Book now
mtech labs ai
Eastbourne · UK
/ AI Consultancy

The groundwork that makes AI safe to turn on.

Copilot, agents and assistants are only as trustworthy as the data, permissions and policies underneath them. We help you get that foundation right — drawing on the governance and compliance depth of M-Tech Systems.

Book a readiness reviewSee how we work
/ Where we work

AI consultancy for Sussex and UK organisations.

M-Tech Labs AI is based in Eastbourne, East Sussex, and works with organisations across East Sussex, West Sussex, Brighton and Hove and the wider UK. Local enough to sit at the table on a Tuesday morning; engineered for delivery anywhere.

We work as a Managed Intelligence Provider (MIP) — the operating model behind M/OS. That means we don’t just write the policy, run the readiness assessment and walk away. We stay on the hook for the AI tooling we recommend, build and connect — across regulated finance, life sciences, public sector, property, defence-adjacent supply chains, and any business with sensitive data and serious governance to think about.

  • Martello House, Edward Road, Eastbourne, BN23 8AS
  • UK-wide, on-site and remote
  • M-Tech Systems, since 2003
  • ISO 27001, ISO 9001, Cyber Essentials
/ Ai/ssessor

Not sure where to start? Try the ten-minute diagnostic.

Ai/ssessor runs a short, free conversation that reads your current AI posture — tools in use, where the risk actually sits, and the one thing to do next. You leave with a scored report and a tailored 90-day path. No sales call required.

Try Ai/ssessor — free
01/ Starting points

You might be here because…

Most AI consultancy engagements start with one of these. If any sound familiar, there's a conversation to have.

  1. Copilot licences on hold

    You've bought (or are about to buy) Microsoft 365 Copilot, but nobody's comfortable flipping the switch until someone's looked at what it can actually see.

  2. Shadow AI is already happening

    Staff are pasting client data into ChatGPT, Gemini and whatever's in their browser — with no policy, no audit trail and no sign-off.

  3. SharePoint permissions are a liability

    Fifteen years of "share with everyone" links, inherited folders and orphaned groups. Fine until an LLM gets a search API over the top of it.

  4. A regulator, auditor or client has asked

    You need a defensible answer on how AI is used, where the data goes, and what controls exist — and "we're thinking about it" isn't going to cut it.

02/ Capabilities

Where we help.

Short, focused engagements that leave you with a working map of risk, a cleaned-up tenancy and a policy your teams will actually follow.

03/ Engagement formats

Three ways to start.

Most clients begin with a Readiness Review, then move into a Sprint or a Retainer once the shape of the work is clear.

2 weeks · fixed fee

Readiness Review

A focused audit of your tenancy, permissions and data classification posture against the AI tool you're about to deploy. Ends with a prioritised remediation plan and a go / no-go recommendation.

  • Tenancy & oversharing audit
  • Risk register with severity
  • Remediation roadmap
  • Exec-level readout
4–6 weeks

Governance Sprint

We work alongside your team to actually fix the issues a review uncovers — sensitivity labels, DLP policies, retention, identity hygiene — and stand up the policy and training that keeps it from drifting back.

  • Purview / sensitivity labels
  • DLP & retention policies
  • Permission remediation
  • AI acceptable-use policy
Ongoing · quarterly

Advisory Retainer

A standing advisory relationship for teams rolling out AI over months, not weeks. Quarterly reviews, change-assessment on new tools, regulator-ready documentation kept current.

  • Quarterly posture review
  • New-tool assessments
  • Policy version control
  • Incident support on call
04/ Outcomes

What a readiness engagement changes.

  1. Confidence to turn Copilot on

    You know exactly what it can see, who can see it, and what it would never surface. No nasty demos.

  2. A defensible audit trail

    When the regulator, the auditor or the board asks how AI is being used — you have answers, not a shrug.

  3. Fewer surprises at rollout

    Permission and labelling problems are caught before deployment, not during a live incident.

  4. Teams that know the rules

    Clear, short guidance on what's fine, what needs review, and what's off-limits — so adoption doesn't stall on fear.

05/ Why us

The groundwork most AI shops don't do.

AI consultancy from a team that already runs production security and compliance — not a dev firm that picked up governance as an afterthought.

  1. Governance depth, not just dev depth

    Most software firms can build you an AI assistant. Very few can tell you whether it's safe to plug it into your tenancy. We do both.

  2. Assurix + NCSC CAF 4.0 aligned

    The same controls we apply to AI rollout — privileged access, supplier risk, monitoring, incident response — are the ones Assurix verifies live against CAF 4.0.

  3. Backed by a working MSP

    M-Tech Systems runs production identity, security and compliance for the organisations we build for. The AI work sits on top of an assurance practice, not alongside it.

/ Frameworks & standards

We map AI use against the frameworks your auditor already knows.

UK GDPRICO AI guidanceNCSC CAF 4.0NCSC AI principlesISO 27001Cyber EssentialsAssurixMicrosoft PurviewMicrosoft Defender for Cloud AppsEntra IDNIST AI RMFEU AI Act
/ Common questions

Things people often want to check first.

Do you only work with Sussex businesses?
No. We're based in Eastbourne and the Sussex postcode is convenient for in-person workshops, but most engagements run UK-wide — remote-first, with on-site days where it adds value. Clients have included Falkland Islands Government, Foundry by Legal & General Real Assets, Hobbs Recovery and a range of regulated organisations across the country.
What does a typical AI consultancy engagement look like?
Most clients start with a two-week fixed-fee Readiness Review — tenancy posture, shadow-AI exposure, Copilot fit and a 90-day roadmap. From there it's commonly a 4–6 week Governance Sprint to close the highest-impact gaps, and optionally a retained advisory relationship for ongoing tooling, policy and supplier decisions as providers and prices move.
Do you provide AI training as well as consulting?
Yes — AI Enablement runs alongside the policy and tooling work. We train the people who'll actually use the systems, with sessions grounded in your workflows and your data sensitivity, not generic vendor decks.
How is M-Tech Labs AI different from a generic AI consultant?
We work as a Managed Intelligence Provider (MIP) — we don't just write the strategy and hand it over. We build the AI systems and integrations the strategy needs, and we run them afterwards, with the security, identity and compliance discipline of a managed-services parent (M-Tech Systems, in business since 2003 and ISO 27001 certified). That continuity is the difference between an AI policy that holds up and one that drifts the moment Microsoft, Anthropic or OpenAI ships a breaking change.
/ Start a conversation

Not sure if your tenancy is ready for Copilot?

A two-week readiness review tells you where the risks are, what to fix first and what 'good' looks like — before you spend on licences.

Book a readiness reviewTry the free AI check