You’re probably sick of hearing vendors say “just add automation” as if slapping an AI label on your RMM suddenly turns you into tomorrow’s MSP. The truth is, most of those “AI features” are just making your current model faster, not safer or more durable.
Meanwhile, something more interesting—and more dangerous—is happening in the background: your clients are rapidly filling their businesses with AI tools you don’t manage, don’t see, and are still going to be blamed for when something goes wrong. That’s Shadow AI, and if you want to build an MSP that still exists ten years from now, you need to get on top of it.
What Shadow AI Really Looks Like in SMBs
Shadow AI isn’t just someone signing up for the latest shiny web app. (but you ought to be controlling that too.) It’s AI features embedded into the tools your clients already use every day.
Think about:
- Copilots and “assistants” baked into Microsoft 365, CRM, HR, and finance platforms, turned on by default or added during an update.
- Marketing and sales teams using third‑party AI content tools, chatbots, and “data enrichment” plugins that ask for broad OAuth permissions into M365, SharePoint, and CRM.
- Industry‑specific SaaS that has rolled out “AI insights” or “AI recommendations” and now wants access to your client’s entire dataset.
And most if not all of the embedded AI’s are using which model? That’s right, we don’t know.
From your client’s perspective, they’re just “trying to get more done.” From your perspective, they’ve just created a new security and compliance problem that you didn’t bill for and weren’t even told about.
Why Shadow AI Breaks the Old MSP Model
The classic MSP model assumes:
- You know what tools are in use.
- You approve (or at least see) the permissions they’ve been granted.
- You can draw a neat boundary around “the environment” you’re responsible for.
Shadow AI blows up all three.
Your clients are now granting broad read/write, mailbox, file, and directory permissions to tools that live completely outside your normal stack. They’re pasting sensitive data into external LLMs. They’re training AI tools on customer records, HR notes, and finance data you’ve been telling them to lock down for years.
And here’s the worst part: when that AI tool gets compromised, mishandles data, or leaks something to the wrong audience, your phone is still the one that rings and you’re the one that gets blamed or is expected to fix it. We all know that once data is out there, you can’t retrieve it.
Traditional automation—shorter tickets, better scripting, “smarter” RMM—isn’t going to save you from a problem you never scoped, never priced, and were never in the loop on.
Your New Role: AI Visibility and Governance Partner
This is where tomorrow’s MSP is going to live. Not as “the people who keep printers online,” but as the AI visibility and governance partner for small and midsized businesses.
Instead of just selling “AI‑enhanced help desk,” you add completely new service lines:
- AI use discovery – What AI tools and features are in use today, officially and unofficially?
- Risk and permissions review – What data do they touch, and what have users actually granted them?
- Policy and guardrails – What’s allowed, what’s not, and under what conditions?
- Ongoing governance – Regular reviews, adjustments, and training as new AI features roll out.
This isn’t about blocking everything new. It’s about moving from “we found out about it after the breach” to “we helped you adopt AI safely and on purpose.”
Step 1: Build an AI Visibility Baseline
You can’t govern what you can’t see. So the first piece of your “tomorrow’s MSP” AI offering is a simple, repeatable discovery process.
Start with:
- M365 and identity logs
- Review sign‑in logs, OAuth consents, and app registrations in Entra ID to see what external apps and AI services have access to mail, files, and directory data.
- Look for apps with “read all mailboxes,” “read all files,” or “offline access” scopes. Those should trigger a conversation. These are an immediate problem, how they got here is the prevention program.
- Line‑of‑business and SaaS app review
- Inventory the main SaaS tools the business relies on (CRM, ERP, HR, finance, ticketing) and document which ones have turned on “AI features” and what those features actually do and what their data privacy policy is and who is responsible for maintaining the privacy.
- User‑level discovery
- Short interviews or surveys: “What AI tools are you using to get your job done?” Then, compare answers to what IT thinks is in use. There’s always a gap and it’s probably larger than the you or the client recognize in this first conversation.
At the end, you deliver a simple AI usage map: which tools exist, who uses them, what data they touch, and how they’re authenticated. That’s your baseline.
