Author Archives: Sydney Pujadas

As businesses face growing complexity across IT operations, security, and service delivery, expectations for managed service providers have fundamentally changed. Organizations no longer want reactive support or disconnected tools, they want intelligent, scalable services that drive efficiency, visibility, and better outcomes.

Together, Thrive and ServiceNow are redefining what modern managed services look like for the mid-market, combining AI-driven workflows, automation, and a unified platform to deliver faster, smarter, and more reliable IT experiences.

Building a Foundation for Scale and Innovation

From the beginning, Thrive’s goal was to build a next-generation managed services platform that could scale alongside our customers’ evolving needs. ServiceNow provided the enterprise-grade foundation to make that possible.

By leveraging ServiceNow’s AI-powered platform, Thrive has been able to standardize service delivery, streamline operations, and create consistent experiences across customers without sacrificing flexibility or personalization.

The result is a platform that enables Thrive to grow efficiently while continuing to deliver high-quality, high-touch service.

Turning Automation into Real Business Value

At a high level, the Thrive and ServiceNow partnership is about using automation to unlock human potential. In fact, Thrive routes over 315,000 tasks every six months using AI automation.

By automating thousands of routine tasks behind the scenes, Thrive empowers its teams to focus on what matters most: solving complex problems, improving outcomes, and strengthening customer relationships. Automation helps reduce friction, speed up response times, and ensure work moves seamlessly across teams and workflows.

For customers, this translates into faster resolutions, clearer communication, and a more proactive IT experience.

A More Connected Customer Experience

One of the most powerful outcomes of the partnership is the ability to work more closely with customers through shared workflows and real-time collaboration.

By integrating directly with customers’ ServiceNow environments, Thrive removes traditional barriers between provider and client. This creates a more transparent, connected service model; one where both teams operate as true partners working toward the same goals.

The result is stronger alignment, fewer handoffs, and better overall service experiences.

Preparing for an AI-Driven Future

ServiceNow also plays a critical role in Thrive’s long-term AI strategy.

With a strong data foundation and intelligent workflows already in place, Thrive is well-positioned to continue expanding its use of AI across service delivery, operations, and customer engagement. As AI capabilities evolve, Thrive can adopt new innovations quickly and responsibly, ensuring customers benefit from smarter automation without added complexity.

Moving Forward, Together

At its core, the Thrive and ServiceNow partnership is about enabling better outcomes for customers, teams, and the businesses they support.

By combining Thrive’s managed services expertise with ServiceNow’s powerful AI platform, the partnership delivers scalable, future-ready IT services designed for the realities of today’s mid-market organizations. Contact Thrive today to learn more about the partnership with ServiceNow and how Thrive is delivering best-in-class solutions for your business goals.

Download your complimentary copy of the Gartner® Predicts 2026: Evolving Threats and AI Adoption Transform Infrastructure Security report to learn how agentic AI is transforming work and introducing new security risks.

As autonomous AI agents take on repeatable tasks, they create new attack surfaces that bypass traditional controls. Gartner warns that fragmented security stacks reduce visibility across discovery, access, posture, and data protection, while AI-driven threats increase the risk of privilege escalation, lateral movement, and targeted ransomware attacks.

Gartner recommends starting now with pilot deployments of agentic AI security tools, improving visibility into third-party AI usage, and strengthening application security for custom AI models. It also highlights the need to consolidate security platforms and adopt workspace immutable secure endpoint (WISE) strategies to protect AI-enabled environments, reduce risk, and meet evolving governance requirements.

Download the Gartner report today!

Gartner Predicts 2026: Evolving Threats and AI Adoption Transform Infrastructure Security, Deepak Mishra, Franz Hinner, John Watts 3 December 2025

GARTNER is a trademark of Gartner, Inc. and/or its affiliates.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Unlock Confidence and Clarity with Mid-Market Compliance

Compliance isn’t just a checkbox for large enterprises. For mid-market organizations, the right approach can reduce risk, strengthen security, and support sustainable growth. Our Mid-Market Guide to Compliance breaks down today’s regulatory landscape, highlights common compliance gaps, and outlines practical steps to meet requirements without overwhelming your IT team.

