Skip to content
Scopable logoScopable
MSP

Copilot Cowork: What MSPs Should Know About Microsoft's Agentic AI Play

Scopable Team9 min read
Copilot Cowork: What MSPs Should Know About Microsoft's Agentic AI Play

Microsoft announced Copilot Cowork on March 9, 2026. If you manage M365 for clients, this is the one to pay attention to.

Not because it's impressive. Because your clients are going to start using it before they understand what it does, and you're going to get the support tickets.

What Copilot Cowork Actually Is

Cowork is not another chatbot. It's not a smarter autocomplete. It's an agentic AI feature built into Microsoft 365 Copilot that executes multi-step work on your behalf over time, in the background, without you babysitting it.

The distinction matters. Every Copilot feature before this was reactive. You asked, it answered. Cowork is different: you describe an outcome, it builds a plan, executes that plan across M365 apps, and checks in with you at decision points.

It lives inside M365 Copilot. It is not a standalone product. Clients need an active Copilot license ($30/user/month) or the new M365 E7 plan ($99/user/month, announced the same day) to access it. There is no additional charge for Cowork itself.

Right now it's in Research Preview with a limited set of customers. Broader availability comes through Microsoft's Frontier program in late March 2026.

How It Works

The core mechanic is a plan-to-action loop.

You describe the outcome you want. Cowork creates a structured plan. You review and approve the plan. Cowork executes in the background. At defined checkpoints, it pauses and asks if you want to continue or adjust. When it's done, it surfaces the output.

The background execution piece is significant. Tasks persist across devices because Cowork runs in a sandboxed cloud environment. Start something on your laptop, pick it up on your phone. The work doesn't stop when you close the lid.

What gives Cowork context is something Microsoft calls Work IQ. It's a layer that understands your emails, meetings, messages, files, and data across Outlook, Teams, Excel, and the rest of the M365 stack. When Cowork is building a meeting prep brief, it's not pulling from a generic knowledge base. It's pulling from your actual calendar history, your email threads with those specific people, your shared documents. That's what makes this different from a general-purpose AI assistant.

Four Things Cowork Can Actually Do

Microsoft showed four use cases at launch. Each one has obvious MSP implications.

Calendar management. Cowork reviews your schedule, flags conflicts, proposes reschedules, and adds focus blocks. For a client with an overstuffed executive calendar, this could be genuinely useful. It could also be a problem if Cowork reschedules a meeting your client forgot was important. AI rescheduling meetings without full context is exactly the kind of thing you'll get a call about at 8am.

Meeting prep. Given an upcoming meeting, Cowork pulls relevant emails, previous meeting notes, and shared files, then creates a briefing document, a deck, schedules prep time on the calendar, and drafts a follow-up email. All of it. In the background. The output is ready when your client opens their laptop in the morning.

Deep research. Cowork gathers earnings reports, SEC filings, analyst commentary, and third-party sources, then organizes everything with citations and outputs a summary plus a formatted Excel workbook. This is the use case financial services clients will lose their minds over. It's also the use case where data governance has to be airtight, because Cowork is reaching across systems to aggregate information.

Launch planning. You describe a product launch. Cowork builds a competitive comparison, a value proposition document, a pitch deck, and a milestone outline. Full work product from a single prompt.

These are not small things. Cowork is doing work that used to take hours.

The Anthropic Angle

Copilot Cowork is built on Anthropic's Claude technology. Specifically a version Microsoft calls Claude Cowork. This is a meaningful partnership for anyone paying attention to the enterprise AI market.

Microsoft is the largest investor in OpenAI. The fact that they're integrating Anthropic's models into Copilot is not a small thing. It signals that they're treating the underlying model as an infrastructure decision, not a loyalty pledge.

Microsoft describes Copilot as "model diverse by design." The system picks the right model for the task. OpenAI for some things. Anthropic for others. The user doesn't control this. The platform does.

For MSPs, the practical implication is simple: your clients aren't using one AI. They're using whichever AI Microsoft decided was best suited for that specific task. That's a vendor relationship you have no visibility into, but your clients are still on the hook for the outputs. You need to be ready to explain this when someone asks.

The broader signal is that enterprise AI is heading toward multi-model, best-of-breed infrastructure. Single-vendor lock-in is Microsoft's problem to manage, not the customer's. That's actually a reasonable approach. It's also one more thing to document in your client advisories.

For a broader look at where AI is creating real leverage for MSPs — beyond Microsoft's ecosystem — 5 ways AI is transforming MSPs is worth 10 minutes of your time.

Security and Governance: Get This Right Before Clients Start

This is the most important section in this article.

If you haven't already audited your clients' M365 governance posture, now is the time. The Claude Desktop governance checklist for MSPs covers the kind of AI-access review that applies directly here.

