XMA Logo

XMA Store

Search
X-twitter Linkedin Youtube
XMA Logo
Home » Corporate

Archive

AI Without the Overhead: A Practical Path to Modernising Your Workplace with AMD and Windows 11 Pro

The Reality of AI for IT Teams 

The requirement to deliver AI capabilities at scale is now an immediate, critical standard for public sector IT leaders. Whether you are managing local government, the NHS, or education departments, you are tasked with adopting AI tools to drive operational efficiency while acting as a front-line defender against an escalating wave of cyberthreats.  

For organisations handling sensitive citizen data and navigating strict regulatory landscapes, maintaining a robust and compliant security posture is a non-negotiable requirement. You must modernise your technology stack within highly structured procurement frameworks, such as the Crown Commercial Service (CCS) or G-Cloud, ensuring every investment demonstrates clear value-for-money and adheres to stringent data security protocols.  

However, for most IT departments, this aim brings significant challenges: 

  • The Resource Gap: IT decision-makers are currently operating at the intersection of modernisation demands and strict cost containment. 
  • The Security Paradox: Modernising the technology stack is urgent, yet it often conflicts with a workforce already operating at full capacity. 
  • Infrastructure Strain: Moving every AI task to the cloud creates latency issues and unpredictable costs that many UK businesses prefer to avoid. 

At XMA, we understand that modernisation should not result in complication. By combining Windows 11 Pro with AMD Ryzen™ processors, we provide a pragmatic way to meet these demands. 

 

How AMD Supports AI-Ready Workplaces 

AMD is shifting how AI is handled by moving the heavy lifting from the cloud directly onto the device. This is achieved through integrated AI acceleration built into the hardware. Windows 11 Pro devices featuring these advanced AI capabilities are ready for immediate use, allowing for integrated management and an intuitive experience. 

  • On-Device Processing: Processing AI workloads locally on the device leads to superior performance and efficiency. 
  • Time Savings: Organisations using these modern AI-ready PCs expect time savings of up to five hours per employee each week [1]. 
  • All-Day Productivity: Modern hardware allows for up to 22 hours of streaming battery life [2], keeping teams productive outside the office. 
  • Data Privacy: Keeping data on the device rather than sending it to external cloud servers helps maintain data sovereignty, a critical requirement for BFSI and Public Sector organisations. 

 

Security Benefits for Modern Windows Environments 

Security is a foundational requirement, not an optional add-on. AMD Ryzen™ processors provide multiple layers of protection that align with the “secure by design and secure by default” philosophy of Windows 11 Pro. 

  • Quantifiable Protection: Organisations have reported a 62% drop in security incidents after moving to Windows 11 Pro devices [3]. 
  • Silicon-Level Defence: The Microsoft Pluton security processor is integrated into the CPU, providing a hardware-based root of trust that is updated via Windows Update for long-term resilience. 
  • Targeted Threat Reduction: Hardware and software working in harmony have contributed to a 3X reported reduction in firmware attacks3 and 2.9X fewer identity theft incidents [3]. 
  • Compliance Ready: These protections allow organisations to meet stringent regulatory standards, such as Cyber Essentials Plus or NIS2, without requiring complex third-party software layers. 

 

Reducing the Operational Strain on IT Departments 

The goal of any technology rollout should be to simplify, not disrupt. The AMD and Windows ecosystem is designed to reduce the “firefighting” often associated with new tech adoption. 

  1. Faster Onboarding: Using Windows Autopilot allows for zero-touch deployment, which speeds up onboarding and helps ensure consistent compliance across all devices. 
  1. Unparalleled Efficiency: IT teams anticipate a 10%–50% reduction in help-desk efforts due to faster provisioning and smarter content discovery [1]. 
  1. Reduced Management Time: Proactive diagnostics and improved reliability lead to a projected 30% reduction in device management time [1]. 
  1. Operational Resilience: Tools like Configuration Refresh automatically revert unauthorised security changes, maintaining your compliance posture without manual intervention. 

 

The Outcome: A Secure, Practical Path to AI Adoption 

Modernising your workplace with AMD and Windows 11 Pro provides a path to innovation that does not compromise control. You gain 50% faster workflows and collaboration on average, allowing your team to focus on strategic growth rather than technical debt [4]. 

Visit the New Business For Work Landing Page

Footnotes 

  1. New Tech: The Projected Total Economic Impact Of Microsoft Copilot+ PCs.Microsoft-commissioned study by Forrester Consulting, July 2025. Projected benefits for a single composite organization that has US$1 billion annual revenue and 2,000 employees with 80% using Copilot+ PCs. In comparison to a mixed environment of conventional Windows 11 and Windows 10 PCs. 
  1. Battery life varies significantly by device and with settings, usage, and other factors. See Windows Performance Lab. 
  1. Windows 11 Survey Report. Techaisle LLC, September 2024. Commissioned by Microsoft. Windows 11 results are in comparison with Windows 10 devices. 
  1. Results in comparison to Windows 10 PCs. Improve your day-to-day experience with Windows 11 Pro laptops, Principled Technologies, April 2023. Report commissioned by Microsoft.

