Steps to Microsoft 365 Copilot Extensibility with Gautam Sheth [MVP]

Stop Leaking Data: How to Run Local Llama on Your SharePoint Files

AI is transforming the way organizations work with knowledge, documents, and collaboration platforms. But as more businesses adopt AI-powered assistants and large language models, one critical question continues to surface: how can you unlock the power of AI without exposing sensitive corporate information to external services?In this episode, we explore how organizations can run Local Llama models directly against SharePoint content while maintaining full control over their data. Instead of sending confidential documents, intellectual property, customer records, and internal knowledge to cloud-hosted AI services, local AI architectures provide a powerful alternative that prioritizes privacy, governance, and security.Our discussion breaks down the practical steps required to connect locally hosted large language models with SharePoint data sources. We examine the technologies involved, the infrastructure considerations, and the trade-offs between convenience and data sovereignty. Whether you are an IT professional, Microsoft 365 administrator, security architect, or AI enthusiast, this episode provides valuable insights into building private AI solutions on top of your existing Microsoft 365 environment. UNDERSTANDING THE DATA PRIVACY CHALLENGE As organizations rush to embrace generative AI, many overlook the risks associated with sending sensitive business data to third-party platforms. Data leakage, compliance concerns, and regulatory requirements are becoming major factors in AI adoption strategies.We discuss: * Why data sovereignty matters in the age of AI * Common risks associated with public AI services * Regulatory and compliance considerations * How local AI models can reduce exposure risks WHAT IS LOCAL LLAMA? Local Llama models have emerged as one of the most exciting developments in the open-source AI ecosystem. Running AI models locally gives organizations complete ownership of both the infrastructure and the data processing pipeline.During the conversation, we explain how Local Llama works, the hardware requirements involved, and how organizations can begin experimenting with private AI deployments without massive cloud costs. CONNECTING SHAREPOINT TO PRIVATE AI SharePoint remains one of the largest repositories of enterprise knowledge. From project documentation and operational procedures to contracts and meeting notes, organizations store enormous amounts of valuable information inside Microsoft 365. Key topics include: * Indexing SharePoint content securely * Retrieval-Augmented Generation (RAG) architectures * Document embeddings and semantic search * Building intelligent chat experiences on internal data REAL-WORLD DEPLOYMENT STRATEGIES Moving from a proof of concept to production requires careful planning. We explore deployment patterns that balance performance, scalability, security, and user experience.Listeners will learn about infrastructure design, GPU considerations, storage requirements, monitoring, and operational best practices. We also discuss common implementation mistakes and how organizations can avoid them while delivering meaningful business value. THE FUTURE OF PRIVATE ENTERPRISE AI The future of enterprise AI may not belong exclusively to cloud-hosted models. As local AI technology continues to evolve, organizations are gaining more options to build intelligent systems that keep sensitive information under their control.This episode examines how private AI solutions could reshape knowledge management, enterprise search, productivity workflows, and digital workplace experiences across Microsoft 365 environments. WHY YOU SHOULD LISTEN If you're evaluating AI adoption within your organization, concerned about data privacy, or looking for practical ways to leverage SharePoint content with large language models, this episode delivers actionable insights and real-world guidance. Learn how to combine the power of modern AI with the security and governance requirements that today's businesses demand.Tune in to discover how Local Llama, SharePoint, and private AI architectures can work together to unlock organizational knowledge without compromising data security. Become a supporter of this podcast: https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365--6704921/support [https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365--6704921/support?utm_source=rss&utm_medium=rss&utm_campaign=rss].

