The world’s most widely used enterprise platform is now so complex that one in five organisations say it is almost impossible to manage securely
WASHINGTON, DC, UNITED STATES, March 5, 2026 /EINPresswire.com/ — Nearly half of large organisations (45%) have experienced a security or compliance incident caused by a Microsoft 365 misconfiguration, in the past 12 months, according to new research from CoreView, the global leader in Microsoft 365 tenant resilience.
The research finds that Microsoft 365 – used by over 2 million companies globally – has expanded so rapidly in scope and complexity that one in five organisations now say it is almost impossible to manage and secure at an enterprise scale. The UK reports the highest (27%), followed by the US (24%), Germany (10%) and Australia (8%).
To make managing Microsoft 365 easier, businesses are turning to AI. More than half of organisations (51%) have reversed AI-driven changes within Microsoft 365 due to security or governance concerns – including 64% in the UK, 52% in Australia, 46% in Germany and 40% in the US. Yet 70% of IT leaders say AI-driven administration would be valuable, underscoring the pressure to automate environments already struggling with complexity and control.
The report highlights seven key risk areas for organisations using Microsoft 365 as business-critical infrastructure.
1. More than four in five businesses say Microsoft 365 is a severe operational burden
82% of IT leaders describe managing Microsoft 365 as a severe operational burden – 85% in the UK, 83% in the US, 74% in Germany and 70% in Australia. And, more than one-third say the platform has become significantly more complex and resource-intensive over the past two years.
2. Organisations face more than 140,000 failed login attempts every week
Failed login attempts to Microsoft 365 average 140,443 per week per organisation, creating sustained operational pressure for IT teams and increasing the volume of potential security events requiring review.
3. Nearly half of organisations lack full control over their Microsoft 365 environment
Nearly half (45%) of organisations globally say they don’t have full visibility and control over their Microsoft 365 environment. The figure rises to 52% in the UK, compared with 47% in the US, 32% in Australia, and 24% in Germany. This reduced visibility forces greater reliance on manual oversight and reactive intervention.
4. Almost nine in ten don’t have blanket basic security controls that scale
CoreView’s analysis of 1.6 million Microsoft 365 users shows 90% of organisations struggle to enforce even basic security controls including password policies and failed login monitoring. Almost nine in ten (87%) organisations had at least some administrators operating without multi-factor authentication (MFA), and it is not enabled for 28% of administrators and 7% of users.
5. Governance problems are often only surfaced during audits or regulatory scrutiny
Governance gaps are often identified retrospectively, rather than prevented in real time. 43% of organisations globally report failed or delayed audits caused by slow, incomplete, or manual Microsoft 365 reporting, with issues surfaced only during audits or regulatory scrutiny. Rates are highest in Germany (46%) and Australia (44%), followed by the US (43%) and the UK (42%).
6. Security concerns have prompted AI resistance from the C-Suite
One-quarter (24%) of IT leaders say they are facing resistance from their C-suite over AI adoption due to security concerns. The figure rises to 34% in Germany and 32% in the US, and 28% in Australia, while just 13% of UK respondents report similar resistance.
7. Nearly half are concerned that AI could act without oversight
Although nearly half (45%) of organisations plan to replace legacy tools with AI-augmented solutions in the next 24 months, concerns remain. 46% are worried about AI acting without oversight, and 45% say success depends on AI actions being traceable and explainable.
“AI is being deployed into environments that aren’t ready for it,” said Andrea Sivieri, Chief Product & Technology Officer, CoreView. “Microsoft 365 has become operationally overwhelming, and organisations are turning to automation to cope. But when governance and security controls aren’t already in place, AI doesn’t fix the problem, it accelerates it. Without structure and guardrails, automation moves risk into production faster than teams can pull it back.”
ENDS
About CoreView
CoreView is the leading SaaS platform for Microsoft 365 Tenant Resilience.
About the research
The research is based on a survey of 500 IT leaders at large organisations with more than 1,000 Microsoft 365 users.
Coreview
3THINKRS
coreview@3thinkrs.com
Visit us on social media:
LinkedIn
Legal Disclaimer:
EIN Presswire provides this news content “as is” without warranty of any kind. We do not accept any responsibility or liability
for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this
article. If you have any complaints or copyright issues related to this article, kindly contact the author above.