Why Your Supply Chain is Your New Security Perimeter

Picture of Scott Wright

Scott Wright

Scott is XMA’s Head of Pre-Sales. An IT industry greybeard, he believes strongly that proper planning & preparation prevents disasters waiting to happen.

In my role heading up the Pre-Sales team here at XMA, I spend a lot of time looking at the “big picture” of IT security for our public sector clients. One trend is becoming impossible to ignore: the shift from internal network security to the complex, often opaque world of supply chain risk.

Historically, we focused on “locking the front door” of the organisation. But today, your operational resilience is only as strong as the least secure vendor in your ecosystem.

 

The Government’s Clear Signal on Supply Chain Risk

The UK government isn’t just suggesting we take this seriously, they are providing a direct mandate. The official guidance on tackling security risk in government supply chains identifies third-party vulnerabilities as a primary threat to national infrastructure.

For public sector bodies (from local authorities to the NHS) the message is clear: you are responsible for the security of the data you handle, regardless of which third party is processing or storing it.

 

The Evolution: From Cyber Essentials Plus to NIS

Most of you have (hopefully) already achieved Cyber Essentials Plus (CSE+). That is a vital baseline, but it is no longer the finish line. The government is now pushing for public sector verticals to align with the Network and Information Systems (NIS) Regulations.

Moving toward NIS compliance requires a move away from “point-in-time” security. You can’t just check a box once a year. You need:

  • Complete Visibility: A clear map of every entity that has access to your network or data.
  • Continuous Assessment: A way to monitor the security posture of your suppliers in real-time.
  • Proactive Mitigation: The ability to identify a supplier’s weakness before it becomes your breach.

 

The Legislative Hammer is Coming

We are tracking pending legislation that will make supply chain risk management mandatory for several public sector verticals. Far from just avoiding a fine, it centres around maintaining your ability to operate. Non-compliance could lead to exclusion from critical procurement frameworks like G-Cloud or the Crown Commercial Service (CCS).

 

How XMA and Risk Ledger Solve the Complexity Problem

Managing this manually via spreadsheets is a recipe for failure. It’s slow, inaccurate, and data is out of date the moment it’s saved.

XMA utilises partners such as Risk Ledger to replace that manual headache with a professionalised, automated platform. Instead of chasing suppliers for audits, Risk Ledger provides a “social network” of security data.

  • Defensible Compliance: We provide the evidence and data needed to prove your due diligence to auditors and your board.
  • Reduced Overhead: Automating the assessment process frees up your internal IT team to focus on strategic projects.
  • Real-Time Alerts: If a supplier’s security status changes, you know immediately – allowing you to take action before a risk turns into a crisis.

 

Let’s Secure Your Chain

Security is about resilience. In the public sector, it’s also about public trust. At XMA, we’re not interested in selling you products, we work with you to implement a compliant, scalable framework that protects your organisation and the citizens you serve.

Navigating the Memory Price Surge: Stability in a Volatile Market

The global IT hardware market is currently facing significant headwinds. With DRAM contract prices almost doubling in early 2026, organisations across the UK are re-evaluating their device procurement and refresh strategies.

To understand how XMA is helping customers maintain stability during this period of volatility, we sat down with our Commercial Director, Paul Hamilton. Paul shares insights into how we use our Tier-1 partnerships and UK-based logistics to provide certainty for Enterprise and Public Sector (CPS) organisations.

How XMA Is Supporting Enterprise and CPS Customers Amid Rising DRAM Costs

Paul Hamilton: “With DRAM contract prices almost doubling in early 2026, many organisations are understandably concerned about the impact on their device procurement and refresh strategies. At XMA, we are taking proactive and measurable steps to help our customers maintain stability, predictability and value during this period of market volatility.”

  • Strategic Engagement at Executive Level: “We are in active, ongoing C‑suite dialogue with the world’s largest PC manufacturers. These direct relationships ensure we have early visibility of market movements, production constraints and forthcoming allocation changes enabling us to advocate for our customers at the highest level.”
  • Tri‑Party Engagement for Transparency: “Where appropriate, we facilitate tri‑party conversations between customers and our tier 1 vendors. This gives organisations a clear, unfiltered view of the vendor’s position, supply outlook and pricing dynamics. It ensures decisions are informed by real time insights rather than assumptions or market noise.”

     

  • Maximising the Channel Ecosystem: “XMA works across the breadth of the channel ecosystem to secure the best possible availability and inventory positions for our customers. By leveraging our scale, partner status and long standing relationships, we ensure our customers benefit from priority access to the latest stock positions and market intelligence.”
  • Secured, Ring‑Fenced Inventory: “For strategic partner accounts, we are already securing and ring‑fencing dedicated inventory in advance. This provides our customers with more predictable planning cycles, reduced exposure to sudden price spikes and assurance that the devices they require will be available when they need them.”

