The post Why Starting Small is the Smartest Way to Scale AI appeared first on Thrive.

As OpenText vice-president of business development Mike DePalma noted recently, the channel has often found itself in Twain’s position. He pointed out that analysts had forecast online marketplaces would displace the need for channel relationships, but claimed their remarks only proved they “don’t understand the channel”.

The post The need for the human touch in an AI-dominated world appeared first on Thrive.

In January, he officially stepped into the top financial job at IT managed services and cybersecurity provider Thrive, a business that his former employer invested in. Kosovsky, who got his start as an accountant at Deloitte, sees Thrive as a leader in “what is today a very fragmented marketplace” for IT services.

The post Thrive CFO on standing out in a ‘fragmented’ IT marketplace appeared first on Thrive.

Almost everyone feels the pressure to use AI – they’re just not sure what to do, where to start or where the greatest value lies. The desire to move at pace, however, is risky. Lacking any real structure to their approach, organisations end up with a form of tech chaos and compliance problems.

The post Before you run with AI, you must crawl the hard yards and learn to walk appeared first on Thrive.

AgRevolution arrived in the agricultural equipment industry with bold intentions. Founded in January 2021 and based in Evansville, Indiana, the company was built on a mission to fill market gaps left by competitors exiting the agricultural space. As of early 2026, there are 12 brick-and-mortar locations across Indiana, Kentucky, Southern Illinois, and Ohio, supporting a fleet of 61 mobile service trucks and a team of over 100 field personnel.

At the helm is Stacy Anthony, CEO of AgRevolution. With 27 years of experience in agricultural equipment, including a specialization in rebuilding distressed dealerships and leading an international export operation across dozens of countries, Stacy brought a wealth of industry knowledge to his new venture. His expertise in organizational transformation and growth strategy would prove essential as AgRevolution carved out its market position, representing a full portfolio of brands.

“We wanted to do something drastically different,” Stacy recalls. “We asked our farmers and customers what the next generational relationship between farmer and dealer would look like. What we heard was clear: they want to transact closer to the point and place where they choose to do business—on their farm, at the farm gate.”

Taking it to the Streets

AgRevolution’s challenge was twofold: enter a market dominated for nearly 200 years by entrenched players and do it with a fundamentally different operational model. Rather than relying solely on brick-and-mortar dealership locations, the company envisioned flipping the traditional model 180 degrees. Everything farmers were accustomed to handling inside a dealership building would now be available at their farm gate and front porch.

This vision required mobile-first operations. With approximately 90% of AgRevolution’s business model centered on mobile service delivery, the company needed technology infrastructure that could support field teams working across a broad geography without relying on traditional office-based networks. Technicians needed real-time access to parts information, service requests, and customer data while on the road. Mobile sales teams needed to facilitate online tractor orders at the farm. This mobile-centric approach demanded a tech partner who understood both the technical challenges and the business realities of modern agricultural distribution.

Initially working with a different provider, AgRev found itself struggling. The frustration ran deep: phones weren’t working reliably, the network was unreliable, and most critically, the support felt absent. As Stacy describes it, “We were frustrated. We were on an island by ourselves without support, without solutions, and without a true partner that understood our business and really helped us think about being able to grow.”

The situation was particularly challenging because network infrastructure wasn’t AgRevolution’s core competency. As a dealership, the company knew agriculture, equipment, customer relationships, and field operations, not cloud architecture, network management, or cybersecurity protocols. This vulnerability created a pressing need to partner with someone who could not only deliver technology but provide the strategic guidance and responsive support that a fast-growing, regionally expanding business demanded.

The search for a new partner began with research and personal connections. After meeting Thrive at the VitalEdge IntelliDealer Conference and seeing their name resurface during due diligence, AgRev began serious conversations with Thrive’s leadership.

Partnership as a Differentiator

What distinguished Thrive from other technology providers wasn’t just feature parity, it was a fundamentally different approach to partnership. From the first meetings, the focus was on understanding AgRevolution’s business model, not imposing a generic technology stack.

