XMA Logo

XMA Store

Search
X-twitter Linkedin Youtube
XMA Logo
Home » Public Sector

Archive

Why Your Supply Chain is Your New Security Perimeter

Picture of Scott Wright

Scott Wright

Scott is XMA’s Head of Pre-Sales. An IT industry greybeard, he believes strongly that proper planning & preparation prevents disasters waiting to happen.

In my role heading up the Pre-Sales team here at XMA, I spend a lot of time looking at the “big picture” of IT security for our public sector clients. One trend is becoming impossible to ignore: the shift from internal network security to the complex, often opaque world of supply chain risk.

Historically, we focused on “locking the front door” of the organisation. But today, your operational resilience is only as strong as the least secure vendor in your ecosystem.

 

The Government’s Clear Signal on Supply Chain Risk

The UK government isn’t just suggesting we take this seriously, they are providing a direct mandate. The official guidance on tackling security risk in government supply chains identifies third-party vulnerabilities as a primary threat to national infrastructure.

For public sector bodies (from local authorities to the NHS) the message is clear: you are responsible for the security of the data you handle, regardless of which third party is processing or storing it.

 

The Evolution: From Cyber Essentials Plus to NIS

Most of you have (hopefully) already achieved Cyber Essentials Plus (CSE+). That is a vital baseline, but it is no longer the finish line. The government is now pushing for public sector verticals to align with the Network and Information Systems (NIS) Regulations.

Moving toward NIS compliance requires a move away from “point-in-time” security. You can’t just check a box once a year. You need:

  • Complete Visibility: A clear map of every entity that has access to your network or data.
  • Continuous Assessment: A way to monitor the security posture of your suppliers in real-time.
  • Proactive Mitigation: The ability to identify a supplier’s weakness before it becomes your breach.

 

The Legislative Hammer is Coming

We are tracking pending legislation that will make supply chain risk management mandatory for several public sector verticals. Far from just avoiding a fine, it centres around maintaining your ability to operate. Non-compliance could lead to exclusion from critical procurement frameworks like G-Cloud or the Crown Commercial Service (CCS).

 

How XMA and Risk Ledger Solve the Complexity Problem

Managing this manually via spreadsheets is a recipe for failure. It’s slow, inaccurate, and data is out of date the moment it’s saved.

XMA utilises partners such as Risk Ledger to replace that manual headache with a professionalised, automated platform. Instead of chasing suppliers for audits, Risk Ledger provides a “social network” of security data.

  • Defensible Compliance: We provide the evidence and data needed to prove your due diligence to auditors and your board.
  • Reduced Overhead: Automating the assessment process frees up your internal IT team to focus on strategic projects.
  • Real-Time Alerts: If a supplier’s security status changes, you know immediately – allowing you to take action before a risk turns into a crisis.

 

Let’s Secure Your Chain

Security is about resilience. In the public sector, it’s also about public trust. At XMA, we’re not interested in selling you products, we work with you to implement a compliant, scalable framework that protects your organisation and the citizens you serve.

Navigating the Memory Price Surge: Stability in a Volatile Market

The global IT hardware market is currently facing significant headwinds. With DRAM contract prices almost doubling in early 2026, organisations across the UK are re-evaluating their device procurement and refresh strategies.

To understand how XMA is helping customers maintain stability during this period of volatility, we sat down with our Commercial Director, Paul Hamilton. Paul shares insights into how we use our Tier-1 partnerships and UK-based logistics to provide certainty for Enterprise and Public Sector (CPS) organisations.

How XMA Is Supporting Enterprise and CPS Customers Amid Rising DRAM Costs

Paul Hamilton: “With DRAM contract prices almost doubling in early 2026, many organisations are understandably concerned about the impact on their device procurement and refresh strategies. At XMA, we are taking proactive and measurable steps to help our customers maintain stability, predictability and value during this period of market volatility.”

  • Strategic Engagement at Executive Level: “We are in active, ongoing C‑suite dialogue with the world’s largest PC manufacturers. These direct relationships ensure we have early visibility of market movements, production constraints and forthcoming allocation changes enabling us to advocate for our customers at the highest level.”
  • Tri‑Party Engagement for Transparency: “Where appropriate, we facilitate tri‑party conversations between customers and our tier 1 vendors. This gives organisations a clear, unfiltered view of the vendor’s position, supply outlook and pricing dynamics. It ensures decisions are informed by real time insights rather than assumptions or market noise.”

