SteveITpro - Learning AI & Cloud in Public

Microsoft wants to put the "intelligence" back into artificial intelligence. But at its Ignite 2025 conference in San Francisco this week, the software giant's vision for AI-powered workplaces revealed a tension between innovation and control that it has yet to resolve.

In his first keynote appearance replacing Satya Nadella, Judson Althoff, Microsoft's CEO of Commercial Business, unveiled a coordinated product family—Work IQ, Fabric IQ, and Foundry IQ—designed to make AI agents collaborate with humans across enterprises. The pitch: businesses can accelerate AI adoption without losing governance. The reality may be more complicated.

At a glance

What was announced

Agent 365: Control plane for governing AI agents at enterprise scale
Work IQ: Intelligence layer powering Microsoft 365 Copilot and agents
Fabric IQ: Intelligent data preparation and "Language of Your Business" semantic mapping
Foundry IQ: Model selection routing and Context Engineering tools
Model Context Protocol (MCP): Standardized agent-to-app communication
Anthropic Claude models now available on Azure (alongside OpenAI, DeepSeek)
Security Copilot integration with Work IQ framework
Three new agents: Workforce Insights, People, and Learning

Key message "Disciplined Acceleration"—move fast with AI while maintaining governance and human oversight

The concern Patient compliance tracking in Epic Systems demo raises questions about AI-powered workplace surveillance

The healthcare endorsement that framed everything

The keynote's most revealing moment didn't come from Microsoft. Seth Hain, VP of R&D at Epic Systems, the dominant electronic health record platform, took the stage to describe his firm's AI strategy as "Disciplined Acceleration"—a phrase that would define the day's messaging.

Epic's endorsement matters. In healthcare, where algorithmic mistakes can kill patients and regulatory violations can shutter facilities, AI must clear an extraordinarily high bar. If Microsoft's platform passes muster for Epic, the logic goes, it should work for anyone.

But Hain's demonstration of Epic's patient-facing mobile app exposed precisely the dilemma "Disciplined Acceleration" claims to resolve.

Innovation or surveillance?

Epic's demo showed AI-generated "care paths" delivered to patients' phones, tracking medication adherence, exercise compliance, and appointment attendance through wearable device integration. The system feeds patient behavior back to healthcare providers in real-time.

The optimistic framing: Proactive care prevents hospital readmissions. Patients receive personalized guidance. Early intervention when people deviate from treatment plans.

The unasked questions: Who owns the compliance data? What happens when insurance companies access these behavioral scores? Can patients opt out without premium penalties? How long is this surveillance data retained?

Microsoft and Epic showcased the technology's capabilities whilst glossing over governance implications. "Innovation + Trust" was the conference theme, but the Epic demo suggested innovation has outpaced the trust infrastructure.

If patient care becomes algorithmic compliance scoring, has Microsoft's "Discipline" proven robust enough to prevent healthcare from becoming a surveillance state?

The IQ family: Microsoft's bid to own the AI stack

Beneath the marketing slogans, Microsoft unveiled genuine technical infrastructure—a three-layered orchestration strategy spanning business workflows, data operations, and model management.

But the real announcement wasn't the individual products. It was Microsoft Agent Factory—the unified platform that brings Work IQ, Fabric IQ, and Foundry IQ together under one meter.

Work IQ: The human-in-the-loop promise

Work IQ positions AI agents as collaborators, not replacements. Demos showed departmental agents—Sales, Marketing, Legal, Finance—working together with mandatory human approval at critical decision points.

The pattern is consistent: agents propose, humans approve. AI handles data gathering, humans make judgment calls. It's supervised autonomy, designed to address the existential fear driving resistance to AI adoption.

The message to executives: Your workforce won't be replaced; it'll be augmented. The message to IT: We've built governance and compliance controls from day one. The message to employees: You're being upgraded, not obsolete.

Whether this human-centric framing survives contact with cost-cutting executives seeking headcount reduction remains to be seen.

Fabric IQ: The "Language of Your Business"

Here's where Microsoft's technical ambition becomes apparent. Fabric IQ doesn't merely access enterprise data—it creates semantic maps of how organizations actually function.

By analyzing "oceans of data"—emails, documents, Teams chats, meeting recordings—Fabric IQ learns company-specific terminology, identifies subject matter experts, maps informal decision-making processes, and understands departmental context.