Download the guide and take a smarter, more confident approach to compliance.

Luke has Yoda; Frodo has Gandalf; Wolverine has Professor X. Just like our favourite heroes, IT leaders can’t rely on their utility belts and clever quips alone to save the day. Organizations need more than software to be successful and secure; they also need a skilled IT advisor to actively protect, improve, and optimize their IT ecosystem.

Thrive serves mid-market clients across every vertical in Canada and beyond, each with its own unique set of challenges. Thrive offers specialized vCIO and vCISO advisory services, staffed with a team of experts dedicated to helping you reach your unique business goals. Both services offer current-state and risk assessments and compliance support to help every client build a strategy that fits their needs.

Today, we’re focusing on the strategic and practical benefits vCIOs bring to each client they work with.

Fireproof Your Business

By partnering with Thrive, clients can achieve IT stability and resilience with the guidance of our vCIOs and practical support from Thrive’s deep bench of specialized experts. The Thrive team takes an all-hands-on-deck approach to understanding and supporting each client.

“I don’t do this in isolation, and neither do they,” reflects Canada-based vCIO Henry Corvers on his daily touchpoints with Thrive Account Managers, Customer Success, and Delivery Specialists. “When we’re on an account together, we’re not off doing our own thing; we come together and do what’s best for the customer.” The benefits of that proactive collaboration behind the scenes are quickly felt by clients.

Mentioning a client’s message of thanks sent to their Thrive Account Manager and Henry, he shares, “Where they are today compared to where they were a year ago is a night and day difference, and they are thankful that we are there working with and alongside them.” Henry assessed their environment and made recommendations and changes that made it more secure and stable. He brought to light some issues that they were not aware of, while others they did know about and were seeking solutions.

Through strategic guidance and continuous gap analysis provided by Thrive’s vCIO advisory team, businesses can build a stronger IT foundation. Whether it’s cloud migration, cybersecurity enhancements, AI readiness and deployment, or ongoing system optimizations, vCIOs help companies implement thoughtful long-term solutions rather than rely on reactive band-aid responses.

Organizations in firefighting mode react to user complaints and vulnerabilities without a comprehensive view of their IT environment, leading to inefficiencies and increased risks. Working alongside a Thrive vCIO, clients develop a strategy that fireproofs their operations by focusing on layered security and scalable infrastructure that reduces downtime and enables the business to pivot when needed.

A Tailored Consultative Approach for Foundations You Can Build On

Thrive vCIO services meet you where you are to gain a deeper understanding of your IT teams, processes, and platforms and align them to your strategic long-term business goals.

vCIOs look at the whole environment and identify the large gaps, issues, and items that should be prioritized to address the foundational components that then provide the stability and security needed to drive innovation, scalability, and efficiency.

“Most of the people that I’m currently meeting with are technical people, and most aren’t surprised by what’s raised. Rather, it helps validate their concerns and clarify where to go next,” says Henry.

Oftentimes, client technical contacts have a good understanding of their environment but may not have all the tools and data available to present the situation in a complete and compelling manner to get stakeholder and Board buy-in. Henry and his fellow vCIOs can help assess and describe the circumstances and provide the strategy and reporting needed to get funding approvals for remedial actions and sustainable long-term investments for continued growth and security.

Examples of Foundational Components

vCIOs work with the customer to understand their environment and set a plan. Below we outline some steps taken during ongoing collaborative sessions.

Executionary: It’s important to note that Thrive’s best practices are aligned with CIS Critical Controls. CIS is a prescriptive, prioritized, and simplified set of cybersecurity baselines used throughout most industries.

• Use the CIS framework to identify priority executionary items
  • Identify gaps with best practices
  • Talk about directionally, where should we head and what should we tackle next
• Put in place MFA and best practices for passwords
  • Ensure device inventory are supported by EDR and other services
  • Validate MFA has been implemented properly
• Draw attention to end of support technologies such as Windows 10 EOS
• Ensure there are no vulnerabilities in unpatched and unsupported software
• Work to update or replace outdated software and processes

Strategic: vCIOs focus on your business priorities to determine how to make your environment even better at serving those goals.