     

  • Maximising the Channel Ecosystem: “XMA works across the breadth of the channel ecosystem to secure the best possible availability and inventory positions for our customers. By leveraging our scale, partner status and long standing relationships, we ensure our customers benefit from priority access to the latest stock positions and market intelligence.”
  • Secured, Ring‑Fenced Inventory: “For strategic partner accounts, we are already securing and ring‑fencing dedicated inventory in advance. This provides our customers with more predictable planning cycles, reduced exposure to sudden price spikes and assurance that the devices they require will be available when they need them.”

Budget Resilience: Evidence-Based Advice for IT Directors

For IT Directors managing multi-year refresh cycles, what evidence-based advice are we giving to help them demonstrate the ROI of proceeding with upgrades now versus waiting for a price reversal that analysts suggest is unlikely before 2027?

Paul Hamilton: “This discussion extends beyond immediate cost pressures and moves into a broader strategic assessment of organisational resilience and value creation. While rising component prices will influence deployment budgets, the wider geopolitical landscape spanning security threats, productivity demands, and ongoing supply chain volatility means that delaying refresh cycles often introduces greater operational and financial risk.”

“To support IT Directors in demonstrating clear, evidence‑based ROI, XMA partners with customers through structured innovation workshops. These sessions provide up‑to‑date insight on advancements in security, AI‑driven productivity, endpoint performance, and professional services.”

Supply Chain Agility: Strengthening UK Logistics

What specific changes have we made to our UK-based fulfilment and logistics operations to ensure we can still meet “just-in-time” delivery requirements despite global component shortages?

Paul Hamilton: “XMA has taken a series of proactive steps to strengthen our UK‑based fulfilment and logistics operations, ensuring we can continue to meet “just‑in‑time” delivery expectations despite global component shortages.”

“We have worked closely with our Tier 1 vendors to analyse market demand patterns, forecast volatility, and secure forward‑looking inventory positions within our UK logistics facility. By committing to early allocation and ring‑fenced stock, we can protect customers from both sudden availability constraints and unpredictable price fluctuations.”

“In practical terms, this operational model allows us to:

  • Hold dedicated inventory locally, enabling reliable next‑day delivery across the UK.

     

  • Reduce the impact of global supply chain disruption, thanks to pre-secured and strategically stored stock.

     

  • Provide greater pricing stability, insulating customers from short-term spikes driven by component scarcity.

     

  • Streamline fulfilment workflows, ensuring devices can be configured, kitted and dispatched rapidly from within the UK.

     

  • Strengthen vendor collaboration, giving us early visibility of constraints and enabling smarter sourcing decisions.”

What Does This Mean For Our Customers?

Navigating market volatility requires more than just reactive purchasing, it demands a partner with the scale and relationships to provide stability. By prioritising forward-looking inventory and direct vendor engagement, XMA ensures your technology roadmaps remain on track despite global component pressures.

Get in touch with your XMA account manager to discuss your upcoming IT projects, or contact us directly at enquiries@xma.co.uk to learn how we can protect your hardware budget.

New White Paper: How Esports Facilities Impact University Recruitment and Student Success

The UK higher education sector is in a period of intense competition. To secure the best talent, institutions must offer facilities that deliver a tangible return on investment. For years, esports labs were viewed by many observers as expensive recreational add-ons. 

That view is now obsolete. 

A new survey conducted by XMA in partnership with Logitech provides the hard data to correct the record. We surveyed 1,000 current and prospective university students to separate anecdote from fact. The results are conclusive: advanced computing facilities are directly correlated to a university’s ability to attract students, support their wellbeing, and prepare them for the modern workplace. 

Here is the reality of the student demand. 

Read The Full Survey

A Deciding Factor in Recruitment 

For the majority of prospective students, a university’s digital infrastructure is a primary litmus test for the institution’s quality. 

The report reveals that 60% of respondents state that the presence of dedicated gaming facilities would encourage them to choose a specific university. Perhaps more importantly for risk-averse administrators, only 1.5% said it would discourage them. 

The rhetoric that gaming distracts from serious study holds no weight with the students themselves. Instead, a well-equipped lab signals that the university understands the technology and culture that defines their generation. It converts an IT investment directly into a recruitment asset. 

 

The Demographic Reality Check 

University administrators often view “gamers” as a niche male demographic. The data dismantles this stereotype entirely. 

88% of students surveyed play games at least once a week, with 50% playing daily. Furthermore, this is not a gender-specific activity. While 93% of male respondents play weekly, a massive 85% of female respondents do the same. 

Investing in esports and advanced computing does not serve a minority interest, it serves the vast majority of your student intake. If you ignore this demographic, you ignore nearly 9 out of 10 students walking onto your campus. 