Budget Resilience: Evidence-Based Advice for IT Directors

For IT Directors managing multi-year refresh cycles, what evidence-based advice are we giving to help them demonstrate the ROI of proceeding with upgrades now versus waiting for a price reversal that analysts suggest is unlikely before 2027?

Paul Hamilton: “This discussion extends beyond immediate cost pressures and moves into a broader strategic assessment of organisational resilience and value creation. While rising component prices will influence deployment budgets, the wider geopolitical landscape spanning security threats, productivity demands, and ongoing supply chain volatility means that delaying refresh cycles often introduces greater operational and financial risk.”

“To support IT Directors in demonstrating clear, evidence‑based ROI, XMA partners with customers through structured innovation workshops. These sessions provide up‑to‑date insight on advancements in security, AI‑driven productivity, endpoint performance, and professional services.”

Supply Chain Agility: Strengthening UK Logistics

What specific changes have we made to our UK-based fulfilment and logistics operations to ensure we can still meet “just-in-time” delivery requirements despite global component shortages?

Paul Hamilton: “XMA has taken a series of proactive steps to strengthen our UK‑based fulfilment and logistics operations, ensuring we can continue to meet “just‑in‑time” delivery expectations despite global component shortages.”

“We have worked closely with our Tier 1 vendors to analyse market demand patterns, forecast volatility, and secure forward‑looking inventory positions within our UK logistics facility. By committing to early allocation and ring‑fenced stock, we can protect customers from both sudden availability constraints and unpredictable price fluctuations.”

“In practical terms, this operational model allows us to:

  • Hold dedicated inventory locally, enabling reliable next‑day delivery across the UK.

     

  • Reduce the impact of global supply chain disruption, thanks to pre-secured and strategically stored stock.

     

  • Provide greater pricing stability, insulating customers from short-term spikes driven by component scarcity.

     

  • Streamline fulfilment workflows, ensuring devices can be configured, kitted and dispatched rapidly from within the UK.

     

  • Strengthen vendor collaboration, giving us early visibility of constraints and enabling smarter sourcing decisions.”

What Does This Mean For Our Customers?

Navigating market volatility requires more than just reactive purchasing, it demands a partner with the scale and relationships to provide stability. By prioritising forward-looking inventory and direct vendor engagement, XMA ensures your technology roadmaps remain on track despite global component pressures.

Get in touch with your XMA account manager to discuss your upcoming IT projects, or contact us directly at enquiries@xma.co.uk to learn how we can protect your hardware budget.

The AI Capability Gap: Why Procuring Hardware Is Not a Strategy

Picture of Andrew Downes

Andrew Downes

With broad expertise of both Corporate and Public Sector challenges, Andrew specialises in translating complex technology concepts—from Datacentre and Cloud to Cyber Security and AI—into clear, services-led solutions that differentiate the business and deliver genuine value to the customer.

Artificial Intelligence represents a major wave of technological investment, with 68% of UK enterprises either implementing or planning to implement AI solutions. To meet this demand, the strategies and partner programs of major vendors are heavily influencing the market. 

We are seeing a massive shift in infrastructure design across the entire technology stack. Key players like Microsoft, AWS, and Google are embedding complex AI services directly into their cloud environments. For on-premises and hybrid requirements, vendors such as Cisco, HPE, and Dell are releasing infrastructure explicitly built to handle intense AI compute and data storage workloads. Simultaneously, cybersecurity leaders like Fortinet, Sophos, and Palo Alto Networks are adapting their tools to secure these new, rapidly expanding environments. 

However, this rush to adopt has created a significant capability gap. Procuring an AI-optimised Dell server, or provisioning advanced machine learning environments within AWS, is a transaction. It is not a strategy. When organisations treat AI as a simple hardware or software upgrade, high-performance systems sit underutilised, integration with legacy systems causes disruption, and a lack of proper governance increases operational risk. 

To achieve a measurable return on investment (ROI) and optimise your total cost of ownership (TCO), you need more than capable technology, you need the practical expertise to apply it effectively. 

 

Bridging the Gap Between Procurement and Performance 

At XMA, our approach is built on practical understanding. We know that buying the equipment is the easiest part of the process. True operational resilience is established in the post-implementation phase, through rigorous integration, training, and ongoing management. 

