Microsoft Power Platform — Governance and controls
In the second of a series of video chats and blogs from Version 1’s Microsoft license consulting team about the component parts that make-up the Microsoft Power Platform licensing models, my colleague Richard Ojo and I focus on the Power Platform governance and controls.
The accompanying discussion with Richard Ojo and blog focuses on the complexities of ensuring good governance and maintaining control of subscription and consumption costs associated with the use of Microsoft Power Platform products within an organisation.
This post follows on from our ‘Introduction to Power BI’ which outlined what Power BI is, the different types of users and the various licensing models.
What are the challenges surrounding Power Platform governance and control?
The first thing to highlight is the current challenges this poses for those responsible for asset management and financial operations. Then, explore what we anticipate will be available soon, to try and reduce this burden through native administrator tools across the Power Platform suite.
There are known limitations to enabling comprehensive and efficient administration and governing of Microsoft Power Platform services, such as the number of differing Admin centres for the products and services that sit within the Power Platform, including Power BI, Dynamics 365, Microsoft 365, to name but 3.
There is also more than one way to ‘purchase’ products and services within the Power Platform and a number of meters and metrics that calculate consumption for charging purposes:
· As monthly invoiceable subscriptions, an Admin can purchase and assign through the Microsoft 365 motion and include these within the ‘end user’ subscription charging model in the same way a Microsoft 365 user subscription is invoiced.
· Or Power Platform services can be purchased through the Azure tenant and included as a monthly pay-as-you-go Azure consumption cost.
· Or they can combine both motions to purchase the same services at the same time.
These include one, some or all of the following:
· Per user subscriptions, per application subscriptions, per volume of usage subscriptions, per tenant subscriptions.
An Admin can also set user and application policies to restrict or permit users the ability to consume some or all of a service.
So, these are some of the current governance and controls challenges.
But what is the positive news?
The next release wave for Power Platform will provide Admins with tools to better manage, for example, business units, teams and users and enable less complex managing and updating of security roles through a single Admin portal. This will be classified as a ‘new managed environment’ feature for streamlined IT administration of environments.
But what is expected of the ‘new managed environment’ functionality?
- Admin centre consolidation.
There is currently a single Power Platform Admin centre but there are also several legacy portals that administrators may have to visit because not all features have been brought into the last Power Platform Admin centre update.
The Power Platform Admin centre will unify all settings relevant to Power Platform, but Power BI may still sit outside of the new Admin centre.
2. Business units and teams.
The new Admin centre will allow administrators to manage business units, Dataverse teams and team templates from a single source.
3. Security role editor.
The new Admin centre will include a simplified administrator User Interface for managing security roles and privileges for Power Platform users, enabling changes to be made and implemented in a more intuitive way.
4. Managed environments.
This new feature will allow admins to enable a set of premium IT admin capabilities on any Power Platform environment to simplify the onboarding of both owner admins, environments and services whilst providing an easier means of controlling the distribution of apps within the platform.
These managed environments include the following:
- A one-time welcome email sent to new admins
- Weekly insights message sent to admins with information such as inactive apps and flows
- Easier access to data policy information in managed environments
- Greater Admin control over the sharing of canvas apps by user and by security roles
So, some good news?
Yes, hopefully, but the key to good governance and control is to first understand:
· What you have
· What you need
· Who has access?
· How is it being managed?
· What does it cost and who is responsible?
Then by defining processes to deliver the desired outcomes, within the constraints of the technology available, and ensuring any fit-gap is included, governance and control becomes an operational function that can be managed and administered rather than a series of retrospective actions as a form of remediation.
Our next post and fireside chat will look at Power Platform and Dataverse storage.
As a Microsoft Direct CSP partner, Azure Expert Microsoft Service Provider (MSP) and Microsoft licensing specialists, combined with our depth and breadth of Power Platform developer and architects, we can advise and guide you on the most suitable Power Platform licensing models to align with the needs of your business.
Contact us if you have any questions or go to our website for more information.
About the author:
William Nelson is a Sales Specialist with the License Management Practice at Version 1.