For many SMEs, the concept of a "modern workplace" still feels tied to infrastructure. Conversations often focus on servers, storage capacity, VPN access and hardware refresh cycles. While these elements once defined IT strategy, the centre of gravity has shifted. Today, the modern workplace isn't built around physical infrastructure. It's built around identity. Understanding that shift is essential for any organisation looking to improve productivity, strengthen security and fully leverage Microsoft 365.
Traditional it environments were perimeter-based. Security revolved around a physical location: the office network. If you were inside it, you were trusted. If you were outside it, you connect through a VPN to gain access.
Files typically lived on on-premise servers. Access was often granted at a folder level, and collaboration required being connected to the network. When employees left the business, access removal depended on manual processes that were sometimes inconsistent.
This model worked when work happened primarily in one place. It becomes far less effective when teams are distributed across homes, offices and client sites.
Hybrid working exposed the limitations of perimeter-based thinking.
In a modern Microsoft 365 environment, identity replaces the perimeter. Instead of asking "Are you on the office network?", the system asks:
Access decisions are made based on user identity and context
rather than location.
This is why tools like Microsoft Entra ID (formerly Azure AD), multi-factor authentication (MFA) and conditional access policies are so central to a modern workplace. They determine how, when and from where users can access data.
When configured correctly, identity-led security provides flexibility without sacrificing control. Employees can work from anywhere, but access remains tightly governed.
Many SMEs have moved their files to SharePoint or Teams but have not fully embraced identity-based thinking. The tools are in place, yet security settings may not reflect how the business actually operates.
Common gaps include:
These issues do not usually stem from negligence. They arise because the shift from infrastructure to identity is subtle. It requires a mindset change as much as a technical one.
A modern workplace treats identity as the foundation of security and collaboration.
Identity is not just a security concept. It directly affects user experience.
When identity and access are configured properly:
When identity management is inconsistent, friction increases. Users encounter unexpected access issues, files are shared too broadly “just in case”, and administrators spend time manually resolving permission problems.
A structured, identity-led approach reduces both risk and inefficiency.
One of the clearest indicators of identity maturity is what happens when someone leaves the organisation.
In a legacy environment, removing access often required checking multiple systems and shared drives. In a modern, identity-driven setup, disabling the user account removes access across Microsoft 365 automatically.
However, the process does not end there. Modern workplace governance also considers:
If these processes are unclear or manual, it signals an opportunity to strengthen identity governance.
As organisations adopt AI tools such as Microsoft Copilot, identity becomes even more critical.
AI respects permissions. It can only surface information a user is already authorised to see. If permissions are misaligned – too open or too restrictive – the outputs can be limited or expose unintended data.
An identity-led foundation ensures that AI enhances productivity without introducing unnecessary risk. Clean role-based access and structured data environments allow AI to operate confidently and securely.
Without that foundation, AI adoption may stall or create compliance concerns.
Simply migrating to Microsoft 365 does not complete the journey to a modern workplace. The real transformation occurs when organisations shift from infrastructure-based thinking to identity-based design.
This includes:
These are not dramatic changes, but they have significant impact. They enable flexible working while maintaining control. They reduce administrative overhead. They strengthen resilience against modern cyber threats.
The evolution from servers to identity reflects a broader shift: from reactive IT to intentional design.
A modern workplace doesn’t emerge organically. It’s structured around how the business operates, who needs access to what, and how collaboration should happen securely.
For SMEs across Manchester and the North West, this presents a strategic opportunity. Rather than adding more technology, the focus should be on optimising what already exists – aligning identity, structure and security so the environment works as a cohesive whole.
The perimeter has moved. Identity is now the control layer.
Understanding that shift is key to building a workplace that is not just hybrid, but genuinely modern.
If you are unsure whether your Microsoft 365 environment is truly identity-led, a structured review can provide clarity. Apex’s Modern Workplace Review assesses identity configuration, access controls, file structure and governance processes, highlighting practical improvements that strengthen both productivity and security.