Here is how we ensure your organisation gets the most out of its infrastructure investments once the hardware is delivered: 

  • Strategic Integration and Configuration: AI infrastructure rarely exists in a vacuum. Whether you are deploying HPE servers or Cisco networking gear, we ensure your new hardware communicates securely and reliably with your existing legacy systems. We handle the complex configuration required to optimise data flow and prevent operational bottlenecks. 
  • Governance and Risk Mitigation: Advanced AI capabilities require access to vast amounts of corporate data, which expands your attack surface. We work with our security partners to implement strict identity management and access controls directly into your infrastructure, ensuring you maintain compliance and mitigate security risks. 
  • Targeted Workforce Training: The most capable infrastructure is a wasted investment if your team does not know how to operate it safely. We provide targeted training programs that give your IT staff the specific skills required to manage, monitor, and maintain your new AI environments, reducing human error. 
  • Proactive Managed Services: To free your internal team from day-to-day firefighting and allow them to focus on strategy, we provide proactive managed IT services. We monitor your infrastructure to identify and fix issues before they cause costly downtime, ensuring long-term stability. 

 

Focus on Business Outcomes 

Technology is a tool that requires an expert hand to deliver results. Simply buying equipment with AI capabilities does not solve business problems. 

XMA provides reliable, secure, and affordable managed IT services. We help you modernise infrastructure, scale IT securely, and prove the value of IT to your board. We work with you to ensure your technology investments are fully integrated, properly governed, and actively driving business value. 

Contact us at enquiries@xma.co.uk or talk to your XMA Account Manager about our full range of infrastructure capabilities.

Beyond the Hype: How HP and AMD are Delivering Practical AI and Security for UK Businesses

Today’s workplace demands constant adaptation. Hybrid work models require flexibility, security threats are more sophisticated than ever, and the arrival of Artificial Intelligence (AI) is shifting from a future concept to a daily productivity tool. 

Your organisation’s devices are the critical link in navigating these challenges. Sub-par hardware can lead to security vulnerabilities, poor performance in critical applications, and a frustrating experience for your staff. 

This is why we are taking a close look at the new generation of HP EliteBook laptops. Advanced by AMD processors, these devices are built to provide a practical, high-performance, and secure foundation for both public and private sector organisations. 

 

The AMD Processor: A Practical AI Engine 

Several of these new devices are “Next Gen AI PCs.” It means the AMD processors inside include a dedicated Neural Processing Unit (NPU)

In simple terms, an NPU is specialist hardware designed to run AI tasks efficiently. 

  • Instead of: Using the main processor (CPU) or graphics card (GPU) for an AI-driven task (like real-time background blur during a video call or running a local AI assistant). 
  • The NPU handles it: This frees up the CPU and GPU for the work you are actually trying to do. 

What this means for your business:  

  • Better Performance: Applications remain fast and responsive, even during demanding video conferences or when using new AI tools. 
  • Longer Battery Life: The NPU is highly efficient, drawing less power for these common tasks, which is critical for hybrid and mobile workers. 
  • Improved Security: By processing more AI tasks locally (right on the laptop) less sensitive data needs to be sent to the cloud, reducing your attack surface. 

 

Security: A Resilient Foundation 

For any IT leader, security is non-negotiable. For a business owner, a breach is a critical risk. The HP EliteBook series addresses this directly with a multi-layered security approach. 

Models like the HP EliteBook 8 G1a feature HP Wolf Pro Security. Far from being just antivirus software, it is a resilient, hardware-enforced security solution. It provides: 

  • Self-Healing BIOS: Can automatically recover from a firmware attack. 
  • Hardware-Based Isolation: Traps malware in a virtual container to prevent it from infecting the rest of the PC. 
  • Phishing Protection: Helps defend against credential theft from malicious websites. 

This provides the operational resilience required by enterprise and public sector organisations and the “peace of mind” that small business owners need to focus on their work. 

 

A Device for Every Role 

This new HP and AMD lineup provides choice, allowing you to standardise on a secure platform while equipping different users with the right tool for their job. 

  • HP EliteBook 8 G1a 14″ Notebook: This is the premium option for executives and mobile professionals who need top-tier security and AI performance in a portable format. Powered by the AMD Ryzen™ PRO processor, it utilises a dedicated NPU to manage AI workloads locally to extend battery life, while delivering silicon-level security features that mitigate firmware attacks and protect sensitive corporate data. 
  • HP EliteBook 6 G1a/G1ah 14″ Notebooks: These are the versatile workhorses of the fleet. They balance portability with robust performance, including options with the latest AMD Ryzen™ 5 processors and AI capabilities. 
  • HP EliteBook 6 G1ah 16″ Notebook: Ideal for users who need more screen real estate, such as finance teams, data analysts, or developers. It provides the same enterprise-grade features and AMD power on a larger display. 

 

The XMA View: Beyond the Box 

Choosing the right hardware is the first step. Integrating it successfully into your environment is the next. 

As a HP Amplify Power Partner, XMA helps organisations procure, configure, deploy, and manage HP devices at scale. Our specialists understand the specific compliance and security needs of public sector bodies and the efficiency and reliability drivers for private enterprises. 

We provide the tools and services to ensure your new HP devices deliver real business value from day one. 

