Further to yesterday’s blog, here’s how I would have rolled this out if I was Microsoft :
1) Looked at this from the point of view of the business as well as the individual and put controls in place first, like …
2) Given companies at least 1 year notice of this “feature”, not one month; and rollout robust governance measures below that are easy to implement to give companies the time to assess the risk and put proper measures in place.
3) Allow tenant admins to get alerts on all new purchases.
4) Allow tenant admins to get alerts on all new systems built with them and take back ownership of any of them when the person who bought them in their personal capacity leaves the company.
5) Allow tenant admins to intervene in the purchase process and make users sign an acceptable use policy before allowing them to continue.
6) Allow tenant admins to review or reassign all licenses assigned by users and negotiate with Microsoft on their enterprise agreements on big changes to licensing numbers – with the ability to consolidate those licenses into preferential pricing for new volumes. …. Or is the strategy to just sell more and more and more licenses….?
7) Create proper dashboards for every single power platform that gives a complete overview of every single usage scenario that has been built, who built it, when and what site it lives on (think Microsoft Forms, no way to see what Forms are where in a business). Why? To mitigate duplication of effort – half the time people don’t know things are already available on the intranet and end up just rebuilding them resulting in many versions of the truth and very challenging reporting.
8) Send reminder / confirmation emails on a monthly basis to the user who purchased the service, cc’ing the Global Admins, to check if they are still in the company and to acknowledge that they are or the service stops running. And if no acknowledgement takes place, escalate it to the Global Admins for action, allowing them to take over the systems built by the user and cancelling the credit card associated with it.
9) Stop selling a one-sided, rose tinted glasses view of licenses and tell people the truth about the enormous governance risks and controls that need to be in place first – how do you think CEO’s and auditors will respond to this latest development with no mitigating controls in place?
10) Allow tenant admins to decide what services may be bought via self-service and which ones may not, or just switch the whole thing off until better governance measures have been rolled out.
Do you feel as agitated as I do about this? Vote up blocking this on tenant level on uservoice.
All this self service capability in a bid to “address” shadow IT? More about that in the next blog.