A new chapter for Windows 365
In 2021, Microsoft introduced Windows 365, reimagining the PC as a cloud service that streams a Cloud PC—a complete, secure, personalized Windows experience to any device, anywhere. This innovation gave organizations the flexibility to scale computing resources instantly, reduce IT complexity and strengthen security—all while empowering employees to work from virtually anywhere. In just four years, Windows 365 has become Microsoft’s flagship software-as-a-service (SaaS) solution for delivering secure, managed, enterprise-grade computing globally, helping businesses lower costs, simplify management and accelerate productivity.
And now, Windows 365 is enabling another milestone in computing: the recently announced Windows 365 for Agents makes it possible to run autonomous AI agents securely on Cloud PCs. This means organizations can automate complex workflows, scale operations without adding headcount and unlock new productivity gains—all while maintaining enterprise-grade security and compliance. By extending the same trusted environment from human users to agent workloads, businesses can accelerate innovation and improve employee productivity.
Agentic interfaces are becoming part of the PC interface. And people will use software (agents) to control software. This modern abstraction allows people to be more productive by spending more time on value-adding tasks and delegating non-value adding tasks to agents.
The architecture that sets Windows 365 apart
Windows 365 is built on a set of proven, enterprise-grade capabilities that form the core of the service. Its “hosted on behalf of” (HOBO) architecture uses single instance Azure virtual machines that run in Microsoft’s subscription, are managed through Microsoft Intune, secured with Microsoft Entra ID and connected via reverse connect transport.
These components bring together Microsoft’s most trusted technologies to provide a secure, reliable and scalable foundation for running Cloud PC workloads in the following key areas:
- Identity and security: Microsoft Entra ID handles strong authentication, including passwordless and phish resistant MFA, with Conditional Access policies enforcing location-based restrictions, sign-in risk management and device compliance. Cloud PCs support both Entra join (cloud-native) and hybrid join to on-premises Active Directory Domain Services (AD DS).
- Unified management: All Cloud PCs can be enrolled in Microsoft Intune, where administrators define provisioning policies, deploy applications, configure settings and enforce security baselines—using the same console and workflows as physical devices.
- Cloud PC provisioning: Our service fabric automatically provisions, scales and manages Cloud PCs at a global scale, with the simple trigger of license assignment and provisioning policy definition—thereby eliminating any cloud infrastructure management needed by our customers.
- Global connectivity: User connections never reach Cloud PCs directly over the internet. Both the client device and Cloud PC establish outbound connections to the Microsoft Cloud, eliminating inbound ports entirely. Our intelligent routing algorithms direct traffic to the lowest-latency gateway. We also use industry standard techniques like STUN and TURN to maintain fast, reliable connectivity even in restrictive network environments.
Extending Windows 365 to agents
With computer-using agents (CUAs) emerging as a class of AI capability, we recognized a key requirement: AI agents should operate in their own secure, computing environments to execute tasks, interact with enterprise systems and line of business applications, and operate within security boundaries, without burdening human users by sharing environments.
An AI agent interacting with a GUI requires the same fundamental resources as any user—compute, network, identity and policy controls. Rather than building a separate virtualization stack, Windows 365 for Agents runs on identical Azure VM infrastructure with the same Intune management and Entra identity systems.
Beyond creating a Cloud PC platform for AI agent workloads, Windows 365 for Agents introduces a set of capabilities designed to make agent workloads secure, scalable and cost-efficient. These enhancements go beyond simply running AI agents on Cloud PCs—they optimize how agents are provisioned, managed and controlled, while maintaining enterprise-grade security and compliance. From elastic resource pools to human-in-the-loop safeguards, these innovations help organizations automate complex tasks, reduce idle costs and ensure trust in autonomous operations.
- Cloud PC pools: Rather than persistent 1-to-1 user assignment, agents draw from shared pools organized by team or workload. From pre-provisioned Cloud PCs for fast checkout to scheduled provisioning to reduce idle costs, elastic scaling allows organizations to dynamically adjust the resources available to agents to match business needs.
- Check-in/check-out model: Agents check out a Cloud PC to perform a task, then check it back in for reuse. This ephemeral, task-scoped approach maximizes utilization and enables consumptive billing based on actual usage rather than fixed monthly fees.
- Programmatic interfaces for agent control: Windows 365 for Agents interfaces to create, check out, control and observe cloud PCs will be available for third-party agent builders in the Agent 365 tooling servers.
- Computer-using agents (CUAs): Unlike traditional robotic process automation (RPA) that relies on brittle element selectors (rules that break when a UI changes), CUAs interpret screen content visually using AI vision and they reason about what actions to take. They adapt when UIs change without breaking workflows—processing screenshots, generating action plans and executing step-by-step commands. Code execution as well as local MCP servers, within this same environment, make for a powerful combination of capabilities in an isolated Cloud PC.
- Human-in-the-loop: Recognizing the need for trust in autonomous systems, the platform enables the user to take control at any point during agent execution, intervene to handle complex decisions or provide credentials, then return control to the agent when finished.
- Agent Identity: Each agent operates with a unique Microsoft Entra Agent ID authenticated via cryptographic credentials—no passwords to steal or phish. IT can distinguish agent actions from human actions in audit logs, providing granular observability of AI operations.
Windows as the platform for intelligent work
Extending Cloud PCs to digital agents reflects Microsoft’s mission: empowering every person and every organization to achieve more. Just as Windows democratized personal computing and Windows 365 brought that power to the cloud, Windows 365 for Agents delivers a secure, scalable platform for digital agents to operate anytime, anywhere.
We’re at the threshold of a new era—where agents, built responsibly and deployed securely, become trusted collaborators in work and creativity. The Windows platform has always enabled others to build, create and innovate. Windows 365 for Agents extends that promise by giving agent builders:
- Enterprise-grade security and compliance for AI agents
- Programmatic tools to simplify building sophisticated workflows
- Management capabilities that give IT teams confidence and control
- Natural, trustworthy user experiences for streamlined integration
The principles that shaped Windows 365—security, reliability, manageability and scale—continue to guide us. The same infrastructure serving millions of human users now becomes the foundation for the next generation of intelligent work.
Ready to learn more?
Editor’s note – Jan. 22, 2026 – Text changes were made for clarity following initial publication.