Ask a generic AI about "Q4 planning" and you get generic results. Ask an AI with Fabric IQ's business language mapping, and it understands Q4 planning means different things in Finance versus Product, knows who owns each initiative, and retrieves relevant context from your specific organizational workflows.

The value proposition: AI that feels like it works at your company, not a generic assistant.

The competitive moat: If Microsoft successfully maps your organizational semantics, switching costs become prohibitive. Your "business language" is locked into Azure.

The unanswered question: How transparent is this semantic mapping? Can you audit what the AI has "learned" about your organization? What prevents misuse of this institutional knowledge?

Foundry IQ: Context Engineering as discipline

Foundry IQ introduces "Context Engineering"—treating the information AI receives as engineered infrastructure rather than ad-hoc prompts.

The insight: Most AI failures aren't model failures, they're context failures. Missing information, irrelevant data pollution, outdated facts. Context Engineering provides tools for systematic context design, versioning, testing, and optimization.

Combined with Fabric IQ's semantic business maps, Context Engineering determines which parts of organizational knowledge become context for AI agents. It's the operational layer that makes "Language of Your Business" actionable.

The emerging role: Context Engineer—specialists who understand both business domains and AI capabilities, responsible for context quality and governance.

The implication: Enterprise AI is maturing from "throw everything in the prompt" to systematic context management.

Microsoft Agent Factory: The integrated platform play

The IQ family—Work IQ, Fabric IQ, Foundry IQ—weren't announced as separate products. They're components of Microsoft Agent Factory, a unified platform that brings all three orchestration layers together under a single commercial offering.

What "one meter" means

"One meter" is Microsoft's term for unified billing and licensing across the entire AI agent stack. Instead of separate contracts for business workflows, data operations, and model management, enterprises get:

Single commercial relationship:

One license covering Work IQ, Fabric IQ, and Foundry IQ
Unified billing across agent orchestration, data preparation, and model operations
Integrated pricing that accounts for the stack working together
No need to negotiate separate contracts for each layer

Single technical platform:

Agents built in Foundry IQ automatically integrate with Work IQ orchestration
Data prepared in Fabric IQ flows seamlessly to Work IQ agents
Context Engineering in Foundry IQ leverages semantic maps from Fabric IQ
The "Language of Your Business" connects all three layers

Single governance framework:

Unified security and compliance controls across the stack
Centralized monitoring and observability for all agent activity
Consolidated audit trails spanning data access, model usage, and business workflows
Consistent identity and access management

Why the platform play matters

For Microsoft:

This is classic enterprise software strategy—sell the integrated stack, not individual components:

Competitive differentiation: AWS and Google Cloud have model platforms; Microsoft has the complete agent factory
Revenue expansion: Customers buying Work IQ need Fabric IQ for data and Foundry IQ for models—platform lock-in by design
Margin protection: Bundled pricing makes it harder to comparison shop individual components
Customer stickiness: Once you've built on Agent Factory, switching costs span your entire AI infrastructure

For enterprises:

The pitch is compelling but carries risks:

Advantages:

Simplified procurement (one vendor, one contract)
Guaranteed interoperability (Microsoft ensures the layers work together)
Unified support (single throat to choke when things break)
Integrated observability (see the entire agent lifecycle in one place)

Concerns:

Complete lock-in: Your business semantics (Fabric IQ), agent logic (Work IQ), and model operations (Foundry IQ) all on Azure
Pricing opacity: "One meter" bundles make it difficult to assess component costs
Innovation pace: Tied to Microsoft's release schedule across all three layers
Vendor dependency: Microsoft's strategic decisions affect your entire AI infrastructure

The competitive positioning

By offering Agent Factory as an integrated platform, Microsoft is making a statement about what enterprise AI requires:

Microsoft's thesis: You can't successfully deploy AI agents with just models and infrastructure. You need:

Business workflow orchestration (Work IQ)
Semantic data understanding (Fabric IQ)
Model operations and context management (Foundry IQ)
All integrated and working together

The implication for competitors:

AWS Bedrock provides model access and some orchestration. Google Vertex AI offers models and ML operations. But neither claims to provide the complete business semantics layer that Fabric IQ promises.

Microsoft is betting that semantic business understanding is the differentiator. If they're right, Agent Factory becomes the platform for enterprises serious about AI transformation. If they're wrong, it's an over-engineered bundle trying to sell things customers don't need.