Futureproofing Your Career in the Age of AI with Sarah Jones

Artificial Intelligence is transforming industries, redefining job roles, and forcing professionals to rethink how they build successful careers. In this episode of the M365 Podcast, Mirko Peters sits down with Sarah Jones, technology recruiter, career coach, freelancer, and community advocate, to explore what it really takes to stay relevant in an AI-driven world.With more than 20 years of experience in recruitment and career development, Sarah has helped countless professionals navigate career transitions, leadership opportunities, freelancing, and the rapidly changing technology landscape. Together, Mirko and Sarah discuss the future of work, the impact of AI on hiring, personal branding, Microsoft careers, freelancing, LinkedIn visibility, and the growing importance of human skills in a world increasingly powered by automation. UNDERSTANDING THE AI IMPACT ON CAREERS AI is creating opportunities and challenges at the same time. While organizations are investing heavily in automation, Copilot, AI agents, and intelligent workflows, professionals must adapt to remain competitive.Sarah shares why she believes AI skills are becoming essential, but also explains why communication, trust, leadership, and relationship-building are becoming even more valuable. As technology takes over repetitive tasks, the ability to work effectively with people may become one of the most important career advantages.Key discussion points include: • Why AI adoption is accelerating across every industry • The skills employers are increasingly looking for • How Microsoft Copilot and AI tools are changing workplace expectations • Why human-centered skills remain critical for long-term success THE REALITY OF RECRUITMENT AND HIRING IN 2026 Many professionals misunderstand how recruiters operate and how hiring decisions are made. Sarah offers an insider perspective on recruitment, applicant tracking systems (ATS), CV optimization, and LinkedIn visibility.The conversation explores how AI-powered recruitment tools are changing the hiring process and what candidates can do to improve their chances of standing out.Topics covered include ATS systems, keyword optimization, LinkedIn profiles, recruiter expectations, and practical strategies for improving interview opportunities. BUILDING A STRONG PERSONAL BRAND In today's competitive market, personal branding has become a powerful career asset. Whether you're seeking employment, building a consulting practice, or launching a freelance business, visibility matters.Sarah explains how professionals can build trust, establish authority, and create opportunities through consistent community engagement, speaking, content creation, and networking.The discussion includes: • Creating an authentic LinkedIn presence • Building visibility without becoming an influencer • Networking strategies that actually work • Why community participation creates long-term career opportunities THE RISE OF FREELANCING IN THE AI ERA More professionals are exploring freelancing as a way to gain flexibility, independence, and control over their careers. Sarah shares insights from her Extra Life freelancing community and explains why many successful freelancers are thriving by combining technical expertise with strong personal branding.The episode dives into the differences between contracting and freelancing, how to build a pipeline of clients, and the common mistakes new freelancers make when starting out.Listeners will learn: • When the right time is to start freelancing • How to find your niche and differentiate yourself • Why sales and marketing matter for technical professionals • How AI can help freelancers become more productive and scalable WOMEN IN TECHNOLOGY AND LEADERSHIP Sarah is passionate about supporting women in technology and helping create more diverse and inclusive communities. She discusses the challenges women still face in the technology industry and why visibility, mentorship, and representation continue to matter.The conversation also explores her Misfits Podcast, a platform dedicated to amplifying the voices of women in technology and encouraging more professionals to share their experiences and expertise. CAREER ADVICE FOR THE NEXT DECADE As organizations continue to invest in AI, automation, and digital transformation, professionals must remain adaptable and proactive. Sarah encourages listeners to continuously learn, invest in their networks, embrace new technologies, and develop skills that machines cannot easily replace.The future belongs to people who are willing to evolve, experiment, and take ownership of their career journey.If you're wondering how AI will impact your career, whether freelancing is right for you, how to improve your LinkedIn presence, or what skills will matter most in the coming years, this episode delivers practical insights and actionable advice from someone who works at the intersection of technology, recruitment, and career growth every day. CONNECT WITH SARAH JONES Learn more about Sarah Jones, her career coaching services, freelancing community, and technology initiatives through the links included with this episode. LISTEN NOW Subscribe to the M365 Podcast for more conversations with Microsoft MVPs, technology leaders, AI experts, community builders, and innovators shaping the future of Microsoft 365, Copilot, Power Platform, Dynamics 365, Azure, Identity, Security, AI, and Digital Transformation. Become a supporter of this podcast: https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365--6704921/support [https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365--6704921/support?utm_source=rss&utm_medium=rss&utm_campaign=rss].

