this week that sound unrelated but aren’t: Copilot Health Preview brings regulated medical data into the M365 tenant, and Copilot Studio’s computer-using agents can now drive legacy desktop apps without APIs. Together they point to a future where an AI agent detects a lab result and schedules the follow-up by clicking through an EMR—no human, no API. If you’re managing M365 tenants, the governance questions start now. Who can use Copilot Health on managed devices? What’s your credential vaulting policy for agents that act like authenticated users? How do you audit a workflow that has no API call to log?