 

Ready to build a more secure and productive hardware fleet? Contact your XMA Manager today or email enquiries@xma.co.uk to discuss your requirements 

Walking the Walk: XMA’s End-Of-Year Community Impact

At XMA, it’s important to show up for the people and places around us. This quarter, we wanted to see how much practical good we could do, both through our daily habits and specific fundraising events. 

Here is what happens when you turn good intentions into action. 

 

£8,000 via YuLife 

How far can a walk around the block really go? As it turns out, quite a long way. 

We use the YuLife app to track our wellness activity. But rather than just counting steps, we converted that activity into currency. By simply moving more and banking mindfulness minutes, our team generated a total of £8,000 in donations. 

We split this evenly across four causes that deal with the essentials of life: water, food, and the environment. 

  • £2,000 for Big Blue Ocean Cleanup: Removing plastic from our seas. 
  • £2,000 for Clean Water for Families: Because safe drinking water shouldn’t be a luxury. 
  • £2,000 for Planting Trees: Restoring habitats and capturing carbon. 
  • £2,000 for Share The Meal: Providing food to children in urgent need. 

 

£325 for Macmillan Cancer Research 

In November, we proved that you can fight cancer with coffee and cake. We hosted our very own Macmillan Coffee Morning, where our teams baked, bought, and ate their way to a £325 total. 

It sounds simple, but that money pays for Macmillan nurses to support families facing their toughest days. 

 

Service Desk Style Statements: Over £100 for Children in Need & RSPCA 

Our Service Desk team is usually focused on technical fixes, but this quarter they focused on fashion crimes for a good cause. 

They traded their usual office wear for a Pyjama Day, raising £60 for Children in Need. Not content with just one wardrobe change, they also hosted a “What a Load of Shirt” Day, raising a further £42 for the RSPCA with tacky and loud shirts! It proves that you don’t need to take yourself seriously to make a difference. 

 

Our XMA Charity Raffle: Over £2,000 for Local Support 

We rounded off a fantastic November with our XMA Company Raffle and Fun Day, raising £2,045 to be split between two vital organisations in Scotland: CEA (Committed to Ending Abuse) and River Kids

These charities do heavy lifting in our Scottish community, whether it’s helping victims of abuse rebuild their lives or supplying toys and essentials to disadvantaged families. We are proud to back them with the funds they need to keep operating. XMA matched staff donations, which provided an additional £1,000 to each charity! 

Find out more about CEA: Home – CEA – Committed to Ending Abuse 

Find out more about River Kids: https://www.riverkids.org.uk  

 

The XMA Giving Tree: Delivering for KidsOut 

Christmas is supposed to be magical, but for children living in refuge after escaping domestic violence, it can be incredibly difficult. 

Through the KidsOut Giving Tree initiative, our employees bought and donated gifts and necessities to be distributed this Christmas. The total items donated is in excess of 200. It’s a small gesture that ensures a child has a gift to open on Christmas morning. 

Find out more about KidsOut: KidsOut – The Fun & Happiness Charity 

 

Thank you to everyone at XMA who walked, baked, bought raffle tickets, or donated a gift. Here’s to doing even more in 2026! 

Practicing What We Preach: A Candid Q&A on Cyber Resilience with XMA’s Head of IT Security & Compliance

In the IT channel, it is easy to talk about security in the abstract. But at XMA, we don’t just recommend security architectures, we live them. As a major IT solutions provider managing critical infrastructure for UK government bodies and large enterprises, we also must be on top of our cyber resilience.  

To be a true strategic Technology Partner, we must practice what we preach. We sat down with Charlotte King, XMA Group’s Head of IT Security & Compliance, to discuss the reality of defending a modern organisation. From the rise of AI-driven phishing to the dangers of the “silver bullet” mindset, here is the view from the inside. 

 

Section 1: The View from the Inside 

Q: As Head of InfoSec for a major IT solutions provider, you see a broad spectrum of threats. Moving beyond the buzzwords, what are the specific, high-risk trends keeping you up at night right now? 

Charlotte King: Firstly, our prevention controls – are they actually working? It’s not enough to have shiny tools, we need to constantly test and tune them to keep attackers out. This is not a “one and done” exercise. It keeps us on our toes every single day. 

Supply chain attacks are a real headache, and we have seen several big ones this year. We rely on suppliers for hardware and software, so if they’re compromised, so are we, and this affects our valued customers. Downtime or breaches in the supply chain can ripple right through our environment and soon become the critical task of the day. 

Phishing is relentless. Email remains a favourite attack vector, and the sophistication of these attacks is only increasing with AI. Finally, our staff – are we doing enough to train and support them? Are our technical teams prepared and well enough resourced to cope with the “business as usual” work and then the swerve balls that can come from suppliers, customers, or our industry partners? 

 

Q: We manage critical infrastructure for customers across the UK, including government bodies. How do we approach our own security to ensure we remain resilient against supply chain attacks? 

