Designing an effective Power Platform Tenant strategy

 

In today's landscape where AI and digital transformation is at the forefront, leveraging tools like Microsoft's Power Platform can revolutionize the way organizations operate. With its suite of low code  apps—Power BI, Power Apps, Power Automate, and Microsoft Copilot —powerful business insights, custom apps, automation, and AI-driven chatbots, AI agents are just a few clicks away. However, to truly maximize these low code tools, a robust tenant strategy is essential and the very foundation for success.

Why Tenant Strategy Matters

A well-structured tenant strategy ensures that your Power Platform environment is scalable, secure, and aligned with business objectives. The tenant strategy outlines the setup and management of an organization's environments, including considerations for security, data residency, compliance, and governance. Some of the things to consider are discussed below -

Key Considerations for Your Tenant Strategy

1. Environment Planning:

   • Development, Testing, and Production Environments: Separate these environments to ensure stability and security. This allows for rigorous testing before deploying solutions to production.

   • Sandboxes: Use sandbox environments for experimental development and to test new features without affecting production data.

2. Data Residency and Compliance:

• Ensure that your data remains within specified geographical boundaries to comply with local regulations. This is particularly important for organizations operating in multiple countries.

• Select the appropriate region for your tenant to optimize performance and meet data residency requirements. 

• Below is a Global multi-tenant for meeting Data residency requirements.

• 
  
  

3. Security and Governance: - The security and governance policies can be different to meet the local regulatory requirements.

   • Implement Data Loss Prevention (DLP) policies to prevent unauthorized access and sharing of sensitive information. 

   • Define User Roles and Permissions meticulously to safeguard data and applications against misuse.

   • Monitor and manage user activities and usage patterns to detect and address potential security threats.

4. Scalability: Consider the implication of AI models for future growth planning. 

   • Plan for future growth by considering the scalability of your environment. Ensure that your tenant can accommodate increased workloads and data volumes as your organization expands.

   • Regularly review and adjust your environment settings to align with evolving business needs.

5. Cost Management: The focus on reducing operations costs will require a constant cost optimization and management approach. 

   • Keep track of the ongoing costs associated with your tenant, including licensing, storage, and premium features. Implement financial controls to avoid unexpected expenses.

Best Practices for a Successful Power Platform Implementation

• Regular Audits: Conduct frequent audits of your environments and costs to ensure compliance and identify areas for improvement.

• User Training: Empower your team with adequate training and resources to utilize the Power Platform effectively. Encourage team members to get certified and showcase their talents.

• Feedback Loops: Encourage users to provide feedback on their experiences and challenges to continuously refine your applications and business strategy.

In conclusion, an effective tenant strategy for the Power Platform isn't just about the initial requirements and setup—it's about creating a scalable, secure, and adaptable environment that can grow alongside your business. By focusing on these key areas, you can unlock the full potential of Power Platform and drive meaningful AI led digital transformation within your organization.

Let me know if this works for you. Thanks for reading.

Mihir Shah                            @mihircrm             365WithoutCode

10 Things to consider when Managing Enterprise Apps - Microsoft Dynamics 365 on Microsoft Cloud

 Once an enterprise application like Microsoft Dynamics 365 goes live within an organization there is lot of excitement. The project team is happy with the results of the efforts over the year/s. It is the day after going live that the operations team is faced with the post go-live challenges. There are lots of questions on how to support, operate, manage, adopt and scale the new Dynamics 365 application. Microsoft Dynamics 365 in an enterprise cloud environment can be very challenging. There could be multiple integrations with other systems within and outside the organization, compliance and security requirements, business enhancements needs and performance management. This requires planning and coordination with multiple teams. This blog series is about how to prepare and plan for managing of an enterprise Dynamics 365 app. Here are the top 10 things to consider - 

1. Governance (decision making) - There needs to be a governance team in place. There could be multiple operations support teams working on the system for example the application support and maintenance team, the infrastructure and security management team and the application enhancement team. There has to be a defined governance team that may consists of representatives from business, IT, Project and executive management. This helps the operations team to report any blockers, get the guidance and support for the system management. The governance teams meets on a monthly cadence and reviews the teams progress and challenges. They will discuss how to resolve the blockers, improve the operational performance and opportunities for enhancing the Dynamics 365 application.

2. Security and Access control - As the Dynamics 365 application usage increase so does the need to add new users and give them proper access. There could also be challenges with the existing users who may need to modify their security roles, teams and business unit. It is an ongoing challenge to manage the users access and application security which needs to be considered and managed. Assigning a role based user security template will make the access streamlined. 

The tasks for the security team is to regularly review and update user security roles, active directory teams and business units as user responsibilities change. Also remember to remove users and reassign licenses when the users are no longer required to access the app. Finally regularly audit user access logs on a monthly or quarterly basis to identify any unauthorized or suspicious activities. 

3. Data security and integrity - Having a reliable quality data is important for the adoption and success of the Dynamics 365 app. Users should be confident that the data that they rely on to make business decisions is safe and trustworthy. Implement a data governance practice to maintain data integrity and quality. Regularly set reviews, cleanse and maintain data for accuracy, completeness and consistency. Users should be provided training in proper data entry and maintenance standards. 

The data loss prevention rules should be in place to prevent the leakage of data. Sensitive data in the Dynamics 365 app should be protected and secured using field level security. Duplicate detection should be in place and active where needed. It is essential to set-up data validation and duplicate detection rules to prevent erroneous and unreliable duplicate data. Data lifecycle, archival and storage needs to be planned as the data size grows with complexity.

