I haven't seen much discussion around this subject, perhaps not a lot of your clients are 'here' yet.
I genuinely don't know what the fuck to do. I'm a smaller MSP, I have good relationships with clients, and I always want to support them. I've started writing up an advisory and liability waiver in advanced on agentic AI.
I've had one client want request a hermes agent access to all email inboxes in their entra tenant. The user created an entra app, created a certificate secret, assigned delegate permissions and then tried to approve (this is when we got an alert, as their admin). This person got this far down this rabbit hole before we got to intervene. Which is fine, there's no harm but a user following AI instructions to do all of this, which would take them at least an hour, just to get to the end and have us say "what the fuck are you thinking" is just shitty, for every one involved.
I have another client that is going to ask about OpenClaw. I mean it makes total sense, these tools 'promise' that they're solving a tonne of problems. If you've played with any of these tools, you'd know, I know, they are extremely insecure black boxes. But we have a duty as their provider to empower our clients to succeed, but at the same time, these tools are in practice, similar to malware. Their inherent nature is to have maximum permissions, so they can do anything™ an employee can.
I have another client that has one trusted user using claude cowork, I find this one the most bearable, as if it's not got admin permissions, it can't really fuck up the computer too much.. and Anthropic has really nice published articles about what it means to use agentic AI. The two alternative's above are opensource, who do you blame when it fucks up? These clients have a board of directors, multiple stakeholders, yet some users think they should have the right to deploy these agents across their network?
The issue arises when the clients themselves have no idea about this, they don't understand semantic reasoning, versus a structured script/workflow. Having to remind them that their cyber insurance policy is not likely to pay out if this is breached (policies aren't even updated for this shit yet!). But when you tell a client "No, here's a million reasons this is a bad idea" they just think you're being uncooperative, unhelpful, and frankly a shitty provider.
I know a few of you will beat your chest and say "Just tell the clients no or have them sign a waiver" but for none of us here, is it ever that simple. An alternative is to say to a client, use power automate, or let's get you setup in copilot, but to do this requires hand-holding and training, and I don't know about you guys, but I really don't have that much time to do this for every single client, nor would I even know how to charge for it to justify that time.
Just looking to start a discussion around this, as it seems to be picking up steam and seems to be extremely problematic.