 

More Than Just Gameplay: The Academic Link 

Students view these facilities as practical learning environments, not just arcades. They see a direct line between high-spec hardware and their professional futures. 

  • Career Preparation: 83.4% of students say that access to emerging technologies (like AI, VR, and high-spec computing) is important for their future careers. 
  • Skill Transfer: Students explicitly associate these facilities with developing marketable skills in game design (72%), programming (54%), and digital content creation (49%). 
  • Course Selection: 44% of respondents stated that access to gaming facilities would make them more likely to choose a technology-focused course. 

This data indicates that an esports lab functions as a “third space” on campus, a hub for skill acquisition and collaboration that students are actively seeking. 

 

The Hardware Requirement 

Students are clear about their expectations. Standard library PCs are insufficient for the workloads required by modern degrees. 

37% of students explicitly want high-performance computers to support their coursework. Furthermore, 33% require access to content creation tools. 

To meet this demand, universities must provide industry-standard equipment. This means high-performance workstations and peripherals, such as the Logitech G range, which offer the precision and durability required for both competitive esports and intensive creative workloads like 3D modelling and video production. 

 

XMA’s Proven Delivery 

Data is useful, but execution is what matters. Building these environments requires more than just buying PCs, it requires complex infrastructure planning, security compliance, and strategic procurement. 

XMA has a demonstrable history of delivering specialist facilities for UK universities. Our work with Teesside University to deliver their industry-leading gaming labs, and our engagement with the University of Lincoln to build their esports facility, showcase our capability. We manage the end-to-end process to create robust, high-performance environments that last. 

Discover More

The Verdict 

The argument is settled. Esports labs have a measurable, positive impact on student recruitment and academic outcomes. 

The question is no longer if a university should invest in advanced computing facilities, but when. If you are ready to discuss the design and delivery of a facility that aligns with your institution’s strategic goals, contact the XMA public sector team at enquiries@xma.co.uk today. 

Read The Full Report

Beyond the Hype: How HP and AMD are Delivering Practical AI and Security for UK Businesses

Today’s workplace demands constant adaptation. Hybrid work models require flexibility, security threats are more sophisticated than ever, and the arrival of Artificial Intelligence (AI) is shifting from a future concept to a daily productivity tool. 

Your organisation’s devices are the critical link in navigating these challenges. Sub-par hardware can lead to security vulnerabilities, poor performance in critical applications, and a frustrating experience for your staff. 

This is why we are taking a close look at the new generation of HP EliteBook laptops. Advanced by AMD processors, these devices are built to provide a practical, high-performance, and secure foundation for both public and private sector organisations. 

 

The AMD Processor: A Practical AI Engine 

Several of these new devices are “Next Gen AI PCs.” It means the AMD processors inside include a dedicated Neural Processing Unit (NPU)

In simple terms, an NPU is specialist hardware designed to run AI tasks efficiently. 

  • Instead of: Using the main processor (CPU) or graphics card (GPU) for an AI-driven task (like real-time background blur during a video call or running a local AI assistant). 
  • The NPU handles it: This frees up the CPU and GPU for the work you are actually trying to do. 

What this means for your business:  

  • Better Performance: Applications remain fast and responsive, even during demanding video conferences or when using new AI tools. 
  • Longer Battery Life: The NPU is highly efficient, drawing less power for these common tasks, which is critical for hybrid and mobile workers. 
  • Improved Security: By processing more AI tasks locally (right on the laptop) less sensitive data needs to be sent to the cloud, reducing your attack surface. 

 

Security: A Resilient Foundation 

For any IT leader, security is non-negotiable. For a business owner, a breach is a critical risk. The HP EliteBook series addresses this directly with a multi-layered security approach. 

Models like the HP EliteBook 8 G1a feature HP Wolf Pro Security. Far from being just antivirus software, it is a resilient, hardware-enforced security solution. It provides: 

  • Self-Healing BIOS: Can automatically recover from a firmware attack. 
  • Hardware-Based Isolation: Traps malware in a virtual container to prevent it from infecting the rest of the PC. 
  • Phishing Protection: Helps defend against credential theft from malicious websites. 

This provides the operational resilience required by enterprise and public sector organisations and the “peace of mind” that small business owners need to focus on their work. 

 

A Device for Every Role 

This new HP and AMD lineup provides choice, allowing you to standardise on a secure platform while equipping different users with the right tool for their job. 