The Architect's Guide to MCP: Building the Connectivity Layer for Microsoft AI Agents

In this episode of the M365.fm podcast, we take a deep architectural dive into one of the most important developments in the AI ecosystem: the Model Context Protocol (MCP). While much of the industry focuses on models, prompts, copilots, and reasoning capabilities, the reality is that AI agents are only as powerful as the systems they can access. MCP is rapidly emerging as the standard connectivity layer that enables Microsoft Copilot, custom AI agents, Dynamics 365, Azure services, and enterprise applications to work together through a common protocol. WHY AI AGENTS HAVE A CONNECTIVITY PROBLEM Most organizations have already invested in Microsoft Copilot, AI assistants, and agentic solutions. The challenge isn't intelligence anymore. Modern AI systems can summarize meetings, draft content, analyze data, and generate code. The real challenge begins when those agents need to interact with business systems.Enterprise environments are filled with ERP platforms, CRM systems, SharePoint sites, databases, custom applications, and line-of-business tools. Traditional APIs were designed for developers and applications, not autonomous AI agents that need to dynamically discover capabilities and execute actions without human intervention.This episode explores why the integration layer has become the biggest bottleneck in enterprise AI adoption and how MCP addresses this challenge. WHAT IS MODEL CONTEXT PROTOCOL (MCP)? Model Context Protocol, originally introduced by Anthropic, has quickly evolved into an industry-wide standard for connecting AI systems to tools, resources, and external data sources. Microsoft has embraced MCP across its ecosystem, integrating support into Copilot Studio, Dynamics 365, Azure services, Visual Studio, and its broader AI platform strategy.Unlike traditional REST APIs, MCP introduces capability discovery. AI agents can dynamically learn what tools are available, what parameters are required, and what actions can be performed. This creates a much more natural interaction model for AI systems while dramatically reducing the complexity of enterprise integrations.The discussion explains the core building blocks of MCP, including tools, resources, prompts, and sampling, and why these concepts are reshaping the way organizations design AI architectures. MICROSOFT'S MCP ECOSYSTEM Microsoft's commitment to MCP extends far beyond simple protocol support. Throughout the episode, we explore how MCP has become a foundational component of Microsoft's AI strategy.Key areas discussed include: * Microsoft Copilot Studio MCP integration * Dynamics 365 Finance and Operations MCP support * Azure-hosted MCP server architectures * Visual Studio MCP tooling * Official Microsoft C# MCP SDK development The conversation highlights how Microsoft is positioning MCP as the standard way to connect AI agents with enterprise systems at scale. BUILDING MCP SERVERS WITH C# For architects and developers, understanding how to build MCP servers is becoming a critical skill. This episode explores the official Microsoft C# SDK, server development patterns, dependency injection support, structured tool outputs, authentication considerations, and production deployment models.Listeners will gain insight into how MCP servers expose business capabilities through standardized interfaces and why this approach is far more sustainable than creating custom integrations for every AI project. STREAMABLE HTTP, AZURE, AND PRODUCTION DEPLOYMENTS Moving from local development to enterprise deployment introduces a new set of architectural considerations. The discussion examines MCP transport layers, including stdio, Server-Sent Events, and the newer Streamable HTTP model.Special attention is given to Azure deployment strategies, including: * Azure Functions * Azure Container Apps * Azure API Management * Azure Key Vault * Application Insights * Microsoft Entra integration These deployment patterns provide the foundation for secure, scalable, enterprise-grade MCP environments. WORK IQ AND ORGANIZATIONAL INTELLIGENCE One of the most exciting topics covered is Microsoft's Work IQ initiative. Work IQ acts as an intelligence layer that understands organizational context across Microsoft 365.By connecting information from SharePoint, Teams, OneDrive, Outlook, meetings, and