4. Application Performance Monitoring - The Dynamics 365 application and related infrastructure should be continuously monitored for any issues, bottlenecks or maintenance requirements. A mechanism should be in place to trigger alerts and auto create incident support tickets for any identified issues. The error logs, system logs and performance metrics should be reviewed for measuring the performance of the application. Users should be trained in identifying and reporting issues with proper documentation. 

Microsoft provides many options to monitor and manage Microsoft Dynamics 365 and Power Platform. The Power Platform Admin Center has OOTB performance metrics that can be reviewed. Additionally Azure Monitor and Application Insights can be set-up to track and monitor the performance. Additionally you can even use Power Automate to trigger alerts and create incident support tickets.

5. Support Team  - Plan to have a dedicated multi-level support team. The teams can be set-up on a Tiered support level based on the incident complexity, severity and priority. Tier 1 and 2 support can be provided by the organization support helpdesk. Tier 3 support can be provided by the Application Manage Services Partner and Tier 4 support can be from Microsoft product support team. It is important to have the team trained on the business application and on supporting Dynamics 365 and Power Platform.

6. Product updates and upgrades - Microsoft provides 2 major updates annually for Microsoft Dynamics 365. Plan in advance to have the Dynamics 365 updates tested and implemented. 

Safe deployment of updates for Dynamics 365 by region

The business and IT needs will require regular enhancements of the Dynamics 365 application and supporting infrastructure. Ensure proper training of the support team as part of the enhancement of the Dynamics 365 application and infrastructure.

I hope this helps your organization in planning for the post go-live operations and management of the Dynamics 365 enterprise application on Microsoft cloud. Please stay tuned for my next blog where I will discuss the remaining 4 items to consider when managing Microsoft Dynamics 365 enterprise applications. Let me know your thoughts and thanks for reading.

@MihirCRM

365WithoutCode

 

 

Managing Risks with Microsoft Dataverse Power Platform and Dynamics 365 - Part-1 - Business Continuity & Disaster Recovery

Risks management is critical for every organization.  There was a time when the severity, definition and type of risks that a business may encounter were considered to be different. The risk was dependent on the size, nature of business and geographic location. Now that the core business apps and data are running in the cloud, the risks are the very much the same for every organization. 

Why risk management for the Cloud?

Cloud has leveled the playing field when it comes to risk management. Every organization big or small will face the same level of risk. The impact of the risk in $ value may be different. It is imperative for organizations to have a risk management plan to understand, analyze, mitigate and protect themselves from running their business in the cloud. This blog series is focused on understanding risk management with Microsoft Dataverse - Power Platform and Dynamics 365. (disclaimer - I am NOT a business risk management professional. This is my attempt to help you understand how risks can be managed when using Microsoft Dataverse)

#1 - Business Continuity and Disaster Recovery (BCDR)

When you purchase Microsoft Dynamics 365 or Power Platform licenses you will be provisioning 1 or more environments. Consider environment as a container for your business apps and data. You may have multiple development sandbox, testing, staging and production environments. Each environment has an instance of Microsoft Dataverse. Your business users are provisioned in the different environment. You may have your environments in 1 Geo region (lets say East Coast - US) which is nearest to your group of app users. You may even have users globally and have multiple environments in different Geo regions. How do you protect your environments from a unforeseen disaster in a geo region? How do you ensure that your mission critical business apps will be up and running asap and your data protected? 

Every cloud services provider has a well defined plan to protect their customers apps and data in the cloud. Microsoft has defined a Business Continuity and Disaster recovery plan for the Dataverse environments. 

Dynamics 365 Customer Engagement apps - for the production environments a replica or copy is made in a second geo region (Geo secondary replica), of the different storage services like Azure SQL and file storage and compute infrastructure. The copy is done at the time of the deployment and on an ongoing basis they are kept synchronized (with some lag in minutes) through continuous data replication. 

Dynamics 365 Customer Engagement - Geo Secondary Replica

Dynamics 365 Finance and SCM apps - The geo secondary replica is also done for this apps. 

Dynamics 365 - Finance and SCM apps

The replica environments are in a Azure region pair and have a dedicated low latency network. They also are within the data residency and compliance boundaries 

Azure region pairs

Failover types and service continuity - 

Unplanned failover - In case of an unplanned failover in an Azure geo region, Microsoft will notify customers and route traffic to the secondary geo replica region. There could be a possible data loss for about 15 minutes during the transition.

Planned failover - If there is a risk to the availability of the primary geo region (like an upcoming hurricane) Microsoft will notify the customers and transition to the secondary geo replica region. The users who are connected to Microsoft Dataverse apps may experience some disruption. There will be no data loss.

Failback - Once the primary geo region is back up and running Microsoft will notify customers and move to the primary region. Connected users may experience disruptions but there will be no data loss. 

Things to note - 

1. Dataverse for Team environments do not support the Geo Secondary replicas. So if you are using Dataverse for Teams environments please make sure to have a backup on a regular basis. 

2. The geo secondary replica is only available for production instances of Dataverse. All other instances will face service degradations till the primary regions is back up and running.

3. Dynamics 365 Finance and SCM apps will have limited functionality when working in the geo secondary replica region. The Financial Reporting and Power BI reporting services will not be available. Customers can open a support ticket with Microsoft to get the Financial Reporting setup running in the secondary region.

I hope this helps in understanding the business continuity and disaster recovery risk management for Microsoft Dynamics 365 - Dataverse platform. In my next blog I will write about Security and Data loss - Risks.

Thanks for reading.

@mihircrm

#365withoutcode