Operating Power Platform at Enterprise Scale

What´s coming up 👆

Operating Power Platform at enterprise scale

In this article, we will learn how to use the Power Platform to build and manage low-code applications at scale. We will cover four main topics:

  • How to establish a security baseline for your low-code estate using tenant isolation and IP firewall.
  • How to enable governed innovation for your makers using environment routing and environment groups.
  • How to enhance continuous integration for your apps using Power Platform pipelines and ALM tools.
  • How to trust and verify your low-code operations using Microsoft Sentinel and Microsoft Purview.

Security baseline

The first topic is how to create a security baseline for your low-code estate. This means ensuring that your apps and data are protected from unauthorised access and malicious attacks. To do this, you can use two features: tenant isolation and IP firewall.

  • Tenant isolation allows you to control the business-to-business interaction between your Power Platform tenant and other tenants. You can create policies to allow or block specific tenants from accessing your data sources and connectors. This way, you can prevent data leakage and cross-tenant attacks.
  • IP firewall allows you to restrict the IP ranges that can access your Power Platform environments. You can create rules to allow or block specific IP addresses or service tags. This way, you can prevent unauthorised access and denial-of-service attacks.

To enable these features, you need to go to the Power Platform admin center and navigate to the policies and settings pages. You can also learn more about them from the links below:

Governed innovation

The second topic is how to enable governed innovation for your makers. This means empowering your makers to build low-code apps with the Copilot and other tools, while ensuring that they follow the best practices and standards of your organization. To do this, you can use two features: environment routing and environment groups.

  • Environment routing allows you to direct your makers to their personal dev environments when they create new apps. This way, you can avoid cluttering the default environment with many apps and data sources. You can also control the connectors, licenses, and expiration policies for the personal dev environments.
  • Environment groups allows you to organize your environments into logical sets based on your criteria. You can create groups based on organizational structure, functionality, or lifecycle stage. You can also apply rules to the groups to configure the managed environment settings, such as sharing limits, maker onboarding, solution checker, and pipelines.

To enable these features, you need to go to the Power Platform admin center and navigate to the environment groups and tenant settings pages. You can also sign up for the preview and learn more about them from the links below:

Continuous integration

The third topic is how to enhance continuous integration for your apps. This means ensuring that your apps are tested, validated, and deployed in a consistent and reliable way. To do this, you can use two features: Power Platform pipelines and ALM tools.

  • Power Platform pipelines allows you to automate the movement of your apps from personal dev environments to user testing and production environments. You can use predefined templates or customize your own pipelines to suit your needs. You can also integrate IT checks and balances and certify your apps before they are shared broadly.
  • ALM tools allows you to manage the life-cycle of your apps using source control, versioning, and collaboration tools. You can use tools such as GitHub, Azure DevOps, or Power Platform CLI to develop, test, and deploy your apps. You can also use tools such as Solution Checker, Power Platform Test Studio, or Power Apps Review Tool to improve the quality and performance of your apps.
  • Preferred solution: This feature allows you to automatically add every app that is created in an environment to a solution, which is a container that holds the app and its dependencies. This way, you can ensure that your apps are always ready to be deployed to other environments using ALM tools, and also avoid the hassle of manually adding them to solutions later.
  • Deployment notes: This feature allows you to use Copilot, an AI assistant, to generate deployment notes for your apps, which describe the changes and updates that are included in each deployment. This way, you can provide more information and transparency to your downstream stakeholders, such as testers, approvers, and end users, and also avoid the hassle of manually writing deployment notes.

To use these features, you need to go to the Power Platform admin center and navigate to the solutions and pipelines pages. You can also learn more about them from the links below:

Trust and verify

The fourth and final topic is how to trust and verify your low-code operations. This means ensuring that you have visibility and insight into the activities and events that occur in your low-code estate. To do this, you can use two features: Microsoft Sentinel and Microsoft Purview.

  • Microsoft Sentinel allows you to monitor and analyze the security incidents and alerts that happen in your Power Platform tenant. You can use built-in or custom connectors to ingest data from various sources, such as audit logs, DLP events, or threat protection alerts. You can also use dashboards, workbooks, or notebooks to visualize and investigate the data.
  • Microsoft Purview allows you to discover and catalog the data assets that are used by your Power Platform apps and flows. You can use scanners to scan your data sources, such as Dataverse, SharePoint, or Azure SQL. You can also use the Purview portal or the Power Platform admin center to browse and manage your data assets.
  • Auto-claim policy: This feature allows you to integrate Power Platform licenses with the Microsoft 365 admin center, where you can create a pool of licenses that can be automatically assigned to users who launch premium apps. This way, you can reduce the friction and delay of manually assigning licenses, and also monitor and manage the license usage and availability in one place.
  • License request: This feature allows you to integrate Power Platform licenses with the Azure portal, where you can create a workflow that enables users to request licenses for premium apps, and administrators to approve or reject them. This way, you can have more control and visibility over the license distribution and consumption, and also customize the workflow according to your needs.

These features are available in the Microsoft 365 admin center and the Azure portal, where you can configure and manage your Power Platform licenses.

Conclusion

In this article, we have learned how to use the Power Platform to build and manage low-code applications at scale. We have covered four main topics: security baseline, governed innovation, continuous integration, and trust and verify. We hope that you have found this article useful and informative. If you have any questions or feedback, please feel free to contact us. Thank you for reading

Leave a Reply

Your email address will not be published. Required fields are marked *