Description

The average enterprise uses 44% of the Microsoft stack they're paying for.

Denis O'Shea knows because he's measured it — the same 120-point assessment, hundreds of organizations, the number doesn't move. The other 56% is licensed and sitting idle while the same teams buy third-party tools to fill gaps that 365 already covers.

Denis is the founder of Mobile Mentor and has managed 14.5 million enterprise devices across healthcare and financial services. He's seen what the stack looks like from the inside — the sprawl, the overlap, the security tools that got purchased because insurance required it. Never properly deployed.

In this episode, Max and Denis work through the utilization problem, what it actually takes to go passwordless when your legacy apps will fight you, what the Digital Markets Act opened up in your mobile attack surface, and why the best security your employees will ever experience is the kind they never notice.

If you're signing off on a Microsoft renewal in the next 90 days, or your security stack has grown every year and your confidence in it hasn't — this is the episode.

Find your situation. Skip to the answer.

•  We've been trying to go passwordless for two years and it keeps dying with leadership. What's the actual unlock? → 1:14:00
•  My IT team can't move on anything strategic because they're buried in maintenance. What specifically should we eliminate first? → 1:12:00
•  Are we buying tools we already own without realizing it? → 49:45
•  Why do we have 50+ security tools and still struggle to see what's happening in our environment? → 50:00
•  We're still relying on legacy Microsoft infrastructure. What is quietly becoming tomorrow's security risk? → 1:21:00

In this conversation:
00:01 — Why you're paying for technology your employees aren't using
08:00 — BYOD vs. corporate-owned: where companies actually get into trouble
14:00 — What the Digital Markets Act broke in your mobile security model
20:00 — Why mobile threat defense is now a requirement, not an option
28:00 — The ROI problem: how to justify security spend that has no obvious return
33:00 — AI in the wrong hands: what unmanaged devices look like in 2026
41:00 — Why the MDM market is disappearing — and what replaces it
46:00 — The DIY trap: why deploying Intune yourself costs more than you think
50:00 — You're using 44% of your Microsoft stack — and buying tools to cover the rest
51:00 — 52 security tools, mostly siloed: how enterprises accumulated the wrong defenses
55:00 — The manual IT problem: two hours per device, every device, still happening
01:12 — Three things to remove from your IT team's plate this year
01:14 — Why going passwordless is a board decision, not an IT project
01:16 — How to explain passwordless to a non-technical leader without acronyms
01:21 — AI-enabled attacks and why your on-prem infrastructure can't keep up
01:23 — Set your own end-of-life date before Microsoft sets it for you
01:27 — How to sell security investment to a board that doesn't want to hear about it
01:29 — Invisible security: what good looks like when it's working

What We Mentioned:

• Mobile Mentor — mobilementor.com
• Microsoft Intune
• Microsoft Entra / Entra Suite
• Microsoft Defender
• Microsoft Sentinel
• Microsoft Purview
• Microsoft 365 (E3, E5, E7)
• Microsoft Agent 365
• Windows Autopilot
• Active Directory (AD)
• SCCM (System Center Configuration Manager)
• Jamf
• SOTI / Workspace One / Omnissa / AirWatch
• Lookout, Zimperium, Wander (mobile threat defense vendors)
• Digital Markets Act (DMA)
• BYOD (Bring Your Own Device)
• COPE (Corporate Owned, Personally Enabled)
• MDM / UEM / MTD (Mobile Device Management / Unified Endpoint Management / Mobile Threat Defense)
• EDR (Endpoint Detection and Response)
• Zero-touch provisioning
• Hot patching (Windows updates without restart)
• ServiceNow
• Windows 10 end-of-life (October 14, 2025)

About Denis O'Shea

Denis O'Shea is the founder and CEO of Mobile Mentor, a Microsoft-specialized managed services provider that has enabled 14.5 million devices across enterprise clients in healthcare, financial services, and beyond. He spent 15 years at Nokia running operations across seven countries before building a company around a problem he kept seeing: organizations paying for technology they couldn't fully use. He has served on Microsoft's Intune product advisory board and has spent the last decade helping enterprises close the gap between what they bought and what's actually protecting them.

• LinkedIn: https://www.linkedin.com/in/denisosheamobilementor
• Mobile Mentor: mobilementor.com

About the Show

Signed is the podcast for buyers in a market built for sellers. Host Max Clark, CEO of ITBroker.com, sits down with CIOs, CFOs, operators, and founders who've lived inside real enterprise tech deals. New episodes weekly at itbroker.com/podcast. 
If you're in the middle of a real tech decision and want someone in your corner, book an intro call at itbroker.com. 
Buy tech without regret. 
Follow: @itbrokerdotcom

Full Transcript
Click here to view the episode transcript.