“The people side of the business when we first met them was just an amazing experience,” Stacy remembers. “And then they backed it up with the service and speed to solutions. If there’s anybody we enjoy seeing walk through that door, having a meeting with, it’s somebody from Thrive. They’re true friends in our business.”

Thrive moved quickly with AgRevolution. Just a couple of weeks passed between signing the contract and the first scheduled installation—an accelerated timeline that exceeded expectations. More importantly, it reflected Thrive’s understanding that delays cost AgRevolution money and put pressure on its most valuable asset: customer relationships.

Beyond responsiveness, Thrive addressed the core vulnerabilities that AgRevolution identified. The company needed:

• „ Reliable mobile network infrastructure that could support 90% field-based operations across multiple states
• „ Digital solutions at the farm gate that would enable parts ordering, service requests, and equipment transactions from anywhere
• „ Robust cybersecurity safeguards with proactive employee training, not just behind-the-scenes protection
• „ A streamlined ticketing system that routed support requests directly to the right person on the first contact

Thrive delivered on all fronts. They implemented a cloud-based infrastructure designed for mobile-first operations and embedded their technology across AgRevolution’s entire enterprise, from office administration to field service trucks. Understanding the risks of widespread mobile field operations, Thrive provided transparency into cybersecurity measures and led proactive training initiatives so AgRev’s field teams became active participants in protecting the business rather than passive vulnerabilities.

Stacy shares his insight into the security transformation, “Before, we were victims of cyber activity, and it wasn’t fun. It disrupted business. Now we feel that the transparency of cybersecurity, and not only that, but the training that follows up, makes our people actively involved in securing the
future. When you see that embedded into your organization, you start to lower your anxiety and elevate your confidence that you have
the right partner.”

Measurable Transformation

The results speak to the power of the partnership. Within months of transitioning to Thrive, AgRevolution’s entire workforce, especially the mobile technicians and field sales representatives, noticed a dramatic shift. What had been a persistent frustration became a competitive advantage.

On support responsiveness, the improvements are quantifiable. Stacy points to one metric in particular: ticketing system accessibility. “The response time is 1000% better than what we’ve ever experienced before. And instead of solutions going on for days, weeks, and months, it’s minutes and hours. That’s by far been the biggest shoutout we could give to Thrive.”

The network and connectivity issues that had plagued the previous provider seemingly vanished. “Everybody is celebrating the transition to Thrive because the phones weren’t working, the network wasn’t working, the frustration of calling and getting no solutions… all of that went away once we switched to Thrive. We now have 0 complaints,” Stacy shares.

From an operational standpoint, Thrive’s infrastructure has become seamlessly embedded across the enterprise. “There’s nothing that we have that’s not connected to Thrive,” emphasizes Stacy. Field technicians can pull parts to their mobile trucks without coming to the dealership, optimizing their time management and getting to jobs faster. Sales teams can facilitate equipment purchases from the farm. Administrative teams have reliable office connectivity. The entire business now runs as an integrated unit rather than a collection of disconnected locations and mobile units struggling against unreliable infrastructure.

Perhaps most importantly, Thrive enabled AgRevolution to think about growth again. That ‘island’ feeling, where the company struggled alone without a true technology guide, transformed into confidence. With reliable infrastructure, responsive support, and proactive security guidance, AgRevolution could focus on what it does best: serving farmers and dealers.

“Response time is 1000% better than we’ve ever experienced. Instead of solutions taking days, weeks, and months, it’s minutes and hours. Thrive is an absolute in business today—they outpace any competitive partner you could consider.” – Stacy Anthony, CEO, AgRevolution

About Thrive

Thrive is a NextGen global technology outsourcing provider that empowers small and mid-market organizations to transform their technology into a strategic advantage. Offering a breadth of services from AI and cybersecurity to cloud, compliance, and traditional MSP/MSSP solutions, Thrive’s team of seasoned experts develop strategies that standardize, scale, and automate technology to achieve outsized ROI. From advisory services to a 24×7×365 SOC and NOC, Thrive provides end-to-end IT and cybersecurity management so clients can focus on innovation and growth. With Thrive, your business is always supported and always secure. Learn more at www.thrivenextgen.com or follow us on LinkedIn.

