Microsoft Agent 365: How to govern and secure AI agents in the enterprise

How to manage AI agents securely across the enterprise

Somewhere in your organisation someone has very likely wired up an AI agent. Maybe it drafts their emails, maybe it reconciles invoices, maybe it's quietly reaching into your CRM at two in the morning. They didn't ask IT. They didn't need to. And that's the bit that should make you just a little concerned.

For about two years now the conversation about AI at work has been all upside (productivity, Copilot, ‘just let the agent do it’). The conversation we haven't really been having is the boring one: who owns these things, what are they allowed to touch, and how would you even know if one went off the rails. The forecasts talk about 1.3 billion agents by 2028. You don't need a billion to have a governance problem, though. You need about three of them and no list of where they are.

This is the gap Microsoft Agent 365 is built to fill.

What is Microsoft agent 365 and how does it work?

Agent 365 is what Microsoft calls a ‘control plane’ for AI agents. If that phrase means nothing to you, think of air traffic control. It doesn't fly the planes. It just makes sure everything in the sky has an identity, a flight plan, and somebody watching the radar so two of them don't end up in the same bit of airspace. Agent 365 is that radar, but for agents. It sits above the agents themselves (whether they were built in Microsoft's own tools, an open-source framework, or bought in from a third party) and applies the same identity, access and security rules you already use for your people.

That last point is the whole idea, really. Microsoft's pitch is ‘manage agents the way you manage people.’ Every member of staff has an identity, a set of permissions, a manager and an audit trail. Nobody just wanders in off the street and starts touching production systems and agents, so far, have pretty much been doing the AI equivalent of that. Agent 365 gives each one a proper identity (through Microsoft Entra) so the thing becomes a managed entity rather than a black box.

Key Microsoft agent 365 features for AI agent governance

Strong AI agent governance starts with trusted data. Before you decide what an agent can access or automate, you need confidence that the data behind it is accurate, secure and governed responsibly. That foundation makes features like identity, access control and auditability far more meaningful in practice.

• It keeps a register. A single list of every agent in the business, including the ones nobody formally signed off, plus the ability to quarantine the dodgy ones so they can't reach your data or talk to other agents.
• It controls access. Each agent gets least-privilege permissions (only what it needs, nothing more) and policies that can shut a compromised one down in real time.
• It shows you the picture. A dashboard mapping which agents talk to which people, which data and which other agents, plus performance and ROI numbers so you can tell the useful ones from the expensive noise.
• It plays nicely. Agents get access to the same apps and data your people already use (Word, SharePoint, Dynamics and so on), and it works across Microsoft, open-source and partner platforms rather than locking you into one.
• It applies security. Defender watches for threats, Purview stops sensitive data leaking out, and the whole thing stays audit-ready for when compliance comes knocking.

Worth saying clearly: none of this replaces the tools you've already got. It ties Entra, Purview and Defender together and points them at agents instead of only at people.

Why AI agent governance matters for enterprise security

The honest answer is that you might not, yet. If you've got a handful of agents and a tight grip on all of them, you have a bit of time. But agent sprawl is shaping up to be the new shadow IT, and shadow IT never announced itself politely either. The reason to think about it now is simple economics: it is far cheaper to put the framework in before you have two hundred agents than to go discovering them afterwards. Anyone who's lived through a SaaS audit knows exactly how that second scenario feels.

This is also where formal AI governance frameworks matter. As organisations move from experimentation to everyday AI use, standards such as ISO 42001 help turn responsible AI from a policy statement into something measurable, auditable and repeatable across the business.

Microsoft agent 365 pricing, licensing and cost considerations

Agent 365 went generally available on 1 May 2026. As a standalone licence it lands at around £12 per user, per month, or it comes bundled into Microsoft 365 E7 (the ‘Frontier’ suite) at roughly £80 per user. The detail that catches people out: the licence is per person, not per agent. It covers each individual who manages, sponsors or uses agents, so your cost scales with your headcount, not with how many bots they decide to spin up. (Microsoft sets its headline price in US dollars and is still settling its UK list pricing, so confirm the live GBP figure through your licensing route before you build a business case on it.)

Ready to govern your AI agents with Microsoft agent 365?

If you're reading this and thinking, ‘I couldn't tell you how many AI agents we're running right now,’ you're not alone. Most organisations are still figuring out where agents are being used, what they're connected to, and whether the right controls are in place. The challenge isn't just adopting AI - it's making sure it remains secure, compliant and manageable as it scales.

Whether you're exploring Microsoft Agent 365, reviewing your AI governance strategy, or simply trying to get visibility of agent activity across your estate, OneAdvanced can help. Our experts work with organisations to assess risk, establish governance frameworks and implement the Microsoft technologies needed to support AI securely. Get in touch to discuss your AI roadmap and discover how to build a foundation for trusted, enterprise-ready AI.