The "factory" metaphor

Calling it "Agent Factory" isn't accidental. It evokes:

Industrial production: Systematic agent creation, not one-off development
Assembly line efficiency: Standardized components working together
Quality control: Governance and testing built into the process
Scale manufacturing: Producing agents at enterprise volume

But factories also suggest:

Standardization over customization: Does the platform allow enough flexibility?
Vendor equipment: You're buying Microsoft's factory, not building your own
Maintenance dependency: Factories require ongoing vendor support
Retooling costs: Changing factories (platforms) is expensive

What wasn't explained

Pricing model: How does "one meter" actually work? Per-agent pricing? Consumption-based? Enterprise licensing? The pricing structure determines total cost of ownership.

Component optionality: Can you buy just Work IQ without Fabric IQ? Or is the bundle mandatory? Customer choice versus forced bundling matters for procurement.

Migration path: What if you're already using Fabric for data operations but want to add Work IQ? How does existing infrastructure integrate with Agent Factory?

Competitive integration: Can Agent Factory work with non-Microsoft models, data platforms, or orchestration tools? Or is this a closed ecosystem?

Exit strategy: If you decide Agent Factory isn't working, what's the migration path out? Can you export your business semantics, agent configurations, and context engineering?

The bottom line on Agent Factory

Microsoft isn't just selling AI tools—they're selling an integrated production system for business-specific AI agents. Agent Factory is the wrapper that makes Work IQ, Fabric IQ, and Foundry IQ a platform, not just a product portfolio.

Whether this integration is valuable infrastructure or aggressive bundling depends on your perspective. Enterprises that trust Microsoft's vision will see simplified AI operations. Those wary of vendor lock-in will see three dependencies rolled into one inescapable contract.

The "one meter" promise is appealing: simplicity, integration, unified governance. The risk is putting all your AI transformation eggs in one vendor's basket.

Agent 365: The governance control plane

Whilst Work IQ, Fabric IQ, and Foundry IQ provide the agent creation and orchestration infrastructure, Agent 365 serves as the centralized governance and management layer for all AI agents across the enterprise.

What is Agent 365?

Agent 365 extends Microsoft's identity and access management infrastructure—previously focused on managing users—to managing AI agents. It's positioned as the "control plane for agents" that provides enterprise-grade governance at scale.

Core capabilities:

1. Agent Registry

Centralized catalog of all agents in the organization
Track agents being built, imported, and deployed
Visibility into agent ownership, purpose, and dependencies
Lifecycle management (creation, updates, deprecation)

2. Access Control

Limit agent access to only necessary resources
Integration with Microsoft Entra (Azure AD) for identity
Permission boundaries for what agents can access
Role-based access control for agent operations

3. Agent Behavior Visualization

Real-time monitoring of agent activity
Telemetry, dashboards, and alerts in one place
Audit trails for compliance and debugging
Performance metrics and usage analytics

4. Interoperability

Standardized agent communication protocols
Integration with Model Context Protocol (MCP)
Cross-platform agent orchestration
Third-party agent registration and management

5. Security Protection

Integration with Microsoft Defender for threat detection
Integration with Microsoft Purview for data governance
Automated security policy enforcement
Incident response for agent-related security events

Why Agent 365 matters

The enterprise agent sprawl problem:

Without centralized governance, organizations face:

Shadow agents: Departments building agents without IT knowledge
Duplicate efforts: Multiple teams solving the same problems
Security gaps: Agents with excessive permissions or no oversight
Compliance violations: Agents accessing sensitive data inappropriately
Operational blindness: No visibility into what agents are doing

Agent 365 as the solution:

By providing enterprise-wide visibility and control, Agent 365 addresses governance at scale:

IT can see all agents, regardless of where they were built
Security teams can enforce policies consistently
Compliance teams can audit agent behavior
Business leaders can understand agent ROI and usage

Integration with Microsoft 365 admin center

Agent 365 is available through the familiar Microsoft 365 admin center—the same interface IT teams already use for user management. This positioning is strategic:

For IT administrators:

Agents become first-class citizens alongside users
Familiar tools and workflows
Consistent identity and access management
Unified security and compliance controls

The implication: Managing AI agents becomes part of standard IT operations, not a separate discipline requiring new skills or tools.

The Model Context Protocol (MCP) connection

Agent 365's interoperability layer relies heavily on Model Context Protocol (MCP)—an open standard for agent-to-application communication.