  • HP EliteBook 8 G1a 14″ Notebook: This is the premium option for executives and mobile professionals who need top-tier security and AI performance in a portable format. Powered by the AMD Ryzen™ PRO processor, it utilises a dedicated NPU to manage AI workloads locally to extend battery life, while delivering silicon-level security features that mitigate firmware attacks and protect sensitive corporate data. 
  • HP EliteBook 6 G1a/G1ah 14″ Notebooks: These are the versatile workhorses of the fleet. They balance portability with robust performance, including options with the latest AMD Ryzen™ 5 processors and AI capabilities. 
  • HP EliteBook 6 G1ah 16″ Notebook: Ideal for users who need more screen real estate, such as finance teams, data analysts, or developers. It provides the same enterprise-grade features and AMD power on a larger display. 

 

The XMA View: Beyond the Box 

Choosing the right hardware is the first step. Integrating it successfully into your environment is the next. 

As a HP Amplify Power Partner, XMA helps organisations procure, configure, deploy, and manage HP devices at scale. Our specialists understand the specific compliance and security needs of public sector bodies and the efficiency and reliability drivers for private enterprises. 

We provide the tools and services to ensure your new HP devices deliver real business value from day one. 

 

Ready to build a more secure and productive hardware fleet? Contact your XMA Manager today or email enquiries@xma.co.uk to discuss your requirements 

The Multi-Framework Strategy: How to Procure a Complete IT Estate Without the Administrative Headache

University procurement teams are well-versed in the specific mechanisms of UKUPC frameworks. You understand the compliance requirements and the procurement vehicles available. The challenge is not about understanding the frameworks. It’s about the operational burden of managing them simultaneously to deliver a cohesive IT strategy. 

Trying to piece together an end-to-end solution (from data centre to desktop) often involves juggling multiple suppliers, conflicting delivery timelines, and disjointed administrative processes. This fragmentation creates unnecessary friction and increases the workload on your internal teams. 

XMA removes this complexity. We possess the regulatory expertise to navigate the entire framework landscape on your behalf. We do not just hold a position on these agreements, we understand the intricacies of the terms and procurement regulations for each, allowing us to build a compliant, integrated solution that spans your entire infrastructure. 

 

A Single Route for Complex Requirements  

We act as your strategic consolidation point. Instead of raising separate tenders for hardware, software, and infrastructure, you can leverage our position across the board: 

  • Compute & Devices (NDNA & Apple): We execute large-scale deployments of Windows and Apple devices under the NDNA terms you trust, ensuring standardisation across campus. 
  • Enterprise Infrastructure (SSSNA & NEUPC): We architect your backend using SSSNA for servers and storage, and NEUPC for the critical networking layer. We align these complex installs with your device rollout schedules. 
  • Software & Peripherals (SLRA & ITRAP): We handle the granular details (licensing compliance via SLRA and essential peripherals via ITRAP) ensuring no component is overlooked. 

 

Expertise That Reduces Risk  

Our public sector team dedicates itself to understanding the specific procurement rules of these bodies. We ensure that every transaction meets the strict governance and audit requirements you face. By entrusting the navigation of these frameworks to XMA, you release your procurement team from the “heavy lifting” of vendor coordination. 

We deliver the technology you need, strictly adhering to the frameworks you rely on, without the administrative hassle. Talk to your XMA Account Manager or contact us at enquiries@xma.co.uk to start a conversation. 

Frameworks Guide

Practicing What We Preach: A Candid Q&A on Cyber Resilience with XMA’s Head of IT Security & Compliance

In the IT channel, it is easy to talk about security in the abstract. But at XMA, we don’t just recommend security architectures, we live them. As a major IT solutions provider managing critical infrastructure for UK government bodies and large enterprises, we also must be on top of our cyber resilience.  

To be a true strategic Technology Partner, we must practice what we preach. We sat down with Charlotte King, XMA Group’s Head of IT Security & Compliance, to discuss the reality of defending a modern organisation. From the rise of AI-driven phishing to the dangers of the “silver bullet” mindset, here is the view from the inside. 

 

Section 1: The View from the Inside 

Q: As Head of InfoSec for a major IT solutions provider, you see a broad spectrum of threats. Moving beyond the buzzwords, what are the specific, high-risk trends keeping you up at night right now? 

Charlotte King: Firstly, our prevention controls – are they actually working? It’s not enough to have shiny tools, we need to constantly test and tune them to keep attackers out. This is not a “one and done” exercise. It keeps us on our toes every single day. 

Supply chain attacks are a real headache, and we have seen several big ones this year. We rely on suppliers for hardware and software, so if they’re compromised, so are we, and this affects our valued customers. Downtime or breaches in the supply chain can ripple right through our environment and soon become the critical task of the day. 

