10. Our philosophy
1. Empower anyone to be a
maker, a #PowerAddict
• Enable an open ecosystem
for building
• But an ecosystem that does
not escalate privilege
11. Our philosophy… includes governance!
1. Empower anyone to be a
maker, a #PowerAddict
• Enable an open ecosystem
for building
• But an ecosystem that does
not escalate privilege
2. But also empower admins
with full visibility and the
tools they need to balance
business productivity with
governance
1. Incent the right behavior
2. Implement strategy early
3. Treat exceptions as exceptions
12. Agenda
1. Establish an environment strategy
2. Setup data loss prevention policies
3. Leverage out-of-box activity logs &
analytics
4. Install the Center of Excellence
starter kit
5. Welcome new makers and identify
champions
6. Establish and automate your audit
processes
14. Who is building solutions with the Power Apps?
2. Pro-dev / IT productivity
Enables high productivity app development
Reduces time to develop and deploy
Centrally managed and rolled out
Lower barrier of entry for app development
Power users in business units close to the problem
building solutions for their teams
Often with IT oversight or in an approved sandbox
1. Citizen developer enablement
Some organizations start with a centralized IT apps and then grow into organic development
Far more start with organic solutions in business units and grow into a centralized IT Center of
Excellence (CoE)
15. Environments
Environments are containers that administrators can use to manage apps, flows,
connections, and other assets; along with permissions to allow organization users
to use the resourcesAzure AD Tenant
Environments
1. Product
discovery
2. Know your
Environments
3. 5+1
security layers
4. Setup DLP
policies
5. Configure
audit logs
6. Review
Analytics
7. Automate
your reports
8, Automate
your polices
9. Proactive
engagement
10. CoE
toolkit
16. Environment key facts
• Every tenant has a Default environment
where all licensed PowerApps and Flow
users can create apps & flows
• Non-default environments offer more
control around permissions
• Non-default environment creation can
be restricted to only global and service
admins from the Power Platform admin
center: https://aka.ms/ppac
• Environments are tied to a geographic location that is configured at the time the environment
is created
• Environments can be used to target different audiences and/or for different purposes such as
dev, test and production
25. 1. PowerApps and Flow logs available at https://protection.office.com
Logs & analytics – see what’s happening
Microsoft Flow PowerApps
• Created flow
• Edited flow
• Deleted flow
• Edited permissions
• Deleted permissions
• Started a paid trial
• Renewed a paid trial
• Created app
• Edited/save app (draft)
• Published app
• Deleted app
• Restored an app from app
version
• Launched app
• Marking app as featured
• Marking app as hero
• Edited app permissions
• Deleted app permissions
26. 1. Power Apps and Power Automate logs available at
https://protection.office.com
2. Admin analytics
Tenant and environment level analytics
Available from Power Platform admin center
Access is available for environment admins
Data is stored for 28 days
Data is refreshed daily
Logs & analytics – see what’s happening
Capacity Management
Common Data Service
Microsoft Flow
PowerApps
https://aka.ms/ppac
27. 1. Power Apps and Power Automate logs available at
https://protection.office.com
2. Admin analytics
Tenant and environment level analytics
Available from Power Platform admin center
Access is available for environment admins
Data is stored for 28 days
Data is refreshed daily
3. Maker analytics (Canvas app and flow level analytics)
Available from make.powerapps.com and flow.microsoft.com
Access is available to app & flow owners (admins can grant themselves access)
Data is stored for 30 days
Data is refreshed daily
Logs & analytics – see what’s happening
Capacity Management
Common Data Service
Microsoft Flow
PowerApps
https://aka.ms/ppac
28. Center of Excellence Toolkit
https://aka.ms/COEStarterKit
Step Scenario Toolkit Component
Secure DLP Editor 1. Canvas App - DLP Editor
Monitor Flow templates to collect data into CDS
Power BI Dashboards
2. CDS Entities: Environments, Apps, Flows…
3. Flow - Sync resources template
4. Flow - Sync audit logs
5. Power BI Dashboard
6. Custom Connector for Office 365 Audit Logs
Alert &
Action
Maker and Admin notification via Flow
templates (Compliance request)
Admin Model Driven App facilitates app
audit process
7. Canvas App - Developer Compliance Center
8. Flow - Compliance detail request
9. Model Driven App - Business Process Flow for
Auditing resources
Nurture App catalog
Welcome email, Internal community
channel links
10. Canvas App - App Catalog
11. Flow - Welcome Email
30. Leverage management connectors & PowerShell as
powerful reporting tools + tools for action
aka.ms/powerappspowershell
PowerApps for Admins
PowerApps for App Makers
Power Platform for Admins
Flow Management
31. Welcome new makers and identify champions
https://aka.ms/powerwelcomeemail
32. Welcome new makers and identify champions
https://aka.ms/powerwelcomeemail
https://aka.ms/newmakerdigest
33. Establish and automate your audit process
Canvas app, flow creation aka.ms/restrictappcreators
Specific connector usage
aka.ms/restrictflowconnector
aka.ms/restrictappconnector
Newly added connectors aka.ms/newconnectornotification
1. Create your own workflows using the management connectors that
permit or restrict behavior based on your organization’s policies
(e.g. create an attestation process for assets in the default env)
35. Establish and automate your audit process
1. Create your own workflows using the management connectors that
permit or restrict behavior based on your organization’s policies
(e.g. create an attestation process for assets in the default env)
2. CoE starter kit comes with its own audit workflow:
• Apps are identified by a flow based on criteria such as the app is
shared with > 20 Users or at least 1 group and the business
justification details have not been provided.
