cars on road between buildings

Power Platform Governance

Your Low-Code City

Imagine driving to a city you’ve never been to before. Now imagine that when you get there, you see many of its buildings don’t have roofs. And cranes and ladders cover every corner. Everything is under construction, but nothing seems coordinated. There are clones of buildings and architecture everywhere. Three City Halls, four identical bridges right next to each other, but only one that is accessible to drivers. In other words, the city, while creatively expanding and building, is in utter chaos. Your enterprise is your beautiful city using Power Platform. Therefore, if you are not careful, a lack of Power Platform Governance can lead to chaos.

Opening up the Power Platform to your employees and letting them use it however they please may seem completely harmless at first. After all, being able to build your own apps, workflows, dashboards and bots is almost like a superpower. And you want your employees to become digital heroes. But remember the city. Where there is no coordination, no planning, and no governance, it ceases to work as a whole. Similarly, your enterprise environment runs the risk of becoming a dysfunctional and confusing landscape of Power Platform projects. You need Power Platform governance.

What is Power Platform Governance?

What does Power Platform governance mean, then? It means understanding what you want the platform to do for you, specifically. It also means organizing a ‘governing body’ to ensure that projects stay secure and compliant with regulations like GDPR. However, maybe you have already adopted the Power Platform and want to de-clutter and organize your environment. Importantly, in this case, Power Platform governance means assessing of your Power Platform usage, and defining new processes for your business. In both cases, a concrete understanding of your business’ needs will give you a foundation for adopting the Power Platform at scale, without accidentally letting it become counter-productive.

Key Business Concerns

In addition, there are some concerns that every business has, and which must apply to the Power platform as well:

  • Transparency – Which component was created by who, and for what purpose? Also, is it still active?
  • Waste – Has the problem an app was made to fix been fixed globally? Also, how many unused apps, flows and dashboards are either abandoned, unneeded, or forgotten, even as they remain active?
  • Data Management – Certain processes can work for similar apps and flows. So, shouldn’t those processes be accessible to colleagues working on similar projects? Also, you must remember the data these projects may actively create through their users.
  • Security – How do your Data Loss Prevention Policies apply to the Power Platform for your business? Above all, information is precious, and sometimes it must be restricted. For instance, allowing everyone access to everything at all times carries the grave risk of valuable information leakage. Therefore, Power Platform Governance will ensure that your employees have appropriate processes to follow. These are processes regarding data and information security for your business.
  • Efficiency – Multiple people working on the same solutions without even knowing it? This is not efficient. Also, you want to bring your employees together and make knowledge sharing easy. You want your solutions built with efficiency and quality.
  • Process Management – What are the processes for your Low-Code solutions? Also, are they accessible, or relevant to other projects? Similarly, how can your employees new to the Power Platform learn to define processes of their own?

No More Chaos

In conclusion, proper governance over the Power Platform for your business will take into account all these concerns. And it will ensure that your citizen developers are creating amazing Low-Code solutions. Solutions that benefit the business, but are still secure, compliant, and transparent. You will better define your environments so creativity and experimentation can take place. All without fear of unforeseen effects on your data or infrastructure.

Therefore, with proper governance over the Power Platform, the city of chaotic construction is no more. A unified, intelligent, and functional city emerges in its place. Make the most out of the Power Platform, and govern it in a way that helps your business thrive.

4 Steps to Achieving Simple and Effective Governance

We at Runpipe want to see more businesses adopt the Power Platform with less fear. Our platform makes that possible. However, there are 4 good-sense steps any business should know when adopting of Power Platform. These are the steps simple and effective governance.

Secure Your Tenant

Your tenant is the sum total of environments your organization uses or will use with the Power Platform. In fact, it is the creation of separately restrictive environments that will make your tenant secure. Therefore, if your tenant is the entire city, your environments are like its boroughs and neighborhoods. Sometimes even just a city-block. In other words, the point is to give your citizen developers varying degrees of access to connectors and tools for their Power Platform projects, depending on the environment they are in. This will ensure Power Platform governance,

Proper Restrictions

To do this, you need a governing-body that will share the Power Platform admin role and restrict access to creating new environments. That is, unless access is granted by them to someone else. For instance, a single house cannot decide that it is its own neighborhood. Therefore, every tenant starts with the default environment. Also, every licensed user has access to this environment and can start building their apps and flows within it. This default environment acts as a playground. However, since everyone can create their own solutions, some of their abilities should be limited. This will minimize risk. Therefore, the default environment should be the most restrictive in terms of access to connectors and data. In addition, it should be renamed to reflect this status. For instance, many organizations choose something like “personal productivity”.

You can restrict the data connections for all or specific environments in the Power Platform admin portal. You do this with the creation of DLPs, or Data Loss Prevention Policies. In addition, you can categorize the hundreds of connectors into different buckets. For instance, “business”, “non-business” and “blocked” buckets. Connectors in the blocked bucket cannot be used at all. Also, all usable connectors can only be used with other connectors that are in the same bucket. In addition, for non-Microsoft 365 Connectors, you can define policies for each specific connector. You can define the actions of connectors that can be used, as well as ones that cannot be used. Power Platform governance is made easy.

Gatekeeping Your Environments

Creating a restrictive DLP for your default environment is highly recommended. Once that’s done, you can start creating other environments for your makers that are less restrictive. However, you can act as a gatekeeper. Therefore, you always know which apps and flows are built, and what they are doing.

Your environments are in the hands of a trusted team. Your default environment is secure and restricted. Then, all that is left to do is make sure every environment adheres to your Data Loss Prevention Policies. These are simply policies your admins can define for each environment, that enforce the proper access of data connectors on the Power Platform.

Monitor Tenant Activity

So, your neighborhoods and streets are defined and restricted to certain resources within your Power Platform city. You are now ready to properly govern by monitoring activity. In addition to logging into the Office 365 Security and Compliance Center to access full logs of users’ projects and activity, you can also make use of analytics that are available natively within the Power Platform. In the Power Platform Admin center, under the analytics tab, you can see statistics for apps and flows, and well as which tables and entities your citizen developers are using the most.

If all has been built correctly up to this point, then you will have an organized, secure, and creative Power Platform City at your disposal.

Create Alerts & Actions in order to govern your Power Platform

Even with all the guardrails set up, risky situations may still present themselves. Therefore, you want to be aware of these situations, and have the right tools that can help you to mitigate risks when the time comes.

For instance, these risks can include orphaned apps and flows, unused licenses, or solutions that don’t follow your company’s regulations. In addition, if not managed, any of these can lead to a lack of business continuity, or high license expenses. They can also lead to non-compliant use of data.

With Runpipe, you have access to a large repertoire of alerts and actions. In addition, they can be adapted to your needs and processes.

Enable Your Citizen Developers

The Power Platform is an incredible tool. However, enforcing proper governance over its use is crucial, and one major aspect that hinders many organizations from adopting it at scale is not only governance, but enablement. Therefore, Runpipe seeks to bridge this gap by combining a central, governing data and knowledge hub with workshops, training sessions, and video tutorials that address your business’s particular needs. In other words, we believe every employee can become a digital hero.

You want your employees to make the most out of the powerful city your organization has built. Enablement, in tandem with careful governance, will help create an engine of creativity and innovation for your organization. Who knows, you may even be able to build the Power Platform city of the future.

Runpipe is an out-of-the-box collaboration and governance tool for your business using the Power Platform. Find more information on Power Platform Governance on our website or at Microsoft.

Facebook
Twitter
LinkedIn

Low-Code Excellence Newsletter

Get best in class information about Security, Governance and Enablement for your Center of Excellence