Phishing is relentless. Email remains a favourite attack vector, and the sophistication of these attacks is only increasing with AI. Finally, our staff – are we doing enough to train and support them? Are our technical teams prepared and well enough resourced to cope with the “business as usual” work and then the swerve balls that can come from suppliers, customers, or our industry partners? 

 

Q: We manage critical infrastructure for customers across the UK, including government bodies. How do we approach our own security to ensure we remain resilient against supply chain attacks? 

CK: We do a vast number of things to help with this. We certify and align to recognised security standards and frameworks. You can’t be an IT company these days without having these external validations of your policies and controls. We have just completed the re-cert for ISO 27001:2022 and have Cyber Essentials Plus next week. 

The audit cycle helps us to be continuously aware of possible weaknesses so we can fix and strengthen them. For us, security isn’t static, it’s not a goal or a destination, it’s our everyday. We’re always assessing our people, processes, and technology, reviewing how we can make it better, stronger, more resilient or efficient. We look at how these multiple layers of security can ensure that if one fails, others stand in the way. 

We have recently made big improvements to our supply chain onboarding. We don’t just trust our suppliers blindly, we vet them thoroughly. 

 

Section 2: The Human Firewall 

Q: Technology is only half the battle. How do you approach security culture at XMA to ensure staff are an active line of defence rather than a vulnerability? 

CK: Technology and processes are only half the battle. We have all sorts of people here at XMA, from technical teams to sales, and the usual back-office support staff too. We have robust staff security training, and we run ongoing simulated phishing campaigns and monthly bulletins to help keep security in everyone’s mind. 

This month our bulletin was for Black Friday and Christmas scams, helping keep our staff safe in and outside of work. I would like to think we also have an approachable security and compliance team. We make it easy for staff to ask questions and report issues. We are also looking at a Security Champions programme to help further embed security advocates in every department. 

 

Q: Phishing remains a primary trigger for security breaches. With the rise of AI-generated content, attacks are becoming harder to spot. What specific “tells” should organisations teach their staff to look for in 2026? 

CK: You’re right, and in fact, AI is making it easier for attackers to craft convincing messages. As a business, we have a strong online presence, so finding who works here isn’t difficult. So, it comes down to our staff to be careful with emails, whilst knowing much of it will be caught by our tools and filters. 

Check URLs and domains carefully. Hover before you click! Watch for odd language or tone. AI can mimic, but it’s not always colloquially perfect. Scam psychology is to provide a sense of Scarcity, Urgency, Authority, or FOMO (Fear Of Missing Out). If the email has that, you don’t recognise the sender, or it seems a bit off, use the easy reporting mechanisms we have at XMA which make it simple for staff to flag suspicious emails. 

 

Q: With the ease of using AI tools, Shadow IT is a growing governance nightmare. How can IT Directors and business owners identify unapproved applications without halting productivity? 

CK: This is always a balance: to permit staff to access tools or applications that allow them to innovate, whilst being secure and well-governed. We publish a clear applications catalogue for staff to use as a first point of call. 

If the application we already have doesn’t meet their needs, we make it easy for staff to find and request approved tools, which then goes through a due diligence process. This allows some flexibility for niche needs whilst meeting security standards. Admin rights are locked down so staff can’t install software without authorisation. 

 

Q: Many organisations have security policies that sit in a drawer and are rarely read. How can businesses create policies that employees actually follow, rather than work around? 

CK: At XMA we have one clear, concise user agreement, signed annually. Keeping it short, simple, and in plain language means staff are more likely to engage with it. We track compliance of this overarching policy, and it forms a key part of our security foundation. Generally, if a workflow is built into technology (perhaps the triage of a suspicious email) that’s better than a dusty process document. 

 

Section 3: Our Vendor-Agnostic Take 

Q: Vendors often promise a single tool will solve all security problems. Why is this mindset dangerous, and what is the reality of building a layered defence? 

CK: Every department has different needs. What works for procurement might not work for sales, so you have to create a layered defence to protect all systems, people, and physical assets. Single tools can fail. Relying on one solution is risky and not resilient. 

Layered defence is key. Using specialist tools that work together, supporting your people and processes, means you can protect your business even if one security system stops working. We’ve seen big security vendors hit by ransomware, configuration changes impacting uptime, and global hyperscalers suffering significant downtime. No security vendor is immune to some kind of failure, so we need to spread our bets insightfully across tools and technology to keep the wheels of commerce turning for our stakeholders. 

 

Q: If a customer (whether an SMB owner or a Public Sector compliance officer) could make one immediate change today to improve their security posture, what should it be? 

CK: Enable Multi-Factor Authentication (MFA) everywhere you can. It’s one of the simplest, most effective ways to block attackers. This is for all areas: social media, work applications, shopping portals. Call out suppliers that don’t have MFA on their applications. Oh, and mandate a corporate password manager too. 