CK: We do a vast number of things to help with this. We certify and align to recognised security standards and frameworks. You can’t be an IT company these days without having these external validations of your policies and controls. We have just completed the re-cert for ISO 27001:2022 and have Cyber Essentials Plus next week. 

The audit cycle helps us to be continuously aware of possible weaknesses so we can fix and strengthen them. For us, security isn’t static, it’s not a goal or a destination, it’s our everyday. We’re always assessing our people, processes, and technology, reviewing how we can make it better, stronger, more resilient or efficient. We look at how these multiple layers of security can ensure that if one fails, others stand in the way. 

We have recently made big improvements to our supply chain onboarding. We don’t just trust our suppliers blindly, we vet them thoroughly. 

 

Section 2: The Human Firewall 

Q: Technology is only half the battle. How do you approach security culture at XMA to ensure staff are an active line of defence rather than a vulnerability? 

CK: Technology and processes are only half the battle. We have all sorts of people here at XMA, from technical teams to sales, and the usual back-office support staff too. We have robust staff security training, and we run ongoing simulated phishing campaigns and monthly bulletins to help keep security in everyone’s mind. 

This month our bulletin was for Black Friday and Christmas scams, helping keep our staff safe in and outside of work. I would like to think we also have an approachable security and compliance team. We make it easy for staff to ask questions and report issues. We are also looking at a Security Champions programme to help further embed security advocates in every department. 

 

Q: Phishing remains a primary trigger for security breaches. With the rise of AI-generated content, attacks are becoming harder to spot. What specific “tells” should organisations teach their staff to look for in 2026? 

CK: You’re right, and in fact, AI is making it easier for attackers to craft convincing messages. As a business, we have a strong online presence, so finding who works here isn’t difficult. So, it comes down to our staff to be careful with emails, whilst knowing much of it will be caught by our tools and filters. 

Check URLs and domains carefully. Hover before you click! Watch for odd language or tone. AI can mimic, but it’s not always colloquially perfect. Scam psychology is to provide a sense of Scarcity, Urgency, Authority, or FOMO (Fear Of Missing Out). If the email has that, you don’t recognise the sender, or it seems a bit off, use the easy reporting mechanisms we have at XMA which make it simple for staff to flag suspicious emails. 

 

Q: With the ease of using AI tools, Shadow IT is a growing governance nightmare. How can IT Directors and business owners identify unapproved applications without halting productivity? 

CK: This is always a balance: to permit staff to access tools or applications that allow them to innovate, whilst being secure and well-governed. We publish a clear applications catalogue for staff to use as a first point of call. 

If the application we already have doesn’t meet their needs, we make it easy for staff to find and request approved tools, which then goes through a due diligence process. This allows some flexibility for niche needs whilst meeting security standards. Admin rights are locked down so staff can’t install software without authorisation. 

 

Q: Many organisations have security policies that sit in a drawer and are rarely read. How can businesses create policies that employees actually follow, rather than work around? 

CK: At XMA we have one clear, concise user agreement, signed annually. Keeping it short, simple, and in plain language means staff are more likely to engage with it. We track compliance of this overarching policy, and it forms a key part of our security foundation. Generally, if a workflow is built into technology (perhaps the triage of a suspicious email) that’s better than a dusty process document. 

 

Section 3: Our Vendor-Agnostic Take 

Q: Vendors often promise a single tool will solve all security problems. Why is this mindset dangerous, and what is the reality of building a layered defence? 

CK: Every department has different needs. What works for procurement might not work for sales, so you have to create a layered defence to protect all systems, people, and physical assets. Single tools can fail. Relying on one solution is risky and not resilient. 

Layered defence is key. Using specialist tools that work together, supporting your people and processes, means you can protect your business even if one security system stops working. We’ve seen big security vendors hit by ransomware, configuration changes impacting uptime, and global hyperscalers suffering significant downtime. No security vendor is immune to some kind of failure, so we need to spread our bets insightfully across tools and technology to keep the wheels of commerce turning for our stakeholders. 

 

Q: If a customer (whether an SMB owner or a Public Sector compliance officer) could make one immediate change today to improve their security posture, what should it be? 

CK: Enable Multi-Factor Authentication (MFA) everywhere you can. It’s one of the simplest, most effective ways to block attackers. This is for all areas: social media, work applications, shopping portals. Call out suppliers that don’t have MFA on their applications. Oh, and mandate a corporate password manager too. 

 

 

Need a Strategic Partner who understands the reality of cyber threats? 

At XMA, we don’t just sell technology, we use it to secure our own business every day. Contact your XMA Account Manager or talk to us at enquiries@xma.co.uk to discuss how we can help you build a resilient, layered defence. 

Beyond the Patch: Why ESU Is a Stopgap, Not a Strategy for AI and Security

The Windows 10 End of Support deadline has passed. Many organisations have opted for Extended Security Updates (ESU) to buy time. While this maintains compliance in the short term, it is not a long-term solution.