collaboration platforms, Work IQ enables AI agents to reason using real-time organizational knowledge rather than static training data alone.The episode explores how Work IQ integrates with MCP and why contextual intelligence may become one of the most valuable capabilities in future AI architectures. AGENT-TO-AGENT COMMUNICATION AND THE FUTURE OF AI Beyond MCP, the discussion introduces the Agent-to-Agent (A2A) protocol and explains why the future of AI will likely involve networks of specialized agents collaborating together.While MCP focuses on connecting agents to tools and data, A2A focuses on enabling agents to communicate with other agents. Together, these standards form the foundation of a new generation of distributed, collaborative AI systems.Listeners will learn how Microsoft, Google, AWS, and other industry leaders are shaping this emerging ecosystem. SECURITY, GOVERNANCE, AND ENTRA AGENT ID Security remains one of the biggest concerns in enterprise AI adoption. The episode examines Microsoft's approach through Entra Agent ID, Agent 365, Conditional Access for agents, and Zero Trust principles for non-human identities.Topics include: * Agent identity management * Conditional Access policies * Agent governance frameworks * Security monitoring and auditing * Enterprise compliance considerations Understanding these concepts is essential for any organization planning to deploy AI agents at scale. THE FUTURE OF AI CONNECTIVITY The central message of this episode is simple: successful AI strategies are no longer defined solely by model quality. They are defined by connectivity.Organizations that build strong MCP foundations today will be able to deploy new agents faster, integrate systems more efficiently, reduce technical debt, and create reusable AI capabilities across their entire business landscape.MCP is rapidly becoming the "USB-C for AI"—a universal connectivity layer that enables agents, applications, data sources, and enterprise platforms to communicate through a common language.For Microsoft architects, IT leaders, developers, and AI strategists, understanding MCP is no longer optional. It is quickly becoming one of the most important architectural concepts in the modern Microsoft ecosystem. Become a supporter of this podcast: https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365--6704921/support [https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365--6704921/support?utm_source=rss&utm_medium=rss&utm_campaign=rss].

From Project Online to AI-Powered Project Delivery: The Evolution of Dynamics 365 Project Operations with Joe Griffin [MVP]

In this insightful episode of the M365 Podcast, host Mirko Peters welcomes Joe Griffin, Microsoft MVP, CEO of proMX UK, Microsoft Certified Trainer, and one of the most recognized experts in Dynamics 365 Project Operations. With more than 40 Microsoft certifications covering Dynamics 365, Power Platform, Azure, Artificial Intelligence, and the broader Microsoft Cloud ecosystem, Joe brings a unique blend of technical expertise, business leadership, and real-world implementation experience.The conversation explores one of the most important transitions currently happening in the Microsoft project management landscape: the retirement of Microsoft Project Online and the growing adoption of Dynamics 365 Project Operations. Joe explains why organizations should start preparing now, what migration paths are available, and how businesses can use this moment as an opportunity to modernize not only their technology stack but also their project delivery processes. UNDERSTANDING DYNAMICS 365 PROJECT OPERATIONS Joe provides a comprehensive overview of Dynamics 365 Project Operations and explains why it has become a strategic platform for project-based organizations. Unlike traditional project management tools that focus solely on task management and scheduling, Project Operations combines project planning, resource allocation, budgeting, financial management, time tracking, expense management, invoicing, and AI-driven insights into a single solution built on Microsoft Dataverse.The discussion highlights how organizations can gain end-to-end visibility across project lifecycles while improving resource utilization and financial performance. Joe also explains how Project Operations leverages familiar Microsoft technologies such as Planner, Power Platform, and