The post From Island to Partner: AgRevolution’s Growth Through Strategic Technology Alignment appeared first on Thrive.

VGC is a leading recruitment partner to the UK infrastructure industry with a commitment to upholding the highest standards in delivery, sustainability, collaboration, innovation, and ethical business. They play an integral role in uniting talent and expertise to deliver successful results on critical projects. As VGC continued to grow, the complexity of managing IT operations internally became increasingly challenging.

Embracing Next-Generation IT Solutions

With a small IT team, they faced limitations in keeping up with rapidly advancing technology and the demands of modern infrastructure projects. “We realised that partnering with a next-generation IT provider could bring us the expertise and innovation we needed,” Chris Hoyle, Finance Director, explains. The decision to outsource was driven by the desire to access cutting-edge technology and specialised knowledge that an in-house team of four could not provide. “It’s about having access to a broader range of skills and proactive support that anticipates our needs before they become issues,” Chris adds.

Collaboration for the Best Fit

The introduction to Thrive came through a trusted broker, Cleartec, who recognised the synergy between VGC’s needs and Thrive’s capabilities. The selection process was made easier by Thrive’s reputation for trustworthiness and their ability to engage in meaningful, pressure-free conversations. “Their team was patient and willing to answer all our questions, which gave us confidence in their ability to be a true partner,” Chris emphasises, highlighting that trust and understanding were key to choosing Thrive as their IT partner.

Russell Amos, Managing Director at Cleartec, shared, “The whole process was smooth. We made the introduction and Thrive offered support from sales through implementation. The project management team took care of a lot, and VGC was very happy.” Satisfied with this success story, Cleartec continues to facilitate introductions to Thrive as opportunities become available.

Thrive’s consultative approach meant that VGC could benefit from tailored strategies that aligned with their business goals. “We were looking for a partner who could provide not just support, but strategic guidance and innovation,” Chris notes. This partnership allowed VGC to focus on their core competencies while ensuring their IT infrastructure was robust and secure.

Thrive’s Role in VGC’s IT Transformation

Thrive’s engagement with VGC began with a thorough IT Operations Assessment to identify areas for improvement and opportunities for innovation. “Thrive has allowed us to focus on more value-add projects within the business,” Chris highlights. “It’s more than just support; it’s having the confidence that a bigger group of professionals is looking after our business, allowing us to focus on what we do best,” he continued. By taking over routine IT operations, Thrive enabled VGC to concentrate on strategic digital transformation initiatives, and their proactive support ensured that VGC’s systems were not only secure but also aligned with the latest technological advancements. “It’s been a relief knowing that our cybersecurity and infrastructure are in capable hands,” Chris adds, emphasizing the peace of mind that Thrive’s expertise brings.

Building a Foundation of Trust and Collaboration

The partnership between VGC and Thrive is rooted in trust and effective communication. Regular interactions with their account manager, and other UK-based members of the Thrive team reinforce this trust. Chris shares, “It’s reassuring to have regular access to the team and know they’re always there to support us.” This relationship has been instrumental in ensuring that VGC’s IT strategy is not only responsive but also anticipatory of future needs. “Thrive’s proactive support means we’re not just reacting to issues; we’re planning for the future,” Chris says, highlighting the strategic advantage their partnership provides.

A Partnership for the Future

The collaboration between VGC and Thrive exemplifies how strategic outsourcing can lead to significant efficiency and security gains without sacrificing control. Thrive’s consultative approach and commitment to proactive support have empowered VGC to focus on core business objectives while ensuring robust IT operations. As Chris Hoyle puts it, “Having all our IT functions managed under one roof by a team available 24/7 gives us the confidence that we’re backed by a well-renowned global IT company.”

