Microsoft adds high-level governance to low-code tools

Whenever CIOs talk about using low-code tools to enable citizen development, a recurring theme is how to ensure appropriate governance of the applications produced.

Microsoft has heard them loud and clear, and at its Ignite 2022 show in Seattle this week, it introduced a range of new governance capabilities and other enhancements for its Power automation platform.

It also previewed new management capabilities for automated workloads in its Entra Identity governance tool, new compliance reporting tools for monitoring the roll-out of Windows updates on enterprise desktops, and a host of updates to its Azure cloud platform.

Power to the people

Even low-code may seem like a foreign language to some workers, so Microsoft has been experimenting with ways to enable them to generate workflows with Power Automate, describing in natural language what they want to achieve and leaving an AI to build the corresponding flow. The feature, now in preview, will still require workers to set up connectors for the inputs to and outputs from the automated workflow, and to tweak it to ensure it behaves as intended.

Given the scope for ambiguity in natural language, CIOs may want to reinforce governance of applications created in this way — and with the new Managed Environments for Power Platform, Microsoft will help them do just that. First previewed in July, it’s now generally available.

Checks and balances

A new Weekly Digest feature enables admins to see how much use each Power app is getting, directing attention to the most used and reclaiming resources from unused ones.

There are also new tools to limit sharing of apps by security group or number of users, so apps don’t go viral across the enterprise until they’ve been thoroughly tested and channels are set up to communicate changes to them.

Those features will be important to CIOs, according to Kyle Davis, a VP and analyst at Garner covering low-code adoption.

“When it comes to citizen development and low code, governance is front and center,” he said.

Managed Environments is more of an evolution than a revolution, he added, saying, “There really isn’t anything there that someone couldn’t build for themselves if they wanted to.”

Indeed, Managed Environments has its origins in Microsoft’s Automation Center of Excellence starter kit, which enables enterprises to define their own best practices for Power app governance. But as the company itself acknowledges, customers found that this required a lot of manual work and expertise.

Davis said that CIOs looking for the simplicity of low-code development are often also looking for similar simplicity in its management. Managed Environments’ ability to deploy controls in a few clicks will be appealing. “It makes it easier to do things at scale,” he said.

The option to limit usage of an app to a few cubicle neighbors makes sense too, he said, because, “You can just yell across the hallway, ‘Hey, I’m going to make a change,’ and everyone’s aware,” while a change departmental app would need to go through a proper process. “What Microsoft offers with Managed Environments is something that you don’t really get from other low-code vendors in a similar space,” he said.

Environmental awareness

Not all the news at Ignite concerned Power Platform, however. Microsoft also had plenty to say about updates to its Azure cloud infrastructure offering, and an update of Syntex, its AI content management tool. Computerworld has the low-down on Syntex, but CIOs will want to be aware of other innovations that may help them trim management budgets or redeploy staff away from routine tasks.

There are new features for Microsoft Sustainability Manager, an environmental reporting tool for enterprises, including an extended data model to assist them estimating so-called Scope 3 emissions of greenhouse gases by their entire supply chain, and an Emissions Impact Dashboard for Microsoft 365 showing greenhouse gas emissions resulting from their use of Microsoft’s SaaS productivity suite.

Azure Deployment Environments, previewed at the show, offer enterprises a way to apply project-based templates to each development environment they spin up. Much like the managed environments Microsoft is introducing for low-code applications, these new templates will help development teams consistently maintain best practices across projects with minimum effort, the company said.

Cost cutting

Another management feature, Azure Automanage, is now generally available for Azure VMs and has new capabilities including the ability to patch VMs without rebooting, reducing downtime costs.

For variable computing workloads in the Azure cloud, Microsoft is introducing the ability to mix Standard and Spot Virtual Machines in the same scale set, enabling CIOs to profit from the deep discounts available for Spot VMs as their computing needs vary.

But Microsoft also wants customers to see Azure as an economical solution for base workloads. Azure savings plan for compute, available later this month, offers a discount to customers who commit to spending a minimum hourly amount on computing resources for one to three years; consumption above the minimum commitment will be charged at regular rates.

Staying Intune

Microsoft is reshuffling its branding around endpoint management: Intune, previously a component of its enterprise mobility management offering, is now the umbrella brand for its whole range of endpoint management products such as Configuration Manager — with the promise of more to come. At Ignite, the company is previewing new endpoint privilege management capabilities such as the ability to temporarily grant users limited admin permissions, and automated app patching by combining Intune with Microsoft Defender. In January 2023, it will add Microsoft Tunnel so employees can securely access company resources from their own devices without having to enroll them first. And then in March 2023, a new bundle of premium endpoint management services called Advanced Management Suite will be introduced.