Episode Details
Back to Episodes![Secure, Scalable, Governed: Power Platform Best Practices with Craig White [MVP]](https://d3wo5wojvuv7l.cloudfront.net/t_rss_itunes_square_1400/images.spreaker.com/original/e73dd0245083c6c0436fba96faa96483.jpg)
Secure, Scalable, Governed: Power Platform Best Practices with Craig White [MVP]
Season 2
Published 2 weeks, 2 days ago
Description
In this episode of the m365.fm podcast, Mirko Peters sits down with Craig White, double Microsoft MVP, AI Platform Lead, governance specialist, and co-host of the Power Platform Panic Room podcast. With more than twenty years of experience across SQL Server, SharePoint, Microsoft 365, Power Platform, and Copilot Studio, Craig shares deep insights into governance, citizen development, AI readiness, scalable Power Platform adoption, and the future of low-code inside the Microsoft ecosystem. This conversation goes far beyond generic Power Platform discussions. Instead, it focuses on the real-world operational challenges organizations face when trying to scale Power Platform safely while still empowering makers and enabling innovation.
WHY GOVERNANCE SHOULD ENABLE — NOT BLOCK
One of the strongest themes throughout the episode is Craig’s philosophy around governance. He explains why governance should never be about stopping people from building solutions. Instead, governance should create guardrails that allow organizations to innovate safely at scale. Craig shares how many companies still approach Power Platform with fear, often worrying that citizen developers will create chaos, expose data, or bypass IT processes. But according to Craig, the real danger is not enabling users at all. When organizations completely block innovation, shadow IT simply moves outside the organization. The discussion explores why governance frameworks should feel almost invisible for makers while still protecting the organization through:
THE REALITY OF POWER PLATFORM GOVERNANCE
Craig highlights how unique Power Platform governance really is compared to traditional Microsoft technologies. Unlike older systems where access was centrally controlled, Power Platform arrived enabled by default. Many organizations never realized employees already had access to build apps, flows, automations, and AI solutions for years. This creates a completely different governance challenge. Craig explains how organizations often discover thousands of apps, flows, and automations already running inside their tenant before governance processes even exist. The episode explores why governance maturity starts with visibility and understanding what already exists inside the environment. The discussion also dives into:
The conversation naturally shifts toward AI and Copilot Studio, where Craig shares his excitement about the future of AI inside Power Platform. He explains how organizations are rapidly moving from simple automation into:
WHY GOVERNANCE SHOULD ENABLE — NOT BLOCK
One of the strongest themes throughout the episode is Craig’s philosophy around governance. He explains why governance should never be about stopping people from building solutions. Instead, governance should create guardrails that allow organizations to innovate safely at scale. Craig shares how many companies still approach Power Platform with fear, often worrying that citizen developers will create chaos, expose data, or bypass IT processes. But according to Craig, the real danger is not enabling users at all. When organizations completely block innovation, shadow IT simply moves outside the organization. The discussion explores why governance frameworks should feel almost invisible for makers while still protecting the organization through:
- Environment strategies
- Data Loss Prevention policies
- Security boundaries
- API governance
- Controlled connectors
- Lifecycle management
THE REALITY OF POWER PLATFORM GOVERNANCE
Craig highlights how unique Power Platform governance really is compared to traditional Microsoft technologies. Unlike older systems where access was centrally controlled, Power Platform arrived enabled by default. Many organizations never realized employees already had access to build apps, flows, automations, and AI solutions for years. This creates a completely different governance challenge. Craig explains how organizations often discover thousands of apps, flows, and automations already running inside their tenant before governance processes even exist. The episode explores why governance maturity starts with visibility and understanding what already exists inside the environment. The discussion also dives into:
- Default environment risks
- Tenant settings
- Environment provisioning
- DLP policies
- Governance automation
- Connector restrictions
- Enterprise administration
The conversation naturally shifts toward AI and Copilot Studio, where Craig shares his excitement about the future of AI inside Power Platform. He explains how organizations are rapidly moving from simple automation into:
- AI agents
- Copilot Studio
- Skills-based automation
- MCP integrations
- AI-assisted governance
- Intelligent business workflows
- Oversharing
- Permissions
- Data security
- Compliance
- Zero trust architecture
- Information governance