Paying for ESU is effectively an investment in a dead-end platform. It keeps the lights on, but it does not deliver new value. More importantly, maintaining a legacy fleet actively blocks your organisation from leveraging the two biggest drivers of modern IT value: Artificial Intelligence and hardware-backed security.

Here is why shifting your budget from ESU to a Windows 11 migration is the only viable choice for 2025 and onwards.

The AI Hardware Gap

The UK market is moving quickly. Research indicates that 68% of UK enterprises are implementing or planning to implement AI solutions this year.1 However, software is only half the equation.

Effective AI deployment requires modern hardware. Legacy devices running Windows 10 typically lack the Neural Processing Units (NPUs) necessary to run AI workloads locally and efficiently. By keeping these older devices in circulation, you create a performance ceiling for your workforce.

You cannot run modern, intelligent tools on outdated infrastructure. Migrating to Windows 11 allows you to deploy devices capable of handling the computational demands of the next five years.

Software Patches vs. Hardware Security

ESU provides critical security patches, but it does not address the fundamental architectural weaknesses of a legacy OS.

Modern security threats attack the hardware and firmware layers, not just the software. Windows 11 introduces mandatory hardware-backed security requirements (such as TPM 2.0 and strictly enforced code integrity) that Windows 10 devices simply cannot support.

Relying on ESU leaves your attack surface dangerously large. For any IT leader tasked with ensuring operational resilience, relying solely on software patching is an unmanaged risk.

Move from Reactive Costs to Proactive Investment

Every pound spent on ESU is a reactive cost. It prevents failure but does not improve performance.

That same budget should fund proactive investments in technology that improves productivity. By moving to Windows 11 now, you stop funding obsolescence and start building a platform that supports your business goals.

How XMA Can Help

We understand that migration is a complex logistical challenge. XMA provides a clear, cost-effective path forward.

  • Audit & Assess: We identify which devices in your fleet are blocking AI adoption and creating security risks.
  • Deploy: We manage the rollout of secure-by-design Windows 11 devices.
  • Manage Costs: Our leasing options allow you to equip your team with modern technology for a predictable monthly cost, avoiding large upfront capital expenses.

Don’t let legacy hardware dictate your strategy. Contact XMA today at enquries@xma.co.uk to plan your migration.

[1] UK Artificial Intelligence (AI) Statistics And Trends In 2025 – Forbes Advisor UK

Android Desktop: How does Security and Management Change with Phones as Primary Devices?

This is the fourth in a series of blog posts exploring Android Desktop. Our Head of Pre-Sales, Scott Wright, will be looking at the current state of Android Desktop, following its improvement as release approaches, examining use cases, looking at essential apps & peripherals and more. 

Picture of Scott Wright

Scott Wright

Scott is XMA’s Head of Pre-Sales. An IT industry greybeard, he believes strongly that proper planning & preparation prevents poor performance.

Something a little different for this one – I sat down with Charlotte King, XMA Group’s Head of IT Security & Compliance to discuss her thoughts on how a shift to an Android device as the primary (only) device for some users might affect security and compliance. Below are my notes from that conversation.

Charlotte King: XMA group currently has all Android devices enrolled in Intune. Although there is a security baseline in place covering encryption, patching, etc. this change in device use should trigger a review of that baseline to ensure it remains fit for purpose given the significant increase in usage and in the variety of applications used which is likely to occur.

Similarly, the IT Use Policy should not require changes but should be reviewed in the context of this new usage. Some elements will increase in priority, for example the use of unauthorised charging cables (which presents a security risk) may need additional training.

The same Smart Update process used on Windows devices, which monitors user experience to trigger a device refresh rather than arbitrary dates, should be extended to Android devices.

Remote support tools should be reviewed to ensure that the same level of ease of use and functionality in remote device access is provided for Android devices as is currently available for Windows devices and the security of those tools must be assessed.

Historically XMA has seen higher rates of breakage on mobile devices. This will need to be factored into the costings for a device use change unless it can be mitigated via device selection or accessories. This is especially significant given that it is likely that a more expensive device would be issued.
[note from Scott – I am doing some testing on devices of different specifications to see what’s needed for a good experience]

Security features would also be a key consideration for device selection with a highly effective fingerprint reader being the preferred solution after initial consideration but testing of alternative methods for rapid, secure device unlock would be called for.

MFA would also need some consideration. Currently the mobile device is used as the MFA platform deliberately to separate it from the primary device, this would not be possible where an android device is fulfilling both roles. Potentially a phone compatible token solution such as Yubikey would alleviate these concerns.

Testing of applications will need to occur, just as with the recent Windows 11 migration, with especial focus on key line of business apps.

An endpoint security solution for mobile should be considered with thought given especially to capabilities that may be missing from the current desktop endpoint security solution.