Dataverse to create a connected and scalable project management environment. KEY TAKEAWAYS: * What Dynamics 365 Project Operations actually does * Who should consider adopting the platform * How it differs from traditional project management tools * Why professional services organizations benefit the most * The role of Dataverse and Power Platform PROJECT ONLINE RETIREMENT AND MIGRATION STRATEGIES A major focus of the episode is Microsoft's planned retirement of Project Online. Joe explains what the announcement means for existing customers and outlines the options available for organizations currently relying on Project Online for project planning and portfolio management.Drawing from real-world migration projects, Joe shares practical advice on preparing data, simplifying project structures, and avoiding common migration pitfalls. He also discusses the importance of reviewing legacy processes and using the migration as an opportunity to modernize project management practices.The conversation dives into technical considerations such as Project Desktop files, Scheduler APIs, resource mapping, testing environments, and large-scale migration automation. MIGRATION TOPICS COVERED: * Project Online retirement implications * Migration planning and assessment * Common data migration challenges * Managing complex project portfolios * Best practices for successful adoption HOW AI IS CHANGING PROJECT MANAGEMENT Artificial Intelligence is rapidly transforming business applications, and Dynamics 365 Project Operations is no exception. Joe explores how Microsoft is embedding AI across the platform and shares practical examples of AI-powered capabilities available today.One particularly interesting example is the Time Entry Agent, which can automatically generate draft timesheets based on calendars, resource assignments, and previous activities. Instead of chasing employees for timesheet submissions, organizations can leverage AI to automate much of the process while maintaining human oversight.The discussion also covers AI-generated project status reports, intelligent resource recommendations, project risk identification, and the future potential of autonomous project management capabilities. AI IN PROJECT OPERATIONS: * Automated time entry generation * AI-powered status reporting * Intelligent resource recommendations * Risk detection and forecasting * Future project management agents POWER PLATFORM AND AZURE INTEGRATION Joe explains why the real power of Dynamics 365 Project Operations comes from its integration with the wider Microsoft ecosystem. Because the platform is built on Dataverse, organizations can extend functionality using Power Apps, Power Automate, Power BI, Power Pages, and Azure services.Listeners will learn how companies can create custom project experiences, automate business processes, build advanced reporting solutions, and integrate Project Operations with external ERP systems. Joe also discusses how Azure Service Bus, Azure Functions, and modern integration architectures help organizations scale complex project environments.The episode provides valuable guidance for solution architects and technical leaders looking to design enterprise-grade project management solutions that remain scalable and maintainable over time. ARCHITECTURE AND EXTENSIBILITY TOPICS: * Power Apps customization strategies * Power Automate workflows * Power BI reporting and analytics * Azure integration patterns * Enterprise architecture best practices THE ROLE OF MICROSOFT FABRIC AND AI FOUNDRY Looking ahead, the conversation explores emerging technologies such as Microsoft Fabric and Azure AI Foundry. Joe explains how Fabric can serve as a centralized data foundation for AI initiatives by bringing together information from Dynamics 365, Power Platform, and other business systems.The discussion highlights how organizations that establish strong data foundations today will be better positioned to take advantage of future AI capabilities. Joe also shares his perspective on AI Foundry, model selection, fine-tuning opportunities, and the growing importance of enterprise-ready AI governance. Become a supporter of this podcast: https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365--6704921/support [https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365--6704921/support?utm_source=rss&utm_medium=rss&utm_campaign=rss].

