Here’s what your IT, Security and Legal teams need to do this week
Microsoft’s new control plane for agents goes GA on 1 May. It’s the most significant Microsoft 365 release since Copilot itself – and the clock on the EU AI Act is now ticking loudly. Here’s the plain-English playbook from the team that’s been preparing customers for this since Ignite.
If you’ve been watching the agent space over the past year, you’ll have noticed a shift.
Twelve months ago, the question was whether AI agents could actually do anything useful. Today, that question has been answered – perhaps a little too well. Agents are now being created across organisations at speed. Some are carefully designed. Others are spun up in an afternoon. Many exist without clear ownership, oversight or governance.
That’s the real challenge.
And tomorrow, it changes.
On 1 May 2026, Microsoft Agent 365 becomes generally available. It introduces a single control plane for every agent in your tenant – Microsoft-built, partner-developed, Copilot Studio creations, Foundry builds, and the “shadow agents” your teams may have quietly created along the way.
This isn’t just another admin feature. It’s the foundation for managing agents at enterprise scale.
And if your organisation operates in the EU, it’s also your clearest route to aligning with the upcoming AI Act.
What Agent 365 actually does (and what it means in practice)
Microsoft positions Agent 365 around three core pillars. That’s helpful – but what matters is what those pillars mean when you’re the one responsible for risk, governance and delivery.
1. Observability – seeing what’s really there
Agent 365 gives you a complete inventory of agents across your environment. That includes not only the official, sanctioned solutions, but also the less visible ones — the experimental builds, the prototypes, and the agents created by curious employees exploring Copilot capabilities.
In our experience, this is where most organisations get their first surprise.
When we run initial baselines, it’s common to uncover three to five times more agents than expected. Many of them have access to data, tools or workflows that were never formally reviewed.
Agent 365 brings those into view through a centralised registry and visual tools like the Agent Map, which shows how agents connect, interact and perform over time.
The takeaway is simple: you can’t govern what you can’t see.
What to do this week: establish an initial Agent Registry baseline. Even a partial view is better than none – and it gives you a starting point for both governance and regulatory alignment.
2. Governance – treating agents like part of the workforce
Once you can see your agents, the next step is managing them properly.
Agent 365 introduces structured onboarding workflows, policy templates and lifecycle management controls. These draw on familiar Microsoft capabilities across Purview, Entra and SharePoint, but apply them specifically to agents.
The most effective way to think about this is through a model most organisations already understand: joiner, mover, leaver.
Each agent should have a sponsor. That sponsor is accountable for how the agent behaves, what it can access, and whether it remains appropriate over time. If the sponsor changes roles, ownership is reassigned. If an agent becomes inactive or orphaned, it is flagged or retired.
This moves agents out of the experimental space and into formal operational governance.
What to do this week: define your sponsorship model. Decide who owns agents, how they are approved, and what policies must be applied at onboarding.
3. Security – extending your existing controls to agents
Security is where Agent 365 becomes particularly significant.
With Microsoft Entra Agent ID, every agent is treated as a first-class identity. That means Conditional Access, Identity Protection and other identity-driven controls can be applied directly.
Microsoft Defender extends visibility into runtime behaviour, enabling investigation and threat hunting through the new tools gateway. At the same time, Purview introduces Inline DLP, which inspects prompts before they are processed — not just the outputs that come back.
This is an important shift. It allows organisations to prevent sensitive data exposure at the point of interaction, rather than reacting after the fact.
Combined with DSPM for AI, organisations can start to assess risk across their agent estate in a structured way.
What to do this week: review your existing Conditional Access policies and identify where they should extend to agents. Then prioritise any Copilot Studio agents that interact with regulated or sensitive data.
The EU AI Act: the part most organisations are underestimating
While Agent 365 is a major technical release, its timing is what makes it critical.
The EU AI Act becomes fully applicable on 2 August 2026. That may sound like a future problem, but from 1 May, the countdown becomes very real.
The Act introduces obligations around risk management, data governance, transparency, human oversight and post-market monitoring — particularly for high-risk AI systems. It also requires organisations to conduct a Fundamental Rights Impact Assessment (FRIA) in certain scenarios.
The penalties are significant, with fines reaching up to €15 million or 3% of global turnover for high-risk violations, and even higher for prohibited practices.
The challenge is not just meeting these requirements — it’s understanding how your existing technology maps to them.
The opportunity with Agent 365 is that many of the necessary controls are already present:
your agent registry supports record-keeping,
your Purview capabilities contribute to data governance and monitoring,
your identity controls underpin access management.
But that mapping doesn’t happen automatically.
And without it, organisations risk either duplicating effort or missing critical gaps.
Why this matters now
There is a narrow window between Agent 365 becoming available and the AI Act taking effect.
In that time, organisations need to:
understand what agents they have,
introduce governance structures,
extend security controls,
and align everything to regulatory expectations.
This is not about slowing down innovation. It’s about making sure innovation doesn’t outpace control.
Because once agents become embedded in everyday work, retrofitting governance becomes significantly harder.
How Changing Social is helping organisations prepare
We’ve been working with customers on this shift since Ignite, through our Microsoft 365 Modern Workplace Governance approach for Copilot and Agent 365.
Our focus has been on one thing: helping organisations move from experimentation to structured, enterprise-ready operations.
That includes:
establishing a clear agent baseline,
defining governance and sponsorship models,
configuring security controls across Entra, Purview and Defender,
and mapping everything to EU AI Act obligations — including FRIA.
The aim is not to add complexity, but to create clarity. To give IT, Security and Legal teams a shared view of what exists, what matters, and what needs to happen next.
One thing to do today
If you do nothing else, start a conversation.
Share this with whoever owns AI risk in your organisation. Ask a simple question:
Do we know how many agents we actually have today?
Because tomorrow, that question becomes much easier to answer.
And much more important to get right.
Share
Related Posts
Our most recent articles
07 May 2026
30 April 2026
15 April 2026
09 April 2026