What MCP solves:

Traditionally, integrating agents with business applications requires custom connectors:

Different API for every application
Months of integration development
Breaks when APIs change
Doesn't scale across hundreds of apps

MCP standardizes this:

Common protocol for agent-app communication
Agents can call app capabilities (submit approvals, fill forms, retrieve records)
Applications expose capabilities through MCP servers
No custom integration required for each agent-app pair

Announced integrations:

Microsoft Teams channels
GitHub (code operations)
Asana (project management)
Jira (issue tracking)

The significance:

MCP is to agent integration what SMTP was to email—a standard protocol that enables interoperability. If MCP achieves adoption beyond Microsoft's ecosystem, it becomes critical infrastructure for the agent economy.

But there's a catch: Microsoft is both promoting MCP as an "open standard" whilst tightly integrating it with Agent 365. Control the protocol, control the ecosystem.

What Agent 365 reveals about Microsoft's strategy

Agents aren't just tools—they're infrastructure:

By creating Agent 365, Microsoft is declaring that agents require the same governance infrastructure as users. This positions Microsoft as the only vendor treating AI agents as enterprise-grade infrastructure requiring identity, access control, security, and compliance.

The lock-in mechanism:

Once your organization's agents are registered in Agent 365:

Identity and access policies are Azure-native
Audit trails and compliance records are in Microsoft systems
MCP integrations assume Microsoft's protocol implementation
Migration means rebuilding governance infrastructure

The competitive moat:

AWS, Google Cloud, and others provide agent building tools. But do they provide agent governance infrastructure integrated with enterprise identity, security, and compliance systems?

Agent 365 is Microsoft's bet that governance—not just capability—determines which platform wins the enterprise agent market.

The unanswered questions

MCP adoption beyond Microsoft: Will third-party applications and competing platforms adopt MCP? Or will it remain a Microsoft-controlled standard disguised as open protocol?

Agent identity model: How does agent identity work technically? Do agents have service principals? Can they impersonate users? What happens when an agent acts on behalf of multiple users?

Cross-platform agents: Can Agent 365 govern agents built on AWS, Google Cloud, or open-source platforms? Or is it limited to Microsoft-built agents?

Cost model: Is Agent 365 included in existing Microsoft 365 licensing? Per-agent pricing? Consumption-based? The economics determine adoption.

Enforcement capabilities: Can Agent 365 prevent unauthorized agents from running? Or is it just visibility and monitoring without enforcement?

The bottom line

Agent 365 represents Microsoft's clearest statement yet: AI agents aren't just AI, they're identity and access management at scale. By positioning agent governance as an extension of user governance, Microsoft makes the case that enterprises already invested in Microsoft 365, Entra, Defender, and Purview have a natural path to agent adoption.

The question is whether this is genuinely valuable infrastructure or vendor lock-in dressed as governance. Enterprises that trust Microsoft's ecosystem will see Agent 365 as essential. Those seeking vendor-neutral agent deployment will see another dependency on Microsoft's stack.

Model Router: The geopolitical subtext

Microsoft announced support for Anthropic's Claude models alongside existing OpenAI, Meta, Mistral, and notably, a "curated version" of Chinese startup DeepSeek's models.

The Model Router intelligently selects which model handles each request based on cost, capability, and requirements. Simple queries route to cheap models; complex reasoning to frontier models. Automatic failover when models are unavailable.

The surface narrative: Customer choice. Best tool for the job. Platform neutrality.

The geopolitical reality: This looks like Western AI alliance formation—US hyperscalers, US frontier labs, European partners, and controlled access to cost-disruptive Chinese alternatives.

DeepSeek isn't offered raw—it's "curated," implying filtering, controls, and compliance overlays. Microsoft can't compete with DeepSeek's economics directly, so it competes on trust and Western regulatory compliance.

The message to enterprises: "You can have model diversity without geopolitical risk." The question is whether "curated" provides genuine safeguards or plausible deniability.

"Going beyond connectors": The integration gambit

Microsoft's boldest technical claim was that AI agents can "go beyond connectors"—understanding enterprise systems semantically rather than through pre-built API integrations.

A demonstration showed Copilot troubleshooting Cosmos DB performance issues by dynamically analyzing query patterns, inspecting metrics, cross-referencing documentation, and suggesting optimizations—all without pre-mapped connectors.

