In the past 12 months, every technology company has had to answer one question: what is your AI strategy? Many have given vague answers about “exploring opportunities” and “evaluating platforms.” We decided to skip the hand-wringing and commit.
Epic IT has chosen Anthropic’s Claude as our AI platform — for our internal operations, for our client advisory services, and as the foundation of our managed AI services for Perth businesses. This article explains why we made that choice, what it means practically, and how it benefits every business we work with.
Update (April 2026): Since publishing this post, we have written a full three-way comparison of ChatGPT vs Copilot vs Claude for business use, and a deeper look at why Copilot alone is not enough.
There are three major enterprise AI platforms in 2026: OpenAI’s ChatGPT (and Microsoft’s Copilot, which is built on it), Google’s Gemini, and Anthropic’s Claude. We evaluated all three against the criteria that matter for an MSP managing sensitive client environments: data privacy, enterprise security, capability, and alignment with how we work.
Anthropic’s data handling policy is the most conservative in the industry. Claude Enterprise and Team plans operate under a zero-retention policy — your data is not stored after the conversation ends and is never used to train AI models. For an MSP that handles sensitive client data across hundreds of businesses, this is not a nice-to-have. It is a requirement.
Compare this to consumer-tier AI tools where conversations are stored, analysed, and potentially used for model training. Many of the shadow AI incidents we discover during client audits involve staff pasting confidential data into consumer AI platforms with no understanding of where that data goes.
Claude’s enterprise offering integrates with Microsoft Entra ID (Azure AD) for single sign-on and supports granular admin controls: workspace management, team structures, usage quotas, and audit logging. This means we can deploy Claude within a client’s existing security framework — the same Conditional Access policies, the same identity management, the same compliance boundary.
For businesses already on our cybersecurity programme, adding Claude is an extension of their existing security posture, not a separate uncontrolled system.
Claude’s enterprise market share grew from 18% to 40% in under two years. It holds 54% of the AI coding market. Goldman Sachs chose Claude to automate accounting and compliance functions. Allianz, one of the world’s largest insurers, selected Claude for enterprise-wide deployment. These are organisations with extreme data sensitivity and regulatory obligations — the same profile as our clients.
More importantly for our work, Claude excels at the tasks that matter in business operations: document analysis, financial modelling, compliance review, data extraction, and structured content creation. It is built for work, not for generating images or writing poetry.
We are not asking our clients to do anything we have not already done ourselves. Here is how Claude is integrated into Epic IT’s operations today.
Service delivery: Claude assists our IT support engineers with ticket triage, root cause analysis, and documentation. When a complex issue comes in, our team can query Claude with the relevant technical context and get diagnostic suggestions in seconds rather than spending 20 minutes searching knowledge bases manually.
Security analysis: We use Claude to analyse security logs, identify anomalies, and draft incident reports. It accelerates the investigative work that previously required senior engineers for every alert.
Client reporting: Our compliance dashboards, QBR presentations, and security assessments are all built with Claude assistance — pulling data from multiple sources, identifying trends, and generating clear narratives that translate technical metrics into business language.
Content and documentation: Internal processes, client-facing guides, policy templates, and technical documentation are all accelerated through Claude. What used to take a day of writing takes an hour of editing.
The result is a team that operates at a higher level. Our engineers spend less time on routine research and documentation and more time on complex problem-solving and client relationships.
Here is the reality for every Perth business in 2026: your staff are already using AI. The question is whether they are using it safely, whether it is connected to your actual business systems, and whether it is creating value or just creating risk.
Our audits consistently find that 40% to 60% of knowledge workers in a typical Perth business are using AI tools — primarily consumer-grade ChatGPT — without any organisational oversight. They are pasting client emails, financial data, HR information, and strategic documents into AI platforms that store, analyse, and potentially train on that data. This is not a hypothetical risk. It is a data governance failure happening right now in businesses that think they have their cybersecurity under control.
We built our AI services to close that gap and go further — giving businesses access to AI agents that connect directly to the platforms they already use, with proper governance, security, and management in place. The model has three layers: AI Governance as the foundation, Managed AI for businesses ready to deploy AI workflows, and Custom AI Development for businesses that need bespoke solutions beyond the standard library.
