There's a lot of pressure on organizations to move fast with AI. But in this episode of #shifthappens, Lior Bela, Business Director for Microsoft Intune, argues that AI readiness has less to do with AI and more to do with getting the foundation right first — and that the managed service providers (MSPs) guiding organizations there are the ones who will lead what comes next.
The conversation with Lior covers what cloud-native readiness actually means, why legacy infrastructure creates a ceiling for AI adoption, and how MSPs can move their customers from baseline security to trusted automation in a structured, repeatable process.
The Foundation AI Depends On
The way Lior sees it, AI runs on connected workloads, managed endpoints, and consistent identity and access controls, all of which must be in place before AI enters the picture. As he puts it, buying the newest Tesla or Hummer means nothing if no one has paved the road — and cloud-native infrastructure is that road. Without identity management through Entra ID, endpoint management through Intune, and security policies enforced through conditional access, AI lacks the stable, governed environment it requires to operate reliably.
Lior points out that MSPs still managing 65 different tools across their day-to-day operations are paying a clear cost: teams spend more time on maintenance rather than growth. Cloud-native isn't a marketing term. It's the operational prerequisite that allows customers and the MSPs serving them to adopt every new technology that follows, AI included.
Getting Access, Data, and Controls Right
Cloud-native is the starting point, but conditional access is the mechanism that ties it together. Lior explains that organizations need to enforce consistent policies across identity and endpoint management so that every request for access, whether from a user or a device, is gated and governed.
That means moving data to the right places: migrating local network drives to SharePoint and OneDrive, applying labels to classify what's confidential and what's shareable, and ensuring the environment is controlled across every device type — Mac, Linux, iOS, Android, and beyond. Data access comes from so many different places, and without consistent security and access controls, AI pulls from ungoverned sources, surfaces data users shouldn't see, and operates without the audit trail IT and security teams need.
Conditional access is what prevents that, and it's the layer MSPs need to help customers build before AI enters the environment.
What MSPs Are Now Expected to Deliver
Lior's main example comes when he describes how customers actually engage MSPs. They don't walk in asking for an access rights audit or a data governance review. They walk in with one statement: “I want to use AI.”
Customers focus on growing their own business — whether it's a bakery, a medical shop, or any other specialty. When they come to an MSP, they bring a goal or a problem statement and expect the MSP to have the full solution ready. They're looking for a one-stop shop, Lior explains. One phone call, one email, one message that covers everything, rather than being told one MSP handles their devices, another handles security, and another handles IT support.
MSPs that have historically focused on security operations centers (SOCs), IT support, or patch management are finding that specialization alone no longer meets customers' needs. Lior frames AI readiness as a growth opportunity disguised as a responsibility — the MSPs that can walk customers through identity, endpoints, data governance, and AI enablement in a single engagement are the ones positioned to scale.
Getting from Baseline to AI-Ready
Cloud-native infrastructure opens the door, but readiness depends on what happens next. Lior walks through the areas MSPs need to address with their customers before AI can operate reliably.
Pave the Road Before You Drive on It
Cloud-native is the starting point, not the end state. Moving workloads – patch management, identity, and security – into the Microsoft 365 ecosystem gives customers the connected data layer AI requires. The earlier MSPs help customers consolidate, the less friction they face when AI enters the picture.
Make Approved AI Easier to Use
When organizations don't offer a sanctioned AI option, employees find their own. Without a managed alternative, people turn to third-party AI tools to save time — and sensitive data moves into environments the organization doesn't control. The solution isn't to restrict AI. It's to provide a controlled, managed path so employees get the productivity gains without sending sensitive data to environments outside the organization’s control.
Validate AI Before You Automate
Lior compares the process to riding in a driverless car for the first time: the initial fear, the gradual comfort, and eventually, trust built through consistent, visible performance. Skipping straight to automation without that arc is where things break. To that end, he describes a three-tier approach to AI maturity. The first tier is baseline alignment, where endpoint management, identity, and security policies are set in place. The second is assisted automation, where AI surfaces recommendations and humans verify the output. The third is an autonomous approach, where trust has been earned through repeated validation.
Govern AI Agents Like You Govern People
AI agents operate continuously – 24/7 across systems – without the behavioral patterns that make human activity easy to monitor. Lior argues the first step is to treat them as employees from a guardrails perspective, defining what access they have, what environments they run in, what data they can reach, and what authority they hold, from edit rights down to reporting responsibilities. This includes evaluating whether agents should run in isolated environments, such as Windows 365 for agents, to protect the broader tenant while still enabling AI-driven operations.
From Sandbox to Deployment in 30 Days
Lior leaves MSPs with a practical 30-day action plan: start by learning what AI can actually do through hands-on exercises, then experiment in a sandbox environment where nothing breaks. From there, deploy on processes that are low-risk but high-impact, freeing teams to focus on higher-value work.
AI readiness has never been an AI problem. It's an infrastructure, identity, and governance problem — and the MSPs that solve it first for their customers are the ones that will define what comes next.
Soundtrack of Shift
Lior's Soundtrack of Shift, “Times Like These” by Foo Fighters, reflects how he approaches change — as something ongoing that demands openness rather than resistance. No matter what he accomplishes today, there's something new to accomplish tomorrow, and the song keeps him thinking about welcoming that shift with open hands. Explore more soundtracks shaping how leaders approach change and transformation today on Spotify.
Episode Resources
#shifthappens Research: The State of AI Report
AvePoint Research: MSP Research: Bridging the Gap Between AI Ambition and Execution
#shifthappens Insights:
#shifthappens Podcasts:
Dux Raymond Sy on LinkedIn
Lior Bela on LinkedIn