• Developer Compliance Center where the maker can provide a
justification
• Admin business process workflow for approval
36. But don’t just take my word for it….
250k
5BillionCUSTOMERS A YEAR
EMPLOYEES WORLDWIDE
120 COUNTRIES
160 k in France
150
Production
apps
2500+
PowerApps
Yammer
Members
150+ IT
PowerApps
experts by
EoY 2019
https://powerapps.microsoft.com/blog/digital-
transformation-sncf-french-national-railway-company/
37. Recap
Establish an environment strategy
Setup data loss prevention policies
Leverage out-of-box activity logs &
analytics
Install the Center of Excellence
starter kit
Welcome new makers and identify
champions
Establish and automate your audit
processes
Notas del editor
The Microsoft Power Platform – Empowering millions of people to achieve more
Our vision for the Power Platform started from the recognition that data is increasingly flowing from everything, and a belief that organizations that harness their data – to gain insights then used to drive intelligent business processes – will outperform those that don’t.
We also recognize there aren’t enough programmers, data scientists and tech professionals to go around. So our goal was to build a platform targeting these technology experts and the millions of other frontline workers who see opportunities every day to create something better than the status quo, but who’ve never been empowered to do anything about it.
Our guiding vision was a framework we called the “Triple-A Loop” – a closed-loop system allowing users to gain insights from data (Analyze) used to drive intelligent business processes via apps they build (Act) and processes they automate (Automate).
The Microsoft Power Platform implements this vision via three cloud-based services: Power BI, PowerApps and Flow.
PowerApps is our low code application development platform – allowing anyone to build web and mobile applications without writing code. The natural connection between Power BI and PowerApps makes it effortless to put insights in the hands of maintenance workers, teachers, miners and others on the frontline, in tailored and often task-specific applications that supercharge their productivity and make their work perhaps a little less tedious.
Like Power BI, PowerApps connects to hundreds of business systems and databases, making it easy to connect workers with the existing processes and data that makes the business tick. And all the data captured in PowerApps can make its way right back to those very systems for further analysis in Power BI creating a closed-loop process for continuous improvement.
Additionally, PowerApps comes with a built-in, fully-managed, enterprise-grade datastore called the Common Data Service (CDS) for those applications that generate data not destined for a legacy system – and Power BI and Flow have deep connections to CDS making it that much easier to get even more value from data stored there.
Extending the Power Platform via connectors to other Microsoft offerings allow our clients to leverage those investments and create productivity faster.
With Office 365, we offer a complete intelligent solution that empowers your employees to creative, collaborate and work together with Office 365, Skype, Teams
With Dynamics 365, our intelligent business applications, we offer a complete set of solutions across Marketing, Sales, Commerce, Service, Finance, Operations and Talent.
With Microsoft Azure we are delivering the most productive, hybrid, intelligent, and trusted cloud to run your business.
Azure is offered in 54 regions, more than any cloud provider;
Offers 70+ compliance industries, the largest portfolio in the industry;
95% of Fortune 500 companies run on Azure
Secure your tenant
Establish an environment strategy
Setup DLP policies
Monitor your tenant
Activity logs
Alert & action based on activity
Deploying apps
Application lifecycle management
Azure DevOps task
Secure your tenant
Establish an environment strategy
Setup DLP policies
Monitor your tenant
Activity logs
Alert & action based on activity
Deploying apps
Application lifecycle management
Azure DevOps task
Every tenant has a default environment, created automatically.
The geo is important because…
CDS is focused on database and model-driven app user activity
PowerApps is targeted toward canvas app
The data is stored only in the region that an environment is hosted in.
CDS is focused on database and model-driven app user activity
PowerApps is targeted toward canvas app
The data is stored only in the region that an environment is hosted in.
CDS is focused on database and model-driven app user activity
PowerApps is targeted toward canvas app
The data is stored only in the region that an environment is hosted in.
Full visibility: Power Platform APIs in an accessible connector interface, provide admin access to resources
Customization : Pull the metadata you need to build the custom reports you want
Flexibility: Build the policies you need to implement administration + governance requirements
Secure your tenant
Establish an environment strategy
Setup DLP policies
Monitor your tenant
Activity logs
Alert & action based on activity
Deploying apps
Application lifecycle management
Azure DevOps task