“We were introduced to Thrive by our contact at Cleartec, who knew our business well and believed in their potential to meet our needs.” – Chris Hoyle, Finance Director, VGC

About Thrive

Thrive is a NextGen global technology outsourcing provider that empowers small and mid-market organizations to transform their technology into a strategic advantage. Offering a breadth of services from AI and cybersecurity to cloud, compliance, and traditional MSP/MSSP solutions, Thrive’s team of seasoned experts develop strategies that standardize, scale, and automate technology to achieve outsized ROI. From advisory services to a 24×7×365 SOC and NOC, Thrive provides end-to-end IT and cybersecurity management so clients can focus on innovation and growth. With Thrive, your business is always supported and always secure. Learn more at www.thrivenextgen.com or follow us on LinkedIn.

The post A Leading Recruitment Agency Transforms IT Operations with Thrive appeared first on Thrive.

State-aligned threat actors are working through supply chains, exploiting business relationships and targeting the technology that organisations depend on every day.

The post British businesses are being dragged into cyber wars they never signed up for appeared first on Thrive.

The post Thrive Takes Enterprise ITSM Downmarket With TransformIT AI Workflows appeared first on Thrive.

As organizations adopt new capabilities like Microsoft Copilot, the critical role of governance becomes even more evident. AI highlights the strengths and weaknesses of governance frameworks but does not replace the need for governance itself. The essential work remains: ensuring data, structure, access, and lifecycle management are maintained in a sustainable manner.

This article presents Thrive’s contemporary approach to Microsoft 365 governance—one that is flexible, pragmatic, and aims for enduring success.

1. Governance Starts With What the Business Needs

Effective governance is outcome-driven, not just a matter of setting rules. Organizations must first identify the problems they need to solve before implementing labels, policies, or controls. Common goals include reducing oversharing and permission sprawl, improving search relevance and content findability, ensuring consistent protection of sensitive data, supporting compliance and retention requirements, minimizing clutter and storage costs, and establishing a strong foundation for automation and AI. When governance strategies align with business outcomes, they are simpler to implement and more likely to be adopted by users.

2. Data Is the Foundation

At the core of governance discussions is data: not just where it is stored, but how it is organized, secured, and maintained. Organizations struggling with governance often face issues such as multiple versions of files, outdated content resurging as current, sensitive data stored incorrectly, abandoned SharePoint sites, teams with unclear purposes, unmanaged guest access, and a lack of metadata or lifecycle structure. Effective governance addresses these problems by establishing clear locations for authoritative content, standardized information architecture, metadata that enhances search and reporting, labeling aligned to data sensitivity, lifecycle policies to minimize clutter, and consistent sharing and access patterns. A robust data foundation enables better collaboration, compliance, security, and AI functionality.

3. Establish a Source of Truth & Reduce Sprawl

Reducing unnecessary sprawl is one of the most impactful steps in governance. This involves identifying which sites, Teams, and libraries are current, which can be archived or retired, and determining where the primary version of each content type should reside. Implementing a simple and sustainable lifecycle—Active, Closeout, Archive—helps keep the environment organized. In the Active phase, content is collaboratively created and edited. During Closeout, content is finalized, labeled, and structured. In the Archive phase, content is retained for long-term access with minimal editing. This lifecycle improves search results, reduces risks, and significantly enhances the user experience.

4. Clarify Ownership and Roles

Governance is only effective when responsibilities are clearly defined and intentionally shared. A three-role model clarifies these responsibilities:

• Owners: Business or content leaders responsible for accuracy, classification, and lifecycle management.
• Managers: IT or platform teams ensuring configurations, label policies, lifecycle management, and controls are applied.
• Consumers: Users and external collaborators who require access to perform their work.

This model prevents confusion over content maintenance, access approvals, and governance decision-making.

5. Build the Microsoft 365 Execution Layer

Modern Microsoft 365 governance relies on several key components:

• Information Architecture: Designing Teams and SharePoint sites to reflect the organization’s actual workflows rather than legacy folder structures.
• Metadata & Taxonomy: Implementing consistent naming, columns, and managed metadata to enhance information categorization, discovery, and retention.
• Sensitivity Labels: Utilizing Microsoft Purview sensitivity labels at various levels, including site/group, library default, item-level, and auto-labeling for policy enforcement at scale. Note that SharePoint does not support folder-level sensitivity labels.
• Policies & Settings: Configuring external sharing settings, guest lifecycles, access reviews, default sharing link behaviors, and conditional access for sensitive content to ensure security and proper access management.

