Can you manage a tomorrow without Microsoft?

A tomorrow without Microsoft. It sounds unlikely. Almost a bit conspiratorial.

But in a world that shifts faster than our decision cycles, it's a question more leadership teams should dare to ask – without shame. Geopolitics, sanctions, trade conflicts and a USA where politics can turn abruptly. And yes, with Donald Trump in the White House, uncertainty, as we know, becomes something you can count on, not just talk about.

In that environment, many think risk is about “physical” things like energy, logistics, supply chains. But many organisations have another critical dependency creeping up – one that is even harder to see, precisely because it is everyday: the platforms on which all work depends.

Microsoft. Amazon (AWS). Google/Alphabet. Apple. Meta. ByteDance.

It's not just a list from the IT department. It's practically the same group the European Commission has identified as “gatekeepers” under the Digital Markets Act (DMA) – actors who function as gatekeepers in the digital economy.

And now comes the uncomfortable question we often postpone until it becomes urgent: What happens if we can no longer use, for example, Microsoft as a supplier? Not “if the licence becomes a little more expensive”, but “if it becomes difficult, restricted – or needs to be replaced quickly”.

Cloud Act is one piece of the puzzle – but platform dependence is the whole picture

When American suppliers come up, the conversation often lands on legal issues. Not without reason: the CLOUD Act clarifies that American authorities can in certain cases require suppliers under US jurisdiction to disclose data they control – even if the data is stored outside the USA.

But if we get stuck on the Cloud Act, we miss what is often the bigger risk in practice, namely platform dependency.

For many organisations, Microsoft is not just “Office”. It is:

• Outlook and Teams (communication)
• SharePoint/OneDrive (documents and collaboration)
• Identity, login and permissions
• Security functions and compliance tools
• Device management and automations
• Integrations – and a way of working built on top of all this

The same logic applies for:

• AWS: not just operations, but architecture, skills, toolchains and services that applications are built around
• Google: not just search, but mail, documents, meetings, development platforms and data/AI services
• Apple: not just hardware, but mobile strategy, apps and security models
• Meta/ByteDance: not just social channels, but communication, reach, recruitment and brand presence

When it gets like this, it is no longer “a supplier”. It is a prerequisite for functioning.

Three ways you can lose a platform – without anyone pressing a red button

When you say “what if we can't use Microsoft”, many imagine a dramatic ban. In practice, it almost never looks like that. Often one of these three happens:

1) The world changes risk appetite – quickly

In a more fragmented world, organisations may need to tighten their stance on what is acceptable from a risk and compliance perspective. This may involve new requirements, new recommendations, new interpretations – or that what yesterday was “reasonable” suddenly can no longer be justified in an audit, an incident or a political context.

The point is simple: when the world becomes more volatile, dependencies become more dangerous – especially those that feel “invisible” because they are everyday.

2) An event in the dependency chain causes massive operational disruption

The CrowdStrike incident summer 2024 is a textbook example of modern vulnerability: a faulty update broadly affected Windows environments globally and impacted critical societal functions. Microsoft estimated about 8.5 million Windows devices were affected. It illustrates how homogeneous ecosystems and tight dependency chains make the world fragile.

3) You get locked in – slowly, rationally, without drama

This is the most common variant. It doesn’t come with flashing lights. It comes with “this is easiest this way”.

• Functions moved between licence levels
• “Standard” becomes “add-on”
• Integrations are easiest made using the platform's own tools
• AI and security capabilities are repackaged
• Processes and training shape themselves around the platform's way of working

It happens without ill will. It happens because it’s convenient. And suddenly you are faced with a truth that feels a bit too honest: you can switch – but you don’t have the energy. Because it would require more capacity for change than you have.

How to know if you've outsourced your freedom of action

When platforms become your:

• Communication channels
• Document storage
• Identity and login
• Collaboration spaces
• Parts of process automation

… then you haven't just bought IT. You have outsourced parts of your operational capacity.

That’s why the DMA (Digital Markets Act) is relevant even beyond the legal sphere. “Gatekeepers” refers to actors who have become so central that they function as digital gatekeepers. Therefore, “what if we have to switch” is not an IT project – it's a management issue.

You don't have to break up with your platform supplier – but you have to stop being stuck

The goal is rarely to become “platform-free”. It is often neither realistic nor smart. The goal is to become strategically detached: not free from everything, but built for choices.

Three things that reduce your supplier dependence

1) Separate “collaboration” and “truth”

Let collaboration spaces be collaboration spaces. Ensure that your sources of truth (master data, critical registers, archival requirements) do not become so embedded in a platform that switching becomes an existential crisis.

2) Make exit a capability – not an appendix

Many have exit clauses in contracts. Fewer have tested them. Ask the question:

• Can we export our critical data (including metadata)?
• Can we read it without the supplier’s specialised tools?
• Can we move identity, permissions and access in a controlled manner?

If the answer is “we think so”, then you don’t know.

3) Reduce monoculture where it hurts most

The CrowdStrike incident was a brutal reminder that uniformity can be effective but also fragile. That doesn't mean you should have five of everything, but that you should identify the most critical layers and make them robust.

One last question to bring to the next management meeting

If the world is changing quickly – and it is – it is reasonable to ask a question many avoid: If we had to switch platforms within 90 days – could we?

And if the answer is no: do we know exactly why?

Because the future digital maturity is not about having the “right platform”. It's about having an organisation that can act quickly and independently when the playing field changes. It is not anti-tech. It is pro-freedom of action.