Android devices are considered to be easier to manage by the XMA IT team with less administrator intervention needed for updates and a much lower frequency of updates negatively impacting user experience.

The total number of managed devices will be reduced since the majority of likely candidates for this change in device strategy currently have both a Windows and Android device.

Auditing and certifications is expected to be faster, and therefore less expensive.

There is the potential for a saving in Microsoft Licensing given the various options that are available for devices with smaller screens.
[note from Scott – I will be raising this question with Microsoft as small devices docked with large monitors is not a scenario mentioned by the current user agreement]

 

Scott Wright: Some interesting points, I think, and a good outline of the assurance process that will likely be required for most organisations considering an introduction of Android devices as laptop replacements.

Work Like a Pro: Why ‘Good Enough’ IT Tools Are Costing Your Business

In today’s hybrid work model, clear communication and reliable collaboration are non-negotiable. Many organisations, however, still rely on consumer-grade tools to bridge the gap, like personal earbuds for critical calls or the built-in webcam for a high-stakes meeting. 

This ‘good enough’ approach is often a false economy. It’s the daily friction of background noise, patchy calls, and unsecure software that drains focus, confidence, and productivity. It’s the difference between just getting through the day and performing at your best. 

Jabra’s “Work like a pro” concept is built on one promise: professional-grade tools create professional outcomes. This isn’t about features for their own sake; it’s about delivering measurable improvements to how your teams sound, meet, and focus. 

 

Sound Clear. Stay Focused. 

Think about the daily frustrations of poor audio. “Sorry, you’re breaking up”. The dog barks. The café chatter is louder than your voice. Poor audio isn’t just a mild annoyance. Research shows it can increase employee stress levels by 55%1

Jabra Evolve headsets are built for modern work. They are engineered to solve these specific problems: 

  • Jabra Clear Voice™ technology cuts through background noise so you sound sharp, confident, and credible. 
  • Industry-leading active noise cancellation blocks distractions, allowing you to “Focus like a pro” no matter what’s happening in the background. 

The result is a measurable improvement in communication. A study on modern meetings found that teams using Jabra professional tools report +27% clearer conversations and +35% more confident communication2

 

Be Seen and Heard Like a Pro 

The same principle applies to video. Being seen doubles attention and engagement. Yet, many meeting rooms are not properly equipped for today’s needs. In fact, only 15% of employees report that all their meeting rooms are equipped for video meetings2

Jabra PanaCast video solutions are designed to “turn any space into an inclusive meeting room”. 

  • They provide panoramic, full-room coverage (often 180°) to ensure everyone is in the frame, even in small huddle spaces. 
  • Intelligent framing automatically keeps the conversation flowing naturally, keeping everyone in the picture. 

This focus on inclusive video leads to +47% stronger collaboration and +16% more trust in meetings2. Furthermore, the devices are practical for IT. The PanaCast 40 VBS, for example, can go from box to first meeting in under 12 minutes with a secure, wall-mounted installation3

 

Manage and Protect Like a Pro 

Beyond the call quality, Jabra’s professional portfolio is built for business operations. Consumer devices were not built to protect business data and create significant headaches for IT departments. 

Jabra solutions are different: 

  • Device Management: The Jabra+ dashboard provides full fleet control, allowing IT teams to update, troubleshoot, and manage all devices remotely from one secure platform. 
  • Security: Jabra devices are designed with enterprise-grade protection. They feature end-to-end encryption to ensure professional conversations and data stay private. 
  • Future-Proofed for AI: Jabra is also built for the next wave of work. Evolve2 headsets feature 97% accurate voice pickup for AI4, enabling reliable, hands-free interactions with AI assistants. 

 

Go from Good Enough to Great 

This focus on durable, secure, and high-performing tools is why 80% of Fortune 500 companies trust Jabra5

“Good enough” tools get you through the day. Professional solutions help you stand out. It’s time to stop making do and start leading the way. Go from good enough to great

Ready to upgrade? Explore Jabra’s professional audio and video solutions on our XMA Store or reach out to us at enquiries@xma.co.uk to find out how we can help your organisation work smarter and collaborate more effectively. 

 

 

[1] Jabra Hybrid Ways of Working, 2023 Global Report.

[2] A Jabra study at the London School of Economics’ Behavioural Lab on the impact of technology on people in modern meetings

[3] Based on GN internal UX testing, March 2025.

[4] Jabra Commercial Disclaimers – Force Technology study 2024.

[5] Jabra Sales Data

XMA Store

Search
X-twitter Linkedin Youtube
  • EUC
  • AV & Collaboration
  • Infrastructure

Frameworks

Partners

ESG

Events

News & Blogs

XMA Careers

Drop Your Message

Fill in the Form to Download the Case Study

Fill in the Form to Download the Case Study

Fill in the Form to Download the Case Study

Skip to content
Monitoring by Hotjar Monitoring by Hotjar