Governance and Administration

Microsoft Ignite March 2021 has brought many interesting announcements. In this article, I´ll cover some of the content delivered by @clamanna and @JulieStrauss3 highlighting the new enhancements coming in the Power Platform for Governance and Administration.

The last presentation describes three main aspects from the Business and IT perspectives: Security, Monitoring and Management.

https://aka.ms/PowerPlatformGovern

One of the fundamental elements in the Power Platform are the environments. Having a strategy for their governance and administration is important.

Environments strategy allowing business adoption and production administration

Data Loss Prevention (DLP) policies allow controlling how the data flows from and to your systems. The Power Platform is being extended to enable more flexible rules.

Blocked connector

These are the new features and changes that have been announced:

  • Advancements in Governance Controls
    • Connector Action Control
    • Endpoint Filtering Control
    • Tenant Isolation for Data Exfiltration Control
  • Self-Service Analytics with Azure Data Lake and App Insights
  • Cross tenant reports for Power Apps usage and maker activity
  • GitHub connector and CI/CD Self-service App
  • Microsoft Information Protection support with MIP labels
  • Azure Networking Connectivity
  • Azure Customer-managed keys within Power Platform

Connector Action Control provides a granual mechanism to block specific connector actions:

Endpoint Filtering Control brings the ability to govern which specific instances of data sources users can access. I’m particularly excited about this feature as hopefully, it will help with triggering child flows and using more connectors in the enterprise context 🥳.

Here is an example using the HTTP connector:

Tenant Isolation for Data Exfiltration Control allows for cross tenant access control of inbound and outbound connections:

In the monitoring area, Self-Service Analytics will allow to export administration data into Azure Data Lake and App Insights, extending the diagnostics options:

Cross tenant reports will be available for Power Apps usage and maker activity:

Up to 90-days historic data (currently only 30-days is available) and trends will be available 🥳

In the management and deployment aspect, the new GitHub connector supports team collaboration integrating citizen and pro-developers.

The new Canvas app CI/CD Self-service App provides a simple deployment UI:

Microsoft Information Protection is a framework that tries to put together how data can be secured across applications and platforms (e.g. Azure, Microsoft 365, Dynamics 365 and Power Platform). For instance, using labels being applied to the data. The labels enable custom controls to be applied, such as for policy enforcement and data governance.

Azure Networking Connectivity will allow connecting the Power Platform into your own Azure Virtual Network and leverage features like Express Route and gateways, really a great new capability! 😮‍💨

With Azure Customer-managed keys you can use your own encryption key to protect the data in your storage account. When you specify a customer-managed key, that key is used to protect and control access to the key that encrypts your data. This is now going to be integrated with the Power Platform, so we can apply the same within Microsoft Dataverse environments.

And more things are coming. These are the key strategic areas highlighted by @clamanna where Microsoft will focus on:

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s