Cowork runs within M365's existing security and governance boundaries. Identity, permissions, and compliance controls apply by default. On paper, that sounds reassuring.

In practice, it means Cowork's ability to act is directly determined by how well your security configurations are set up. An AI agent acting on behalf of a user will have exactly the access that user has. If your conditional access policies are loose, Cowork inherits the looseness. If DLP rules aren't configured to cover M365 Copilot activities, Cowork isn't covered either.

Before any client tenant goes live with Cowork, MSPs should verify:

Conditional Access. Are policies enforcing MFA and compliant devices for all Copilot interactions? Cowork background tasks need to be covered, not just interactive sessions.

Data Loss Prevention. Do your DLP rules explicitly account for AI-generated content and AI-initiated file access? Most existing policies were written before agentic AI existed.

Sensitivity Labels. Cowork will access files across the M365 environment. Sensitivity labels need to be applied consistently or Cowork can surface restricted content in its outputs.

Audit Logging. Cowork activities should be visible in your audit logs. If something goes wrong, you need to know what the agent did and when it did it.

User Permissions. Review what Cowork can actually access by tracing the permissions of a typical user in that tenant. That's the blast radius if something goes sideways.

None of this is new governance work. It's governance work that already needed to be done. Cowork is the forcing function. If you're unsure where your MSP compliance liability starts and ends when AI agents are acting on behalf of client users, now is the time to get clear on that.

What This Changes for MSP Services

The support model is about to get more complicated, and most MSPs aren't ready for it.

When AI agents are autonomously rescheduling meetings, drafting emails, and generating documents, "something went wrong" is no longer a simple ticket. You need to know: Did the agent act correctly based on what it was given? Was the underlying data accurate? Did the user review the checkpoint and approve? Was the output modified by the user after Cowork created it?

Incident resolution for agent-related issues requires a new playbook. You can't just check if Outlook is running.

The good news is that this is a consulting opportunity, not just a burden.

Client education is a billable service now. Most clients who see "Cowork" in their Copilot will have no idea what it does or what it has access to. The MSPs who can walk in with a clear explanation, a governance checklist, and a setup guide will win that conversation. The MSPs who wait for the client to figure it out will get blamed for whatever goes wrong.

Governance configuration is a project. Auditing and hardening M365 for agentic AI is not a conversation. It's a scoped engagement. Price it accordingly. If you're looking to build a repeatable compliance and governance offering, Scopable's compliance services are designed to make that kind of work systematic.

Ongoing monitoring is a service. If Cowork is acting on behalf of your client's users, you should be reviewing those activities as part of your managed services offering. Build it into the stack.

Training and onboarding has a new chapter. Every new-user onboarding process needs a module on what Cowork is, what it can do, and how to review its work before acting on it.

Timeline and Where Things Stand

Research Preview is live now with limited availability. Broader rollout happens through the Microsoft 365 Copilot Frontier program in late March 2026.

If you're not already enrolled in Frontier, you should be. Testing Cowork in your own tenant before your clients start using it is the minimum responsible move. You need to understand how the plan-to-action loop behaves, what the checkpoints look like, and what happens when you reject a step or ask it to start over.

You don't want to be learning this on a client call.

Clients on standard M365 Copilot ($30/user/month) will get Cowork access as part of their existing license. No new contract required. That means adoption could happen faster than you expect, especially with clients who are already enthusiastic about Copilot.

TLDR: Copilot Cowork is real agentic AI inside M365. It's not a chatbot upgrade. It executes multi-step work in the background using your clients' actual data. It's included in existing Copilot licenses. It goes broader in late March. Your clients will start using it before they understand it. Get into your own tenant now, audit your governance configs, and build the client education package. That's the play.

Ready to stop guessing?

Scopable automates quoting, roadmaps, and QBRs for MSPs. Join the alpha and help shape the platform you actually want.

Quote Your Next Project In Minutes

Get MSP insights weekly

No spam. Unsubscribe anytime.

Keep reading

🖥️MSPMarch 27, 2026

MSP Quoting Software Comparison: What Works in 2026?

MSP quoting software comparison for 2026 with real pricing, integration tradeoffs, and migration steps. Read this before switching tools.

🖥️MSPMarch 26, 2026

5 Signs It's Time to Replace ConnectWise Sell

Still using ConnectWise Sell? Here are 5 signs your MSP has outgrown it, and what to look for in a replacement that actually fits how you work.

🖥️MSPMarch 19, 2026

Your Client Wants Claude Co-Work. Use This Governance Checklist First.

Most MSPs are asking the wrong question about AI. Not 'should we allow Claude?' but 'under what controls do we allow it?' Here is the practical governance framework.