Before a single AI agent touches your environment, we establish governance. This is not optional — it is a standalone service tier and the foundation that every AI deployment is built on. AI Governance requires an active Managed IT Services agreement with Epic IT.
The approach starts with enforcement. We deploy deny-by-default blocking across your organisation so that every unsanctioned AI tool — free ChatGPT, DeepSeek, and the dozens of others your staff have found — is blocked immediately. Staff can only access the AI tools you have explicitly approved. This is not a policy document telling people to behave. It is a technical control that makes unapproved usage impossible on managed devices and across your corporate network.
From there, we govern how approved tools interact with your data. When your organisation adopts ChatGPT Enterprise or Microsoft Copilot, those tools inherit your existing Microsoft 365 permissions — staff can only access data they are already allowed to see. But here is the problem most businesses miss: the permission gaps already exist. AI does not create new vulnerabilities so much as it makes existing ones trivially easy to exploit. A quick M365 permissions review and governance foundation ensures data stays where it should before AI tools go live.
Every client starts with a structured onboarding engagement that delivers an AI discovery audit identifying all AI tools in use including shadow AI, a client-branded AI acceptable use policy, a data classification framework defining what data can and cannot be used with AI tools, an AI tool vetting register, staff AI awareness training, and the initial technical baseline for enforcement and monitoring.
The ongoing managed service covers AI tool blocking and exception management, shadow AI discovery and monitoring, AI usage reporting, incident escalation for governance alerts and bypass attempts, and quarterly AI governance reviews for your leadership team.
As your AI maturity grows, we layer on additional controls: enhanced cloud app discovery and risk scoring, data loss prevention policies that warn or block staff from pasting sensitive information into AI tools, sensitivity labelling so confidential documents cannot be uploaded to AI platforms, compliance audit trails, and browser-level controls that enforce corporate identity before any AI interaction is permitted. Each layer is independently deployable — you add what you need, when you need it.
This governance layer is what separates managed AI from the uncontrolled AI experimentation happening in most organisations. It also positions your business to meet emerging Australian regulatory requirements around AI use, including the frameworks being developed through the National AI Ethics Principles and ISO 42001 — the international standard for AI management systems.
Our AI services are structured as progressive layers. Every client starts with AI Governance — the foundation. From there, you choose how you want to build: Managed AI if your team wants hands-on control, or Custom AI Development if you need bespoke solutions built to your specifications. Each tier includes everything in the layers before it.
| What you get | AI Governance (Foundation) | + Managed AI | + Custom AI Development |
|---|---|---|---|
| Enforcement and access control | |||
| MSA prerequisite | ✔ | ✔ | ✔ |
| Deny-by-default blocking of unsanctioned AI tools | ✔ | ✔ | ✔ |
| M365 permissions governance for approved AI tools | ✔ | ✔ | ✔ |
| AI governance policy suite | |||
| AI acceptable use policy | ✔ | ✔ | ✔ |
| Discovery and monitoring | |||
| Shadow AI discovery and monitoring | ✔ | ✔ | ✔ |
| Staff awareness training | ✔ | ✔ | ✔ |
| AI usage reporting and analytics | ✔ | ✔ | ✔ |
| Quarterly governance review | ✔ | ✔ | ✔ |
| Data protection (layered, added as AI maturity grows) | |||
| Layered data protection (DLP, sensitivity labels, audit trails) | ✔ | ✔ | ✔ |
| Managed AI platform | |||
| Secure AI platform and integrations | ✔ | ✔ | |
| Pre-built integration library | ✔ | ✔ | |
| Deployment gate and security review | ✔ | ✔ | |
| Monthly platform review | ✔ | ✔ | |
| Ongoing platform management | ✔ | ✔ | |
| Custom development | |||
| Business process analysis | ✔ | ||
| Custom code and data pipelines | ✔ | ||
| Monthly steering committee | ✔ | ||
| Ongoing development and expansion | ✔ | ||
| AI security scenario simulations | ✔ | ||
| Who builds the workflows | N/A | Your team | Our engineers |
Many businesses start with AI Governance alone — getting visibility and control over shadow AI before deploying any new tools. Others move straight to Managed AI or Custom AI Development because they are ready to act. There is no wrong starting point — every tier delivers value from day one, and you can move between them as your needs evolve. Read our full AI services guide for a detailed breakdown of each tier.