The pitch: AI-native integration eliminates months of connector development. Agents explore unfamiliar systems and construct appropriate queries. Integration becomes a runtime problem, not a deployment roadblock.

The risk: What happens when semantic integration misunderstands system behavior? Traditional connectors fail predictably; AI-powered integration fails in potentially novel ways. Where's the transparency into routing decisions? Can organizations audit which data sources influenced which recommendations?

If Microsoft delivers on this promise, they remove enterprise AI's biggest adoption barrier. If they don't, "beyond connectors" becomes another oversold capability.

The Zavva fiction: Useful blueprint or strategic distraction?

Throughout Ignite, Microsoft uses "Zavva"—a fictional retail company—as demonstration sandbox. It's smart positioning: providing consistent, relatable use cases that attendees can map to their industries.

But Zavva is perfectly compliant, has clean data, and experiences no regulatory friction. It's the AI transformation equivalent of cooking demonstrations with pre-chopped ingredients.

Real enterprises have decades of technical debt, contradictory data definitions across departments, regulatory constraints that vary by jurisdiction, and organizational politics that resist algorithmic decision-making.

Zavva shows what's possible. It doesn't show what's probable.

What wasn't said

Costs: How much does the IQ family actually cost? Semantic mapping, context engineering, and model routing don't come free. What's the total cost of ownership compared to current approaches?

Failures: What happens when agents make mistakes? Who's liable when algorithmic recommendations cause business harm? Where are the detailed incident response procedures?

Limits: What can't this platform do? Microsoft showcased capabilities but avoided discussing boundaries. Every technology has limits; enterprises need to know where they are.

Competition: How does this compare to AWS Bedrock, Google Vertex AI, or emerging open-source alternatives? Microsoft positioned itself in isolation, which isn't how procurement decisions work.

Lock-in: Once your "Language of Your Business" is mapped into Azure, how portable is it? Can you export semantic maps? What's the migration path if you need to switch platforms?

The verdict: Genuine innovation, incomplete governance

Microsoft's Ignite 2025 keynote revealed a coherent vision for enterprise AI—agents collaborating with humans, semantic business understanding, systematic context management, and intelligent model orchestration.

The technical architecture is impressive. The human-in-the-loop emphasis addresses legitimate adoption concerns. The "IQ family" represents integrated infrastructure, not just rebranded features.

But the Epic healthcare demo—patient surveillance dressed as care optimization—exposes the gap between "Disciplined Acceleration" rhetoric and governance reality. The platform enables powerful capabilities; the ethical guardrails remain theoretical.

Three questions will determine whether this vision succeeds:

Can Microsoft deliver the technical promises? Semantic business mapping, context engineering, and beyond-connectors integration are ambitious. Production reality often differs from conference demos.

Will enterprises embrace the lock-in? The more Microsoft understands your business language, the harder switching becomes. Is the capability worth the dependency?

Does "Discipline" match "Acceleration"? Epic's compliance tracking, "Language of Your Business" institutional knowledge capture, and algorithmic decision-making create surveillance infrastructure. Where are the safeguards against misuse?

Microsoft is building the AI operating system for enterprises that want to move fast without moving recklessly. Whether they've actually solved that paradox or simply made the risks more palatable remains to be seen.

The conference promised intelligence back into AI. The jury is still out on whether wisdom came along for the ride.

What to watch

Zavva throughout Ignite sessions: How Microsoft uses their fictional retail company will reveal which use cases they consider production-ready and where gaps remain.

Beyond connectors implementation details: Semantic integration is either transformative or oversold. Look for specifics on authentication, performance overhead, and what happens when AI misunderstands systems.

Real customer examples: Beyond Epic and Zavva, actual production deployments, lessons learned, ROI data, and candid assessments of what's harder than expected.

Developer experience: The vision sounds compelling for business users. How hard is it to build custom agents, debug multi-agent orchestration, and test human-in-the-loop workflows?

Competitive response: AWS, Google Cloud, and open-source alternatives won't concede enterprise AI. Watch how they counter Microsoft's integrated platform strategy.

Related coverage:

Pre-Conference Preview - Sessions and learning objectives
Building Multi-Agent Systems with Azure AI Foundry
AI Agent Governance
Ignite 2025 Book of News

Analysis from Microsoft Ignite 2025, San Francisco, 18-21 November. Steve Newall is a technical analyst covering enterprise AI and cloud infrastructure.