This presentation was used at SPS London 2019. Daniel Laskewitz and myself went into how admins can be in control with the PowerPlatform without frustrating the citizen developer (to much).
4. Daniel Laskewitz (citizen dev)
Business productivity consultant
Sogeti Netherlands
Microsoft MVP Business Solutions
International speaker
Blog: https://www.o365dude.com/
Twitter: @Laskewitz
Mail: Daniel.Laskewitz@sogeti.com
5. Albert Hoitingh (admin)
Solution Architect
Motion10
Microsoft MVP Enterprise Mobility
Microsoft Certified Security Administrator Associate
International speaker
Blog: https://Alberthoitingh.com
Twitter: @Alberthoitingh
Mail: Albert.Hoitingh@Motion10.com
6. Today’s agenda
Three real-life scenario’s
• From the citizen dev.’s perspective
• From the admin’s perspective
• The theory behind the scenario
Additional information
7. Scenario one – He creates a (relatively)
simple Flow…
Let’s go…
8. Environments in Flow
Data region & security
• System administrator (aka. Environment Admin)
• Users
• P2 license required for multiple environments
• Watch out with Default
Data loss prevention (DLP)
• Works “on save” – for now
• Suspends Flow until restriction is lifted
• Can be worked-around (connect using different accounts)
• Call Microsoft!
9. DLP roadmap
But also: real-time DLP!
https://docs.microsoft.com/en-us/business-applications-release-
notes/April19/microsoft-flow/data-loss-prevention-enhancements
11. Admin-connectors
• Specific management connectors
• Powerplatform, Security Graph, Microsoft Cloud App
Security
• Used for reporting and actions
• During the demo we used a Flic to trigger the Flow
12. PowerPlatform connector
Used for: Automating administrative tasks on the PowerPlatform
Possible triggers:
Possible actions:
• Create an environment
• Create a DLP rule
• Delete an environment
13. Flow admin connector
Used for: Managing Flows using Flow
Possible triggers: Any (for example a button)
Possible actions:
• List Flows
• Stop a Flow (as shown)
• Create a Flow
Similar connector: PowerApps for Admins
14. Microsoft Graph Security connector
Used for: Using signals from the Microsoft Graph Security.
Possible triggers: Any alert available in the graph
Possible actions:
• Get alerts
• Update alerts
• Get subscriptions
15. Microsoft Cloud App Security
Works both ways:
• Create a Flow based on an alert in MCAS
Or
• Trigger a Flow from an MCAS policy
For example:
17. Bug or working as designed?
• Going around the tenant has been a “work-around”
• For quite some time now….
• Only option at this moment: “Call Microsoft”
18. What if I need more options?
• Powerplatform admin-center
• Office 365 audit-log and alerts
• PowerShell
• Multifactor authentication