• Regularly scheduled cadence calls talking about what’s happening today and what are we doing tomorrow
• Annual Technology Business Review
  • State of the nation, where are we going in the upcoming year
  • Clear and organized plan with prioritized initiatives to help support the business objectives
  • Roadmap where to focus next

Supporting our customers as a vCIO isn’t simply about advising on technology, it’s about understanding their business goals and objectives, helping them uncover opportunities they didn’t know existed, and building solutions that genuinely drive value.

“In the end, vCIO services are not just a strategic advantage, it’s a partnership built on trust, insight, and a shared commitment to long-term success,” Henry shares. “Collaborating to strengthen our customers’ environments and witnessing their enthusiasm as they reach each new milestone is what makes this work truly rewarding for me.”

Have questions for Henry and his vCIO colleagues? Connect with us here. To learn about Henry’s journey to becoming a trusted advisor, read his story here.

A strong cybersecurity posture is not optional for mid-sized businesses. Cyber threats continue to evolve, with attacks becoming more sophisticated, targeted, and costly year after year — and increasingly likely to target midsized companies. For companies that want to protect their data, maintain customer trust, and comply with regulatory requirements, building a strong cybersecurity posture is critical.

Ransomware Remains a Top Threat

Ransomware attacks are becoming more frequent and complex. Mid-sized organizations are often targeted because they typically lack the advanced defenses of larger enterprises. Implementing robust backup strategies, endpoint protection, and continuous monitoring is essential to minimize risk and ensure business continuity.

Zero Trust Security Models Are Essential

Traditional perimeter-based security is no longer enough for businesses. Adopting zero trust architectures, which verify every user and device before granting access to sensitive data, is trending. This approach reduces the risk of breaches and limits the potential impact of insider threats.

Cloud Security Must Be a Priority

As more companies adopt cloud and multi-cloud environments, cloud security is critical. Securing data in the cloud requires a combination of access management, encryption, continuous monitoring, and compliance controls. Businesses that ignore cloud security risk exposure to both cyberattacks and regulatory penalties.

Employee Training Reduces Human Risk

Humans are often the weakest link in cybersecurity. Mid-sized businesses can significantly reduce risk through ongoing employee awareness programs and simulated phishing tests. Educated teams are less likely to fall for scams or inadvertently expose sensitive information.

Automation and AI Strengthen Defenses

Automation and AI-driven tools are transforming cybersecurity. From threat detection to automated incident response, AI helps mid-market businesses respond faster and more effectively. Leveraging these tools allows IT teams to focus on strategic initiatives while maintaining strong defenses against evolving threats.

Compliance and Cyber Insurance Are Interconnected

Regulatory compliance and cyber insurance are increasingly linked. Meeting standards like HIPAA, CMMC, and GDPR not only protects sensitive data but also impacts insurance eligibility and premiums. Mid-market businesses that prioritize compliance will be better positioned to reduce risk and secure coverage.

How Thrive Helps

Cybersecurity can feel overwhelming, especially for mid-sized organizations with limited IT resources. Thrive provides outsourced cybersecurity services, monitoring, and managed security operations, helping businesses protect their data, maintain compliance, and respond to threats effectively. Contact Thrive today to learn more about how we combine expert guidance with advanced technology.

Cloud computing continues to transform how mid-sized businesses operate, innovate, and compete. Looking ahead to 2026, several trends are going beyond traditional cloud adoption and optimization. These changes reflect deeper integration of AI, governance, security, and data strategy into cloud environments, areas that technology leaders must prioritize to stay agile and resilient.

1. Cloud Platforms Become AI-Driven and Autonomous

In 2026, cloud platforms will increasingly embed agentic AI, which refers to autonomous systems that not only process data but also perform tasks, optimize workflows, and orchestrate services with minimal human intervention. Cloud environments are evolving from infrastructure into intelligent platforms that actively manage operations. To succeed, organizations must ensure these systems operate within clear guardrails aligned to business intent.