These components collectively maintain security and access hygiene throughout the environment.

6. AI and Copilot: Governance Comes First

AI should be regarded as a consumer of existing governance frameworks, not the impetus for them. However, AI introduces new considerations. Tools like Copilot function best and most securely when data is accurately labeled, access is properly managed, sensitive content is protected, outdated content is archived, and SharePoint sprawl is minimized. Organizations can use features like Restricted SharePoint Search (RSS) and Restricted Content Discoverability (RCD) to control what Copilot and search can access during readiness phases. Data Loss Prevention (DLP) can prevent labeled content from being used as grounding and block prompts containing sensitive data as new capabilities are released. Copilot activity logs provide visibility into which files users access through AI, where governance adjustments may be needed, and how AI interacts with the environment. These features support, but do not replace, broader governance efforts.

7. A Crawl / Walk / Run Path to Modern Governance

Organizations can progress toward sustainable governance through a phased approach:

• Crawl – Stabilize: Identify sources of truth, clean up oversharing and sprawl, establish naming conventions and metadata basics, roll out core labels and baseline DLP, and define roles for ownership, management, and consumers.
• Walk – Normalize: Implement lifecycle phases (Active → Closeout → Archive), deploy library default labels at scale, expand auto-labeling, apply access reviews and external governance, and introduce selective RSS/RCD during AI readiness.
• Run – Optimize: Mature retention and records policies, align structured metadata across Teams and SharePoint, enable advanced DLP and endpoint protections, integrate governance with analytics and AI strategies, and continually refine practices based on audits and actual usage.

8. Modern Governance Is an Organizational Capability

Modern Microsoft 365 governance is not simply a checklist; it is an ongoing operational capability. When executed well, it reduces risk without impeding business, enhances user experience and search relevance, clarifies work processes, enforces robust security and compliance, enables responsible AI adoption, and supports scalable collaboration and automation.

Conclusion

Modern Microsoft 365 governance is no longer a one-time project or a static list of policies—it is a dynamic, continuous capability embedded within the organization’s operations. By establishing clear ownership, aligning technology with business needs, and consistently refining strategies using insights and analytics, organizations can confidently balance innovation with security. In doing so, governance becomes the bedrock for responsible AI adoption, seamless collaboration, and sustained operational excellence. As Microsoft 365 continues to evolve, a resilient and adaptive governance strategy will ensure the digital workplace remains secure, compliant, and prepared to seize future opportunities.

The post Modern Microsoft 365 Governance for the AI Era: A Thrive Perspective appeared first on Thrive.

In the quiet architecture of the internet, cPanel and WebHost Manager (WHM) serve as the management plane the largely invisible interface where the digital world is built and maintained. If a website is an apartment, WHM is the master key to the entire high-rise, and cPanel is the front door to your unit. For decades, we have trusted these gates to stay locked. 

On April 28, 2026, that trust was shattered. The disclosure of CVE-2026-41940, a critical authentication bypass with a CVSS score of 9.8, revealed a flaw so fundamental it felt more like a heist film than a software bug. It wasn’t about cracking a password; it was about talking the gatekeeper into handing over the keys. By manipulating how the server handles session data, unauthenticated attackers could talk their way into root-level administrative access. The vault was open, and for many, the guards hadn’t even noticed. 

94% Market Share: The Infrastructure Fragility Problem 

The scale of this vulnerability is staggering, reflecting a structural fragility in how we’ve built the web. According to W3Techs, cPanel commands a massive 94% share of the control-panel market. We aren’t just talking about a few blogs; this software manages upwards of 70 million domains and most critically roughly 1.5 million internet-exposed instances. 

When a single vendor achieves this level of dominance, it creates a dangerous monoculture a single point of failure for the global digital economy. A localized oversight in a login flow is no longer just a bug; it is a systemic threat that can jeopardize tens of millions of organizations simultaneously. 