The SaaS industry is in freefall because investors have realised that AI is not a feature you bolt onto existing software — it is a platform shift that changes how work gets done. The SaaSpocalypse has wiped nearly a trillion dollars from software stocks in weeks. Asana, DocuSign, LegalZoom, Thomson Reuters — companies that built their businesses on specific software functions — are being repriced because AI can now perform those same functions.
For managed service providers, this is not a disruption story. It is a growth story. Every business that consolidates SaaS subscriptions needs someone to manage the transition. Every business that deploys AI needs governance. Every business that wants to adopt AI safely needs a technology partner who has already done it.
We chose to be that partner. We chose Claude because it is the right platform. And we built managed AI services because our clients need them — whether they know it yet or not.
If you are a Perth business owner or IT leader reading this — whether you are evaluating IT companies in Perth or reviewing your current provider — here are three things to do this month.
Find out what AI your staff are already using. The answer will surprise you. Consumer AI tools are being used across every department, often with sensitive company data. Our AI governance onboarding includes a full shadow AI discovery that maps every tool in use across your environment. You need visibility before you can manage it.
Establish an AI acceptable use policy. Even a basic document that defines what tools are approved, what data is off-limits, and who is responsible creates a governance baseline that did not exist before. Pair it with technical enforcement — a policy without blocking is just a suggestion.
Talk to your MSP about their AI strategy. If your technology partner cannot articulate how they are using AI, how they plan to help you adopt it, and how they will govern it — that is a gap in a relationship that is supposed to be strategic. Ask them how they block unsanctioned AI tools, how they govern M365 permissions before AI deployment, and whether they can point to a real governance framework. If the answer is vague, that tells you something.
At Epic IT, we welcome these conversations. Contact us on 1300 EPIC IT to talk about where AI fits in your business.
Claude offers the strongest data privacy position in the industry with zero-retention policies, integrates with Microsoft Entra ID for enterprise security, and excels at document analysis, compliance review, and structured content tasks. For an MSP managing sensitive client environments, these capabilities made Claude the clear choice over Copilot and ChatGPT.
Yes. Claude Enterprise and Team plans operate under a zero-retention policy. Your data is not stored after the conversation ends and is never used to train AI models. Every AI agent we deploy operates within scoped permissions, accessing only the data it has been explicitly authorised to reach, with all actions logged for audit purposes.
AI Governance starts with deny-by-default blocking of all unsanctioned AI tools, so staff can only access what you have approved. From there, we establish M365 permissions governance, an AI acceptable use policy, shadow AI discovery and monitoring, staff awareness training, AI usage reporting, and quarterly governance reviews. As your AI maturity grows, we layer on data loss prevention, sensitivity labelling, compliance audit trails, and browser-level identity enforcement.
AI Governance is the foundation — enforcement, permissions governance, shadow AI discovery, and quarterly reviews. Managed AI adds a secure platform with pre-built integrations and monthly reviews where your team builds the workflows. Custom AI Development adds dedicated engineering capacity for bespoke solutions: custom code, data pipelines, and purpose-built applications, with a monthly steering committee.
AI Governance requires an active Managed IT Services agreement with Epic IT. There is no separate cybersecurity prerequisite to get started — the governance foundation itself includes technical enforcement controls. As your AI usage matures, we recommend layering in additional data protection capabilities that align with your broader cybersecurity programme.
Most businesses discover that 40 to 60 percent of knowledge workers are already using consumer AI tools without oversight. Our AI governance onboarding includes a shadow AI discovery that maps every tool in use across your organisation. Contact us on 1300 EPIC IT to get started.
At Epic IT, our specialists focus on long-term solutions for your business.
Our 90-day guarantee is simple: if you’re not satisfied, we’ll refund your onboarding fee and give you $5K. Contact us today!
Call Us
1300 EPIC IT
Email Us
info@epicit.com.au
Perth HQ
HQ – Unit 2, 62 Angove Street North Perth WA
Queensland Office
12 The Cct, Brisbane Airport QLD
Sydney Office
Unit 3, 104 Anglesea Street, Bondi NSW
Want to know more? Find our Privacy Policy and Terms of Use.