2. Governance and Guardrails Move to the Forefront

As AI and automation expand inside the cloud, governance becomes critical. Mid-market businesses will place greater emphasis on providing visibility, accountability, and control across cloud workloads and AI-driven processes. Governance frameworks will help organizations manage risk, enforce compliance requirements, and maintain confidence as cloud environments grow more complex.

3. Data Management and Trust Become Strategic Differentiators

Data quality, lineage, and access controls will determine how effectively organizations can leverage analytics and AI. Cloud-native tools that automate data governance and monitoring will help mid-market businesses reduce operational friction while ensuring insights are accurate, timely, and secure.

4. Cloud Security Must Evolve With AI-Driven Threats

As cloud environments become more intelligent, cybersecurity threats will do the same. Mid-sized businesses must adopt cloud-native security models that account for AI-augmented attacks and automated exploitation techniques. Continuous monitoring, identity protection, and security controls embedded directly into cloud platforms will be essential to maintaining resilience and trust.

5. Identity Becomes the Foundation of Cloud Security

Identity and access management will play an increasingly central role in cloud security. As applications, users, APIs, and AI-driven systems interact at scale, organizations must treat identity as the primary security layer. Strong authentication, authorization, and access practices will reduce exposure and help limit the blast radius of security incidents.

6. Cloud Cost Management Expands to Include AI Workloads

Cloud cost optimization, also known as FinOps, remains a priority, but in 2026 it will extend beyond traditional infrastructure. AI workloads introduce new cost considerations, including compute intensity and unpredictable usage patterns. Mid-market organizations will adopt more disciplined cloud financial management practices to balance innovation with budget control and long-term sustainability.

7. Multi-Cloud Strategies Support Flexibility and Resilience

To maintain flexibility and reduce dependency on a single provider, many mid-market businesses will continue to embrace multi-cloud strategies. Using multiple cloud platforms allows organizations to select the best services for specific workloads while improving resilience and negotiating leverage. Managing these environments effectively will require centralized visibility and expert oversight.

Staying Ahead With Thrive

The cloud landscape in 2026 will be shaped by intelligent automation, stronger governance, and security-first design. Mid-sized organizations that take a strategic approach to cloud adoption will be better positioned to innovate while managing risk. Contact Thrive to learn more about how we help organizations design, secure, and manage modern cloud environments that support growth, compliance, and long-term business objectives.

A new year offers more than a symbolic clean slate. For organizations, it is a critical checkpoint to ensure their cloud strategy still aligns with evolving business goals, regulatory requirements, and security threats. The cloud architecture that worked well several years ago may now create unnecessary expenses, performance challenges, or operational risk as organizations adopt AI, modernize applications, and support distributed workforces.

For many mid-sized organizations, cloud transformation has been ongoing rather than a single milestone. With rapid changes in cloud services and rising cyber insurance expectations, the start of a new year is the perfect time to reassess the environment and identify opportunities to optimize.

Evaluate What’s Working and What Isn’t

Cloud environments change quickly as new technology and temporary fixes accumulate. What once operated efficiently may be fragmented or oversized. An internal annual review can help identify whether workloads are properly sized, if performance has degraded, and whether or not security controls still match today’s standards.

Over-provisioned resources and aging architectures often create unnecessary costs and vulnerabilities for organizations. By stepping back and examining utilization, performance, and operations holistically, business leaders can gain the insights needed to streamline their cloud environment and eliminate hidden risk.

Revisit Cloud Spend and Optimizations

Cloud costs can rise gradually without notice, especially when unused services remain active or workloads use larger tiers than required. Reviewing usage patterns can uncover opportunities to better align resources with demand, shift workloads to more efficient tiers, or take advantage of reserved instances and long-term pricing models.

Organizations should also reevaluate their data storage practices. High-cost tiers are often used to store data that rarely changes or is no longer needed in the database. A clear data lifecycle approach helps reduce waste while preserving compliance and accessibility.

Strengthen Cloud Security and Compliance

Security and compliance expectations continue to expand, especially as cyber insurers require stronger controls across identity, access, and monitoring. An annual New Year assessment should examine how well current architectures align with zero trust principles, whether backups and recovery plans remain resilient, and whether threat detection covers multi-cloud environments.