Indirect Injection: The Silent Killer of Enterprise AI

Most organizations believe their biggest AI risk is hallucination. It isn't. The real threat is something far more dangerous. A vulnerability that hides inside trusted documents. A vulnerability that bypasses access controls. A vulnerability that transforms ordinary business content into executable instructions. It's called Indirect Prompt Injection. And if your Microsoft 365 Copilot, Azure AI Foundry implementation, Power Platform solution, or enterprise AI assistant relies on Retrieval-Augmented Generation (RAG), you may already be exposed. In this episode, we explore one of the fastest-growing threats in enterprise AI security and why the architecture behind modern Copilots may contain a fundamental design flaw. We examine how poisoned documents, hidden instructions, malicious metadata, and compromised knowledge bases can manipulate AI systems without ever breaching a firewall or exploiting a traditional software vulnerability. From Microsoft 365 Copilot and SharePoint to Teams, Outlook, Power Platform, Azure OpenAI, and vector databases, we explain why organizations must stop thinking about documents as passive data and start treating them as executable code. If your organization is building AI-powered solutions on proprietary enterprise data, this episode may be one of the most important security discussions you'll hear this year. THE RAG REVOLUTION THAT CHANGED EVERYTHING Retrieval-Augmented Generation transformed enterprise AI. Instead of retraining massive models on internal data, organizations simply connect AI systems to existing knowledge repositories. We explore: * Retrieval-Augmented Generation (RAG) * Microsoft 365 Copilot architecture * Microsoft Graph integration * SharePoint knowledge retrieval * Outlook and Teams context * Vector databases * Semantic search RAG solved the enterprise knowledge problem. It also created a completely new attack surface. WHY DATA IS NO LONGER JUST DATA Traditional software separates data from code. Large Language Models do not. Every piece of text retrieved from a knowledge base becomes part of the model's prompt. The AI cannot reliably distinguish: * Facts * Instructions * Policies * Commands * Metadata * Context Everything becomes tokens. Everything influences behavior. This episode explains why the phrase "Data is Code" has become one of the most important concepts in modern AI security. UNDERSTANDING INDIRECT PROMPT INJECTION Most organizations understand direct attacks. Few understand indirect ones. Direct prompt injection occurs when an attacker interacts directly with the AI system. Indirect prompt injection happens when malicious instructions are embedded inside content the AI retrieves. We examine: * Hidden instructions * Poisoned documents * Embedded commands * Context manipulation * Retrieval abuse * Prompt hijacking The attacker never talks to the AI. The document does it for them. WHY SYSTEM PROMPTS ARE NOT A FIREWALL One of the most dangerous misconceptions in enterprise AI is the belief that system prompts provide security boundaries. They don't. We discuss: * Prompt hierarchy failures * Instruction conflicts * Context competition * Attention mechanisms * System prompt limitations * Safety override scenarios Your AI's security policies are ultimately competing with every document it reads. And sometimes the documents win. THE OWASP NUMBER ONE AI SECURITY RISK Prompt injection consistently ranks as one of the most serious risks facing AI systems today. This episode explores: * OWASP GenAI Top 10 * LLM01 Prompt Injection * AI threat modeling * Enterprise AI vulnerabilities * Security community guidance * Emerging attack patterns Prompt injection isn't theoretical. It's increasingly recognized as the primary security challenge for enterprise AI deployments. POISONING THE KNOWLEDGE BASE Attackers no longer need to compromise the model. They only need to compromise the content. We examine how adversaries weaponize: * SharePoint documents * PDFs * Wiki pages * Email archives * Teams conversations * Knowledge repositories Learn how a single poisoned document can influence thousands of future Copilot interactions. HIDDEN TEXT, METADATA, AND INVISIBLE INSTRUCTIONS The most dangerous attacks aren't visible. Organizations often review documents visually. AI systems don't. We explore: * White-on-white text * Hidden paragraphs * PDF metadata * Document properties * Embedded comments * Unicode manipulation * Invisible instructions The content humans ignore may be the content the AI obeys. THE SLEEPER AGENT PROBLEM Some attacks don't activate immediately. They wait. A poisoned document can remain dormant for months before triggering under specific conditions. We discuss: * Trigger-based attacks * Delayed activation * Backdoor behavior * Conditional instructions * Query-based triggers * Long-term persistence The attack may already exist in your environment. It simply hasn't been activated yet. MICROSOFT 365 ATTACK SURFACES YOU AREN'T MONITORING Enterprise AI reads more than most organizations realize. Potential attack vectors include: * SharePoint Online * OneDrive * Teams Chats * Outlook Email * Calendar Invites * Wiki Pages * Power Platform Data Sources * Microsoft Graph Content Every repository becomes part of the AI security perimeter. Become a supporter of this podcast: https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365--6704921/support [https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365--6704921/support?utm_source=rss&utm_medium=rss&utm_campaign=rss].