 

 

Need a Strategic Partner who understands the reality of cyber threats? 

At XMA, we don’t just sell technology, we use it to secure our own business every day. Contact your XMA Account Manager or talk to us at enquiries@xma.co.uk to discuss how we can help you build a resilient, layered defence. 

Beyond the Patch: Why ESU Is a Stopgap, Not a Strategy for AI and Security

The Windows 10 End of Support deadline has passed. Many organisations have opted for Extended Security Updates (ESU) to buy time. While this maintains compliance in the short term, it is not a long-term solution.

Paying for ESU is effectively an investment in a dead-end platform. It keeps the lights on, but it does not deliver new value. More importantly, maintaining a legacy fleet actively blocks your organisation from leveraging the two biggest drivers of modern IT value: Artificial Intelligence and hardware-backed security.

Here is why shifting your budget from ESU to a Windows 11 migration is the only viable choice for 2025 and onwards.

The AI Hardware Gap

The UK market is moving quickly. Research indicates that 68% of UK enterprises are implementing or planning to implement AI solutions this year.1 However, software is only half the equation.

Effective AI deployment requires modern hardware. Legacy devices running Windows 10 typically lack the Neural Processing Units (NPUs) necessary to run AI workloads locally and efficiently. By keeping these older devices in circulation, you create a performance ceiling for your workforce.

You cannot run modern, intelligent tools on outdated infrastructure. Migrating to Windows 11 allows you to deploy devices capable of handling the computational demands of the next five years.

Software Patches vs. Hardware Security

ESU provides critical security patches, but it does not address the fundamental architectural weaknesses of a legacy OS.

Modern security threats attack the hardware and firmware layers, not just the software. Windows 11 introduces mandatory hardware-backed security requirements (such as TPM 2.0 and strictly enforced code integrity) that Windows 10 devices simply cannot support.

Relying on ESU leaves your attack surface dangerously large. For any IT leader tasked with ensuring operational resilience, relying solely on software patching is an unmanaged risk.

Move from Reactive Costs to Proactive Investment

Every pound spent on ESU is a reactive cost. It prevents failure but does not improve performance.

That same budget should fund proactive investments in technology that improves productivity. By moving to Windows 11 now, you stop funding obsolescence and start building a platform that supports your business goals.

How XMA Can Help

We understand that migration is a complex logistical challenge. XMA provides a clear, cost-effective path forward.

  • Audit & Assess: We identify which devices in your fleet are blocking AI adoption and creating security risks.
  • Deploy: We manage the rollout of secure-by-design Windows 11 devices.
  • Manage Costs: Our leasing options allow you to equip your team with modern technology for a predictable monthly cost, avoiding large upfront capital expenses.

Don’t let legacy hardware dictate your strategy. Contact XMA today at enquries@xma.co.uk to plan your migration.

[1] UK Artificial Intelligence (AI) Statistics And Trends In 2025 – Forbes Advisor UK

Android Desktop: How does Security and Management Change with Phones as Primary Devices?

This is the fourth in a series of blog posts exploring Android Desktop. Our Head of Pre-Sales, Scott Wright, will be looking at the current state of Android Desktop, following its improvement as release approaches, examining use cases, looking at essential apps & peripherals and more. 

Picture of Scott Wright

Scott Wright

Scott is XMA’s Head of Pre-Sales. An IT industry greybeard, he believes strongly that proper planning & preparation prevents poor performance.

Something a little different for this one – I sat down with Charlotte King, XMA Group’s Head of IT Security & Compliance to discuss her thoughts on how a shift to an Android device as the primary (only) device for some users might affect security and compliance. Below are my notes from that conversation.

Charlotte King: XMA group currently has all Android devices enrolled in Intune. Although there is a security baseline in place covering encryption, patching, etc. this change in device use should trigger a review of that baseline to ensure it remains fit for purpose given the significant increase in usage and in the variety of applications used which is likely to occur.

Similarly, the IT Use Policy should not require changes but should be reviewed in the context of this new usage. Some elements will increase in priority, for example the use of unauthorised charging cables (which presents a security risk) may need additional training.

The same Smart Update process used on Windows devices, which monitors user experience to trigger a device refresh rather than arbitrary dates, should be extended to Android devices.

Remote support tools should be reviewed to ensure that the same level of ease of use and functionality in remote device access is provided for Android devices as is currently available for Windows devices and the security of those tools must be assessed.