The Two-Month Shadow: A Zero-Day Reality Check 

While the public was alerted on April 28, the timeline of the cPanel crisis suggests a much longer period of exposure. Evidence indicates that threat actors were exploiting the vulnerability in the wild as a zero-day since at least February 23, 2026. For two full months, an unknown number of servers were compromised before a patch even existed. 

The gravity of the situation was underscored when CISA added CVE-2026-41940 to its Known Exploited Vulnerabilities (KEV) catalog, mandating a federal remediation deadline of May 3, 2026. 

The remediation window has effectively vanished. A working Proof-of-Concept (PoC) exploit was published just one day after the patch. By the time most sysadmins were reading the advisory, automated scanning campaigns were already operationalizing the exploit. 

The Obfuscation Oversight: Bypassing Encryption with a Comma 

The technical root of this flaw is a masterclass in the failure of security through obfuscation. cPanel uses an obfuscation segment, notated as <ob> in the session cookie, to symmetrically encode passwords so they aren’t stored in plaintext on the disk. 

The server uses a function called get_ob_part to extract the hex key from the cookie. Researchers discovered that the server will resolve the session file at /var/cpanel/sessions/raw/ regardless of whether the obfuscation suffix is present. By simply removing the comma and the hex key from the cookie, the attacker forces the server’s obfuscation logic to return an empty value. Because the key is missing, the system defaults to writing the password and any malicious CRLF (Carriage Return Line Feed) characters it contains directly into the raw session file in plaintext. 

JSON Poisoning: Using a Security Check to Facilitate the Hack 

The brilliance of the attack lies in its use of fallback logic to poison the system’s trust. cPanel typically prefers to read from a fast JSON cache rather than the raw text file. To bypass this, attackers intentionally trigger a do_token_denied error by requesting a protected URL with an invalid security token. 

This error forces the server into a fallback mode. It invokes Modify::new(nocache => 1), which ignores the JSON cache and re-parses the raw, multi-line session file. During this re-parse, the attacker’s injected lines (like user=root) are promoted from corrupted text strings into the trusted JSON cache as top-level session entries. 

“Modify::new(nocache => 1) re-reads the raw file… Modify::save() rewrites the JSON cache with every parsed key including the attacker’s promoted to a top-level session entry.”  – Source Analysis 

Interestingly, the attack is somewhat probabilistic. Because Modify::save serializes the session hash using Perl’s randomized key-iteration order, the original security tokens might occasionally overwrite the injected ones. In practice, a handful of retries makes the exploit chain nearly 100% reliable. 

The Smallest Proof: When a Version Check Means Total Control 

The smoking gun for this exploit is a simple call to the /json-api/version endpoint. Normally, this is a restricted request. However, once the session is poisoned with injected keys specifically user=root, hasroot=1, tfa_verified=1, and successful_internal_auth_with_timestamp the server is convinced a legitimate login has already occurred. 

These specific keys act as pre-authorized flags that short-circuit the standard checkpassword call against /etc/shadow. When the version check returns a result, it confirms the attacker has obtained root administrative dominance. This isn’t just a website defacement; it’s the ability to read every database, intercept every email, and pivot into the internal networks of every customer hosted on that hardware. 

A Post-Patch World: The Long Tail of Recovery 

While vendor patches for versions such as 11.110.0.97 and 11.136.0.5 are now available, the forensic recovery will be long and difficult. Traditional network logs often fail to capture the subtle file manipulation at the heart of this attack. The only reliable indicators of compromise (IOCs) are found on-disk at /var/cpanel/sessions/raw/. Administrators must look for session files containing user=root or multiple pass= lines created during the pre-authentication phase. 

Any internet-exposed server during the disclosure window must be treated as potentially compromised. In many cases, the only safe path forward is a full rebuild from clean images. 

This crisis forces us to confront a biting reality: we have allowed our critical digital infrastructure to become too concentrated for our own safety. When one oversight in a 94% market leader can jeopardize 70 million domains, the efficiency of a monoculture begins to look like a suicide pact. We must prioritize decentralizing the management plane, or we will inevitably lose the keys to the kingdom again. The next comma is already waiting to be deleted. 

The post The Comma that Broke the Internet: Inside the cPanel Infrastructure Meltdown appeared first on Thrive.