Step 2: Design Practical AI Policies That People Will Follow
This is where most policies die—they either say “no AI ever” or “do whatever you want, just don’t get us sued.” Neither is helpful but they might be a place to start couple with a monitoring program.
Using the visibility map that you created above, you help clients define realistic policies tied to their actual tools and risk profile:
- Allowed vs restricted vs blocked
- “Allowed” tools: approved AI in M365 and certain vetted SaaS apps.
- “Restricted” tools: case‑by‑case use with controls (for example, no production data, no HR records).
- “Blocked” tools: ones that fail basic security or compliance checks.
- Data boundaries
- Clear rules about what can be fed to AI systems (e.g., public marketing content vs. customer data vs. financials).
- Reinforce existing DLP and classification policies and align them with AI usage.
- Role‑based access
- Not everyone needs every AI tool. You help create role‑specific access so finance doesn’t inherit marketing’s sloppy AI habits, and vice versa.
Here’s the key: you keep the policy short enough that business owners and managers actually read it, and practical enough that employees can follow it without needing a law degree.
The policy also needs a clear, how to get approval messaging and also shape teeth for going around it. You’re going to need to get owner/management buy in to make this happen.
Step 3: Use the Security Stack You Already Have—But Aim It at AI
The good news is, a lot of what you need is already in your stack. It just isn’t pointed at AI yet.
- Defender and automated investigation
- Turn on automated investigation and response where it’s included, and make sure AI‑related suspicious OAuth apps, unusual data access patterns, and risky sign‑ins are part of your watch list.
- Use Defender for Cloud Apps to scan the network for existing and new AI usage. Build policy around it to automate control.
- Entra ID app consent controls
- Tighten consent policies so end users cannot individually grant high‑risk permissions to new AI tools. Route those requests through IT and your AI governance process instead.
- Conditional access as a guardrail
- Use conditional access to limit which locations, devices, or roles can access high‑risk AI tools and sensitive data stores.
Now your security tools aren’t just “keeping the bad guys out.” They’re also helping you keep well‑meaning employees from accidentally creating new risk with Shadow AI.
Step 4: Turn AI Governance into a Recurring Service, Not a Project
If you treat AI governance as a one‑time project, you’ll be outdated before the ink dries. AI features are rolling out monthly across Microsoft 365 and third‑party SaaS.
Tomorrow’s MSP turns this into a recurring, predictable service:
- Quarterly AI usage reviews
- Update the AI usage map, review new tools and features, and identify drift from policy.
- Regular risk and compliance reports
- Simple, business‑friendly reports that show where AI is adding value, where it’s introducing risk, and what you’ve done about it.
- Training and coaching
- Short sessions for staff: how to use approved AI tools effectively, what not to paste into LLMs, and how to spot sketchy “AI integrations.”
- Tie‑in with your AI management package
- If you already offer an AI management package, AI governance becomes one of its pillars alongside adoption, optimization, and security.
And don’t forget about cost controls. There’s a big shift in AI pricing happening from monthly fixed pricing to usage based. Businesses aren’t used to paying for anything in the IT budget that way. Have the conversation and assist them with tracking cost control.
This is work your clients can understand and buy. It looks like every other managed service you offer—baseline, policies, monitoring, reviews—but focused entirely on AI.
The Question Every MSP Needs to Answer
In one of the recent Third Tier posts, the question was: “Is your MSP building for the next 10 years, or just squeezing more efficiency out of the last 10?”
Shadow AI is where that question stops being theoretical.
- If you stay in the “we’ll automate our ticketing and hope for the best” lane, you’re building a faster version of a business AI is already eating.
- If you move into AI visibility, governance, and risk management, you’re building the version of your MSP that your best clients are going to need as AI quietly shows up in every corner of their business.
You don’t have to become an AI research lab. You don’t have to become a developer. You do have to become the partner who can walk into a messy, AI‑filled environment, shine a light on what’s happening, and help the client use it safely and on purpose.
That’s tomorrow’s MSP.