Historically XMA has seen higher rates of breakage on mobile devices. This will need to be factored into the costings for a device use change unless it can be mitigated via device selection or accessories. This is especially significant given that it is likely that a more expensive device would be issued.
[note from Scott – I am doing some testing on devices of different specifications to see what’s needed for a good experience]

Security features would also be a key consideration for device selection with a highly effective fingerprint reader being the preferred solution after initial consideration but testing of alternative methods for rapid, secure device unlock would be called for.

MFA would also need some consideration. Currently the mobile device is used as the MFA platform deliberately to separate it from the primary device, this would not be possible where an android device is fulfilling both roles. Potentially a phone compatible token solution such as Yubikey would alleviate these concerns.

Testing of applications will need to occur, just as with the recent Windows 11 migration, with especial focus on key line of business apps.

An endpoint security solution for mobile should be considered with thought given especially to capabilities that may be missing from the current desktop endpoint security solution.

Android devices are considered to be easier to manage by the XMA IT team with less administrator intervention needed for updates and a much lower frequency of updates negatively impacting user experience.

The total number of managed devices will be reduced since the majority of likely candidates for this change in device strategy currently have both a Windows and Android device.

Auditing and certifications is expected to be faster, and therefore less expensive.

There is the potential for a saving in Microsoft Licensing given the various options that are available for devices with smaller screens.
[note from Scott – I will be raising this question with Microsoft as small devices docked with large monitors is not a scenario mentioned by the current user agreement]

 

Scott Wright: Some interesting points, I think, and a good outline of the assurance process that will likely be required for most organisations considering an introduction of Android devices as laptop replacements.

A Future-Ready Christmas: Why It’s the Perfect Time for Public Sector Organisations to Invest in Surface

For many public sector organisations, the period leading up to the end of the financial year is a critical window for strategic procurement. 

Using year-end budgets effectively is essential for demonstrating value-for-money and preparing for the year ahead. If your device refresh cycle is approaching, this is the optimal time to plan. 

Microsoft Surface devices are specifically engineered to meet the stringent demands of the modern public sector: robust security, true hybrid work capability, and readiness for the next wave of AI. 

 

The Q4-Q1 Budget Window: A Critical Time for Procurement 

The “use it or lose it” nature of annual budgets is a hard reality. This period is the final opportunity to allocate remaining funds to critical projects, ensuring budgets are fully utilised and strengthening the case for future funding. 

Planning your IT refresh now is a strategic, proactive move. It prevents last-minute rushes and ensures that all procurement is compliant, well-considered, and meets all operational requirements. Waiting until the new financial year often means delays, but acting now secures the technology your teams need for April 1st. 

 

Surface’s Role in the Modern Public Sector Workplace 

Surface goes beyond a mere laptop, becoming a tool designed for the specific challenges of public sector work. 

  • Security by Design: Public sector bodies handle highly sensitive data. Surface devices provide chip-to-cloud security. As secured-core PCs, they offer advanced protection against firmware and hardware-level attacks, a critical consideration for government, healthcare, and education data. 
  • Built for Modern Hybrid Work: The public sector operates in a hybrid world. From the versatile Surface Pro 10 to the powerful Surface Laptop 6, the range is built for this flexibility. They provide high-quality cameras and audio for remote meetings and the adaptability to work from the office, home, or in the field (a necessity for council workers, NHS staff, and educators). 
  • Ready for Practical AI: AI is rapidly moving from a concept to a practical, everyday tool. New Surface devices are built with Neural Processing Units (NPUs) designed to run Copilot and other AI applications efficiently. This allows your staff to use next-generation productivity tools without sacrificing device performance or battery life. 

 

A Sustainable Choice for Public Sector Goals 

Sustainability and social value are now non-negotiable elements in public sector procurement. Microsoft has made measurable progress in this area. 

Newer Surface devices are designed for easier repair, with replaceable components like screens and batteries. This design extends the device’s usable lifecycle, which reduces e-waste and lowers the Total Cost of Ownership (TCO) (a key metric for demonstrating value-for-money to the public). 

 

How XMA Manages Budgets and Procurement 

We understand that public sector procurement is complex. Our role is to make it simple, compliant, and efficient. 

  • Simplified Procurement Through Frameworks: XMA is a major, DfE-approved supplier and a key partner on government frameworks, including the Crown Commercial Service (CCS). We provide a fully compliant, transparent, and auditable route for your Surface investment. 
Frameworks Guide
  • Flexible Budgeting with Leasing Options: If capital expenditure is a challenge, it should not be a barrier to progress. We offer corporate leasing options with our partner CF Corporate that can move your device refresh to an operational expenditure (OpEx) model. This provides predictable monthly costs and allows you to secure the technology your teams need now, even with tight capital budget constraints. 
Surface Leasing Guide

Secure Your Devices for the New Year 

The end-of-year budget window is a strategic opportunity. By planning your Surface device refresh with XMA, you secure the tools your organisation needs for a secure, productive, and AI-ready 2025. 

