In this week’s episode of the Practical 365 podcast, Paul and I get our heads together to discuss the cost of living on-premises crisis, and we take a delve into Model Context Protocol – a subject we are both close too, having built MCP tooling recently – and one that will be on your radar sooner rather than later, with the latest preview features in Copilot Studio bringing MCP to the masses. Lastky, Bastiaan and I are joined by Microsoft’s Janice Ricketts to talk about another hot topic on the radar – Entra’s Global Secure Access.
On-Premises Pricing: Is This the End of the Road?
Microsoft is increasing prices for on-premises server products, meaning more expensive SharePoint, Exchange, and even Skype for Business. On the show, we discuss the various factors that likely influence this; while making no excuses for Microsoft, we discuss that while new features are not top priority, the vastly smaller number of organizations running on-premises means that per-organization, the cost likely had to rise.
What’s Changing?
- Standalone on-premises server licenses are going up by 10% from July 2025.
- Core CAL and Enterprise CAL suites increasing by 15% and 20% respectively.
Naturally, the price increases coincide with the end of Microsoft’s end of financial year, so if you are one of the organizations looking to move to Exchange Server SE, then it’s worth seeing how this will affect you if you are in the midst of a licensing renewal.
Read more on Microsoft’s Tech Community blog post
Copilot Studio and Model Context Protocol (MCP)
Next up, we considered Copilot Studio and Model Context Protocol (MCP). Middleware feels like a dirty word, but Paul is right to call it that on the show as we break down what MCP is for those that don’t know.
The news is, in case you missed it, that Copilot Studio recently received support (in preview) for Model Context Protocol. MCP is a method developed by Anthropic for implementing an API server that acts as middleware between the LLM (Large Language Model) and data sources.
MCP is big news at the moment, with the most common use-cases being for tool-use with Claude desktop, open source tools like Open WebUI, N8N, and in Visual Studio code add-ins such as Cline. Microsoft is attempting to be ahead of the game with secure deployment options in Azure API Management, and even Paul and I have been building tooling to support this, such as my open-source Nexus API Server (which I’ll cover in an upcoming article).
For Copilot Studio, this is exciting and scary; it means in the medium term, enterprise MCP servers can be deployed for secure agent access to existing applications and data sources, with Copilot Studio agents being able to interrogate both the capabilities of MCP servers available to them, and then combine data or use context from multiple systems when performing tasks.
The big win for customers is that because MCP is a wider standard, efforts to securely deploy it or integrate it for Copilot Studio don’t result in a walled garden. Other LLMs and agent frameworks with MCP support can also utilize the same functionality.
For example, if a POC is developed in Copilot Studio that uses MCP, but is cheaper to run at scale in Azure using a different agent framework, the re-work is not only possible, but potentially a lot easier than if Copilot Studio used a proprietary data interface.
Read more about Copilot Studio’s support for MCP here
Janice Ricketts on Global Secure Access and Zero Trust
Finally, on the show, Bastiaan Verdonk and I spoke with Janice Ricketts from Microsoft to find out all about Global Secure Access and Zero Trust.
What did we learn?
- Global Secure Access (GSA) is all about simplifying network security.
- It uses Microsoft’s private global wide area network.
- It integrates with Conditional Access policies.
- You don’t need a VPN anymore! (Well, maybe not, depending on your setup).
- We talked about DLP in the context of GSA.
- There are client improvements coming, including macOS and iOS clients in public preview.
Notable in the Microsoft 365 Roadmap: Purview Controls to Secure Data with Third-Party AI Services
Microsoft Purview is getting inline protection for AI apps in Edge for Business. The aim? To prevent data leakage, stop sensitive data in prompts to apps like ChatGPT, Gemini, and others.
This is preview functionality, expected April 2025, with rollout starting September 2025, and complements existing endpoint DLP controls.
Just last week at the TEC European Roadshow, Tony Redmond recommended implementing controls to restrict this type of access, so it’s certainly a feature to keep a close eye on and consider testing in preview.
Read more in the Microsoft 365 Roadmap announcement (ID 486368)
And that’s all for this week’s show. I’ll be back with Bastiian next time for an in-depth interview with a special guest, and covering the most important Microsoft 365 news.