Ensuring ongoing compliance with frameworks such as Cyber Essentials, CMMC, HIPAA, or other industry mandates is equally important. Revisiting these controls annually helps reduce the likelihood of data breaches and operational downtime.

Modernize Legacy Applications

Legacy applications are a major source of inefficiency and technical debt for organizations. They often limit automation, complicate integrations, and increase maintenance costs. A review in the new year creates an opportunity to identify which systems can be refactored, containerized, migrated to managed services, or retired altogether.

Modernizing even a few core applications can significantly improve performance, reduce risk, and support future digital initiatives.

Prepare for AI and Automation

As AI adoption accelerates across the mid-market, organizations must determine whether their cloud environments are ready to support data-intensive workloads. This includes evaluating data quality and governance, scalability, and security. Establishing these foundations early on allows companies to take advantage of AI without disrupting critical operations or exposing themselves to new vulnerabilities.

Improve Efficiency with Managed Services

IT teams are managing increasingly complex environments with the same limited time and resources. Partnering with a managed security service provider (MSSP), like Thrive, can help organizations maintain visibility, performance, and security across their cloud environment. MSSPs can also guide modernization efforts, support compliance requirements, and automate routine tasks so internal teams can focus on strategy.

Build a Future-Ready Roadmap

After assessing the current state, organizations should translate insights into a clear roadmap that outlines modernization priorities, security improvements, financial goals, and opportunities to integrate automation and AI. A focused roadmap helps ensure investments align with business objectives and provides a structured path for continuous improvement.

Start the Year with a More Strategic Cloud Approach

A well-tuned cloud strategy allows organizations to grow, innovate, and stay secure in an increasingly challenging digital landscape. Whether the goal is to optimize workloads, modernize legacy systems, or strengthen security posture, an annual reassessment provides the clarity needed to plan confidently for the year ahead. Contact Thrive today to learn more about how your cloud strategy can be taken into the year ahead.

Build the data foundation your AI strategy depends on.

Strong AI strategies fail without strong data foundations. Before organizations can turn AI investments into real business outcomes, they need data that is accurate, governed, secure, and accessible across the organization.

The AI Strategy Playbook: Data Foundations is a practical guide designed to help mid-sized organizations evaluate, strengthen, and operationalize the data capabilities required to support a successful AI strategy. Whether you are early in your AI journey or preparing to scale, this playbook helps ensure your strategy is built on data you can trust.

Financial services firms face unique pressures when choosing a productivity and collaboration platform. Beyond day-to-day usability, your choice must support stringent regulatory expectations, reduce operational risk, streamline compliance workflows, and enable long-term scalability.

Two leading platforms dominate this decision: Google Workspace and Microsoft 365 (M365). Both platforms deliver secure, cloud-native productivity environments, but each offer distinct advantages depending on your organization’s size, operational model, regulatory exposure, and technology strategy.

Business Functionality

Both Google Workspace and M365 offer competitive pricing with entry tiers starting around $6 per user per month, with scaling costs as functionality increases. The best fit depends largely on how your firm collaborates and what tools your workflows rely on.

Google Workspace

• Purpose-built for real-time collaboration.
• Google Docs, Sheets, and Slides are great for team co-authoring and lightweight workflows.
• Clean, intuitive UI; often preferred by teams that value simplicity and speed.
• Google Meet for video conferencing.
• Integrates well with cloud-native tools and lightweight web applications.

Microsoft 365

• Provides a rich, widely adopted productivity suite (Word, Excel, PowerPoint).
• Strong fit for firms that regularly exchange documents with custodians, fund administrators, clients, or partners who expect Microsoft formats.
• Teams offers unified messaging, conferencing, and optional enterprise-grade telephony.
• Automation capabilities through PowerApps and Power Automate.
• Copilot integrates deeply with Office apps and organizational data.

Takeaway: Both platforms support modern collaboration. Google Workspace excels in simplicity and real-time editing, while Microsoft shines in document-heavy workflows, complex spreadsheets, automation, and communication unification. Thrive helps organizations map these features to their business operating model.
Security

Financial services firms must implement strong encryption, access controls, threat protection, and incident response processes. Both Google and Microsoft provide secure baselines, but they differ in maturity, granularity, and ecosystem depth.

