All Content
Timespan
explore our new search
Managing Default Environment in Power Platform Governance 03
Image Source: Shutterstock.com
Power Apps
Oct 19, 2022 8:28 PM

Managing Default Environment in Power Platform Governance 03

by HubSite 365 about Michael Roth [MVP]

Microsoft MVP Business Applications | Power Platform Consultant | Governance & Adoption | reigning minigolf champion

Citizen DeveloperPower SetupPower AppsM365 Hot NewsPower Selection

Unlock the full potential of your Microsoft Power Platform with governance strategies, data loss prevention policies, and SharePoint optimization from a seasone

Our blogger, Michael Roth [MVP], gives us an insightful look into Power Platform governance and handling default environments in his latest entry. Roth emphasizes a default environment is automatically generated for every tenant and user on this tenant has access to it.

Power Platform users should take note that the default environment is created based on the closest region to Azure's AD tenant. Additionally, every user, upon signing up, is granted the "Maker" role.

Why should one care about their default environment? Michael lists several reasons: it can’t be deleted, backed up, or restored. Furthermore, any user accessing an app creator studio or Power Automation will land in the default environment.

Understanding the Default Environment

From his blog, we get that there are two essential details about the default environment: every licensed user has access, and it is challenging to manage. A keen point to these details is that users can access the Maker studio even without a license, creating apps that cannot be published. However, these created apps can still run in play-mode, and if you haven't blocked any connectors, they'll function.

He moves onto best practices, providing some recommendations to optimize the system. One simple tip is renaming the default environment. Explaining further, he mentions how Microsoft envisions the default environment as a space for personal productivity. Changing the name eases understanding for users.

Another must-follow practice is setting up a data loss prevention policy. Since every user can access the default environment and even non-licensed flows can be activated, avoiding data loss is crucial.

Additional Measures and Policies

With various specifics for different categories of services shared, Michael warns that new connectors are continually being added. Thus, it's crucial to set the default group for fresh connectors to "Blocked," keeping the DLP up-to-date.

Lastly, alterations can also be done in SharePoint custom forms. By using the PowerShell Administrator module, default environments can be changed. This shifts the storage for SharePoint custom forms from the default environment.

This was a high-level summary of Michael Roth's informative blog post on default environment governance within the Power Platform. Such considerations are essential for organizational roll-outs to provide a streamlined and secure usage experience.

General Thoughts on the Power Platform

Power Platform has become a tool of high importance for businesses that want to optimize their operations. Its versatility enables organizations to automate workflows, analyze data, and create complex systems without the need for extensive coding knowledge.

The platform's broad accessibility makes it an appealing tool for all users, regardless of their technical skills or roles within their organizations. Its impact expands beyond IT departments, providing digital empowerment across a company. Nonetheless, as explored by Michael Roth, intricacies like the governance of default environments must be considered to ensure the smooth operation and successful implementation of the platform.

Read the full article Power Platform governance 03 - Take care about your default environment

Power Apps - Managing Default Environment in Power Platform Governance 03

Learn about Power Platform governance 03 - Take care about your default environment

One of the revolutionary tools by Microsoft is the Power Platform, which streamlines organizational processes and tackles complex scenarios with ease. A fundamental component of the Power Platform is the default environment which is automatically created for each tenant upon subscription. This default environment is unique in comparison to other environments as it cannot be deleted, backed up or restored, and provides every licensed user with access. However, its convenience also presents challenges in governing and managing this environment.

Let's delve into why the default environment is such an important entity in the Power Platform and how we can best manage it. It's important to consider some best practices for maintaining the default environment. These practices not only make your environment regulatory compliant but also ensure maximum productivity.

Gaining an insight into how our default environment works will help us understand why its special characteristics need particular attention. For instance, any user who opens a Power-based app will automatically be directed to the default environment. Moreover, any Flows generated from a SharePoint list or customized Forms will also be stored here. Although convenient, these features may add to the challenge of managing this particular environment.

So, how do we effectively manage it? Renaming the default environment is a good starting point. Microsoft encourages users to use this environment for personal productivity tasks meaning tasks that only affect their own user account. This could entail renaming it to 'Personal Productivity', for example.

This action can be executed in a few steps: navigate to the Power Application Admin Center, select Environment, and choose your default environment. From here, you may edit, rename and save with minimum efforts.

If data security is a concern, setting up a Data Loss Prevention (DLP) policy can help. This is especially relevant in our default environment where even users without a license can trigger Flows. By setting up a DLP, we can block connectors' access to third-party applications and limit the access to certain Microsoft 365 services, thereby avoiding potential misuse.

  • Navigate to the Power App Admin Center.
  • Select Data Policies.
  • In the Prebuild connectors menu, select the cogwheel in the top-right corner.
  • Select' Blocked' and then 'Apply'.

Please note, connectors are constantly being updated, so the 'Blocked' status will keep the DLP up-to-date.

Another useful practice is to customize where SharePoint forms are stored, instead of defaulting to the default environment. You can achieve this by using the PowerShell Administrator module. The commands ‘Get-AdminPowerAppSharepointFormEnvironment’ retrieves the current environment used for SharePoint forms. The command ‘Set-AdminPowerAppSharepointFormEnvironment –EnvironmentName 'EnvironmentName' allows setting a different environment other than default.

These best practices should help build a well-organized default environment and optimize the use of Power Platform in an organization. Remember that every business has unique needs and may require further customization to their Power Platform setup.

Collaboration is key to progress. Reach out to me via Twitter and LinkedIn to share your experiences with Power Platform Governance. You can also find useful resources to deepen your knowledge on this topic, including Microsoft's own documentation on defining a proper Power Platform Environment Strategy, PowerShell support, and more.

More links on about Power Platform governance 03 - Take care about your default environment

Manage the default environment - Power Platform
Jul 12, 2023 — You need to know if these core connectors are being used so that you can provide policy guidance to your makers. For example, you might want to ...
Take care about your default environment - MichaelRoth42 Blog
Sep 19, 2022 — Things you should consider to set up in your default environment before you start to roll out a dedicated Power Platform environment ...
Secure the default environment - Power Platform
Apr 17, 2023 — Assign administrator roles judiciously. Consider whether your admin users need to have the Power Platform administrator role. Would the ...

Keywords

Power Platform governance, Default environment, Environment Management, Microsoft Power Platform, Power Platform default, Power platform control, Data management, Platform Governance strategies, Power platform environment setting, Power platform regulations