Talk to our Surface specialists today at enquiries@xma.co.uk and get your procurement ready for the new year. 

Work Like a Pro: Why ‘Good Enough’ IT Tools Are Costing Your Business

In today’s hybrid work model, clear communication and reliable collaboration are non-negotiable. Many organisations, however, still rely on consumer-grade tools to bridge the gap, like personal earbuds for critical calls or the built-in webcam for a high-stakes meeting. 

This ‘good enough’ approach is often a false economy. It’s the daily friction of background noise, patchy calls, and unsecure software that drains focus, confidence, and productivity. It’s the difference between just getting through the day and performing at your best. 

Jabra’s “Work like a pro” concept is built on one promise: professional-grade tools create professional outcomes. This isn’t about features for their own sake; it’s about delivering measurable improvements to how your teams sound, meet, and focus. 

 

Sound Clear. Stay Focused. 

Think about the daily frustrations of poor audio. “Sorry, you’re breaking up”. The dog barks. The café chatter is louder than your voice. Poor audio isn’t just a mild annoyance. Research shows it can increase employee stress levels by 55%1

Jabra Evolve headsets are built for modern work. They are engineered to solve these specific problems: 

  • Jabra Clear Voice™ technology cuts through background noise so you sound sharp, confident, and credible. 
  • Industry-leading active noise cancellation blocks distractions, allowing you to “Focus like a pro” no matter what’s happening in the background. 

The result is a measurable improvement in communication. A study on modern meetings found that teams using Jabra professional tools report +27% clearer conversations and +35% more confident communication2

 

Be Seen and Heard Like a Pro 

The same principle applies to video. Being seen doubles attention and engagement. Yet, many meeting rooms are not properly equipped for today’s needs. In fact, only 15% of employees report that all their meeting rooms are equipped for video meetings2

Jabra PanaCast video solutions are designed to “turn any space into an inclusive meeting room”. 

  • They provide panoramic, full-room coverage (often 180°) to ensure everyone is in the frame, even in small huddle spaces. 
  • Intelligent framing automatically keeps the conversation flowing naturally, keeping everyone in the picture. 

This focus on inclusive video leads to +47% stronger collaboration and +16% more trust in meetings2. Furthermore, the devices are practical for IT. The PanaCast 40 VBS, for example, can go from box to first meeting in under 12 minutes with a secure, wall-mounted installation3

 

Manage and Protect Like a Pro 

Beyond the call quality, Jabra’s professional portfolio is built for business operations. Consumer devices were not built to protect business data and create significant headaches for IT departments. 

Jabra solutions are different: 

  • Device Management: The Jabra+ dashboard provides full fleet control, allowing IT teams to update, troubleshoot, and manage all devices remotely from one secure platform. 
  • Security: Jabra devices are designed with enterprise-grade protection. They feature end-to-end encryption to ensure professional conversations and data stay private. 
  • Future-Proofed for AI: Jabra is also built for the next wave of work. Evolve2 headsets feature 97% accurate voice pickup for AI4, enabling reliable, hands-free interactions with AI assistants. 

 

Go from Good Enough to Great 

This focus on durable, secure, and high-performing tools is why 80% of Fortune 500 companies trust Jabra5

“Good enough” tools get you through the day. Professional solutions help you stand out. It’s time to stop making do and start leading the way. Go from good enough to great

Ready to upgrade? Explore Jabra’s professional audio and video solutions on our XMA Store or reach out to us at enquiries@xma.co.uk to find out how we can help your organisation work smarter and collaborate more effectively. 

 

 

[1] Jabra Hybrid Ways of Working, 2023 Global Report.

[2] A Jabra study at the London School of Economics’ Behavioural Lab on the impact of technology on people in modern meetings

[3] Based on GN internal UX testing, March 2025.

[4] Jabra Commercial Disclaimers – Force Technology study 2024.

[5] Jabra Sales Data

XMA Store

Search
X-twitter Linkedin Youtube
  • EUC
  • AV & Collaboration
  • Infrastructure

Frameworks

Partners

ESG

Events

News & Blogs

XMA Careers

Drop Your Message

Fill in the Form to Download the Case Study

Fill in the Form to Download the Case Study

Fill in the Form to Download the Case Study

Skip to content
Monitoring by Hotjar Monitoring by Hotjar