Google Workspace Security Highlights

• Strong encryption at rest and in transit.
• Straightforward administrative interface.
• Effective built-in protections against phishing and malware.
• Enterprise-tier MDM capabilities.
• Ideal for firms favoring simplicity and minimal overhead.

Microsoft 365 Security Highlights

• Encryption standards that match Google’s for both data at rest and in transit.
• More granular identity and access controls through Entra ID and Conditional Access policies.
• Deep integration with Microsoft Defender for EDR and XDR.
• Advanced SIEM capabilities through Sentinel.
• Stronger device management through Intune (MDM + MAM).

Takeaway: Both platforms provide secure environments that can meet financial services expectations. Google prioritizes streamlined, intuitive security management; Microsoft provides more customizable controls for firms that need granular policies or are scaling rapidly. Thrive ensures that either environment is configured to meet compliance expectations, not just vendor defaults.

Compliance

Regulated financial firms must address requirements such as:

• SEC and FINRA books and records
• Regulation S-P data protection and breach notification
• Marketing Rule compliance
• Business continuity and disaster recovery
• Communications archiving
• Access governance and privilege management

Neither platform alone guarantees compliance – controls, configuration, and workflow design matter most. But they offer different strengths.

Google Workspace Compliance Strengths

Supports integrations with leading compliance archiving platforms like Global Relay and Smarsh.

• Offers 17a-4 compliant retention capabilities.
• Provides data protection and DLP features, especially at higher tiers.
• Microsoft 365 Compliance Strengths
• Includes Microsoft Purview for advanced governance, classification, labeling, and auditing.
• Supports third-party archiving solutions with mature connectors.
• Offers complete visibility into data access patterns, which can be helpful for demonstrating compliance during exams.

Takeaway: Both platforms can be made fully compliant, but neither is compliant “out of the box.” The difference lies in their governance tooling and the level of insight needed for audits, reporting, and incident response. Thrive helps firms implement the right guardrails, regardless of the selected platform t.

Business Continuity & Global Footprint

Both Google and Microsoft operate on highly resilient cloud infrastructures with strong uptime SLAs.
Google Workspace emphasizes simplicity, fast recovery times, and strong backup ecosystem integrations.
Microsoft 365 offers advanced multi-geo capabilities and active-active configurations suitable for firms operating across regions.

For either platform, Thrive typically recommends off-platform backups to strengthen redundancy and improve recovery scenarios.

How Thrive Helps Financial Services Organizations

1. Strategic Platform Evaluation
We assess your workflows, regulatory obligations, risk profile, collaboration patterns, document management needs, and growth plans to determine whether Google or Microsoft is the better long-term fit.

2. Secure Implementation & Migration
Whether moving to Google Workspace or Microsoft 365, Thrive ensures:

• Identity and access controls are designed to support Zero Trust.
• MFA, Conditional Access (where applicable), and role-based access are enforced.
• Tenant configuration aligns with financial-sector expectations, not out-of-the-box defaults.

3. Compliance-Ready Architecture
We help implement:

• Books and records retention (via native tools or third parties like Smarsh/Global Relay)
• 17a-4 compliant storage setups
• Data governance policies
• Email and messaging archiving
• Backup policies that meet regulatory expectations

4. Security Hardening & Threat Detection
Thrive optimizes native Microsoft or Google security capabilities and integrates them with:

• Security operations
• Threat detection and analytics
• Incident response workflows
• Device management strategies

5. Ongoing Support & Optimization
The platform choice is only the beginning. Thrive supports your team with:

• 24x7x365 monitoring and management
• Continuous compliance alignment
• Regular configuration reviews
• Guidance as regulations evolve

Both Google Workspace and Microsoft 365 are viable platforms for financial services firms. The “better” choice depends on your organization’s structure, client base, regulatory obligations, preferred workflows, and long-term technology strategy.

The most important differentiator isn’t the platform, it’s how well it’s architected, secured, and governed. Contact Thrive today to learn more about how we can help you choose the right platform for your business needs.