M365.FM - Modern work, security, and productivity with Microsoft 365

Mirko Peters - Founder of m365.fm, m365.show and m365con.net
  • 5.0 (3)
  • Noticias tecnológicas
  • Cada día

Welcome to the M365.FM — your essential podcast for everything Microsoft 365, Azure, and beyond. Join us as we explore the latest developments across Power BI, Power Platform, Microsoft Teams, Viva, Fabric, Purview, Security, and the entire Microsoft ecosystem. Each episode delivers expert insights, real-world use cases, best practices, and interviews with industry leaders to help you stay ahead in the fast-moving world of cloud, collaboration, and data innovation. Whether you're an IT professional, business leader, developer, or data enthusiast, the M365.FM brings the knowledge, trends, and strategies you need to thrive in the modern digital workplace. Tune in, level up, and make the most of everything Microsoft has to offer. M365.FM is part of the M365-Show Network. Become a supporter of this podcast: https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365--6704921/support.

  1. Cryptographic Agility: The Only Defense Against Quantum

    hace 5 h

    Cryptographic Agility: The Only Defense Against Quantum

    Most discussions about quantum computing focus on a single question:When will quantum computers break encryption?The better question is this:How quickly can your organization replace encryption when it happens?Because the organizations that survive the quantum transition won't necessarily be the ones that adopt the newest algorithms first. They'll be the organizations that can change algorithms without rebuilding their infrastructure.In this episode, we explore the growing reality of post-quantum cryptography, the harvest-now-decrypt-later threat, Microsoft's evolving quantum-safe roadmap, and why cryptographic agility is becoming one of the most important architectural disciplines in enterprise security.We examine the technologies, standards, governance models, and operational practices required to prepare Microsoft 365, Azure, Active Directory, Entra ID, Azure Key Vault, VPN infrastructure, certificate services, and enterprise applications for a future where today's cryptography can no longer be trusted.If your organization expects data to remain confidential beyond 2030, this episode explains why preparation can no longer wait. THE HARVEST-NOW, DECRYPT-LATER THREAT Many organizations assume quantum risk begins when a quantum computer arrives.In reality, the risk started years ago.Adversaries can capture encrypted traffic today and store it indefinitely. Once cryptographically relevant quantum computers emerge, that archived data can potentially be decrypted retroactively.We explore:Harvest-now, decrypt-later attacksLong-term confidentiality risksWhy encryption can fail years after data is stolenThe impact on healthcare, finance, government, and intellectual propertyHow retention periods influence quantum riskFor organizations protecting data with multi-decade value, the threat already exists. UNDERSTANDING QUANTUM COMPUTING Quantum computing is often misunderstood.It's not simply a faster computer.Quantum systems use entirely different computational models built around qubits, superposition, interference, and entanglement.This episode explains:Physical versus logical qubitsError correction challengesShor's AlgorithmGrover's AlgorithmWhy quantum computers threaten public-key cryptographyWhy symmetric encryption remains more resilientUnderstanding the technology helps separate realistic risk from sensational headlines. THE GLOBAL QUANTUM TIMELINE Nobody knows exactly when Q-Day will arrive.What matters is that governments, vendors, and standards organizations are already planning for it.We discuss:NIST standardization effortsIBM quantum roadmapsGoogle Quantum AI milestonesQuantinuum and IonQ developmentsGovernment transition mandatesExpert forecasts for cryptographically relevant quantum computersThe conversation is no longer about if organizations need to prepare.It's about whether they can prepare in time. THE COLLAPSE OF RSA AND ECC Modern digital trust depends on public-key cryptography.The internet, cloud computing, software updates, identity systems, VPNs, and certificates all rely on mathematical assumptions that quantum computers threaten to break.We examine:RSAElliptic Curve Cryptography (ECC)Diffie-Hellman key exchangeDigital signaturesPKI infrastructuresIdentity systemsWhen these foundations fail, the impact extends far beyond encryption. THE NEW GENERATION OF POST-QUANTUM ALGORITHMS The replacement algorithms already exist.After years of evaluation, NIST selected a new generation of post-quantum standards designed to resist both classical and quantum attacks.This episode explores:ML-KEM (formerly CRYSTALS-Kyber)ML-DSA (formerly CRYSTALS-Dilithium)SLH-DSA (formerly SPHINCS+)FN-DSA (FALCON)Lattice-based cryptographyHash-based signaturesLearn how these algorithms work and why they represent one of the largest cryptographic transitions in history. THE PERFORMANCE REALITY OF POST-QUANTUM CRYPTOGRAPHY Quantum-safe cryptography isn't free.The computational performance is often excellent.The bandwidth impact is not.We discuss:Larger key sizesLarger signaturesTLS handshake expansionCertificate chain growthNetwork fragmentationMobile and IoT constraintsPerformance trade-offsDiscover why the challenge isn't CPU performance but infrastructure scalability. WHY MOST ORGANIZATIONS DON'T KNOW WHERE THEIR CRYPTOGRAPHY LIVES One of the biggest obstacles to migration is visibility.Many organizations cannot accurately identify every location where cryptography is used across their environment.This episode examines:Hidden certificate dependenciesHard-coded cryptographic librariesLegacy applicationsVPN infrastructuresSSH deploymentsSaaS integrationsAPI security dependenciesYou can't migrate what you can't find. THE CRYPTOGRAPHIC BILL OF MATERIALS (CBOM) Before organizations can migrate, they must inventory.The Cryptographic Bill of Materials is emerging as a critical capability for modern security programs.We explain:CBOM fundamentalsContinuous cryptographic discoveryDependency mappingVendor risk analysisAlgorithm inventoriesCompliance reportingA cryptographic inventory becomes the foundation of every migration strategy. CRYPTOGRAPHIC AGILITY EXPLAINED The most important concept in this episode is cryptographic agility.Rather than hard-coding algorithms into applications and infrastructure, organizations build systems capable of changing algorithms without disrupting operations.We explore the four pillars of agility:ModularitySeparating cryptographic services from application logic.AbstractionUsing APIs and services that hide algorithm implementation details.Policy SeparationManaging cryptographic choices through policy rather than code.Hybrid CryptographyCombining classical and post-quantum algorithms during transition periods.These principles transform cryptography from a static dependency into an adaptable capability. HYBRID CRYPTOGRAPHY AND THE ROAD TO POST-QUANTUM The future won't arrive all at once.The transition period will rely heavily on hybrid cryptographic approaches.We discuss:X25519MLKEM768Hybrid TLSDual-signing strategiesTransitional architecturesBrowser supportCloud provider adoptionHybrid models provide protection today while enabling a gradual migration path. HARDWARE SECURITY MODULES IN THE QUANTUM ERA Hardware Security Modules remain the root of trust for enterprise cryptography.But they also need to evolve.This episode explores:Crypto-agile HSMsFirmware-based algorithm updatesAzure Managed HSMAzure Key VaultKey rotation automationQuantum-safe trust anchorsThe future of cryptography depends on flexible trust infrastructure. MICROSOFT'S POST-QUANTUM ROADMAP Microsoft has already begun integrating post-quantum cryptography across its ecosystem.We take a detailed look at:SymCryptWindows 11Windows Server 2025.NET 9Azure Key VaultAzure Managed HSMActive Directory Certificate ServicesMicrosoft EdgeAzure infrastructureMany organizations are already benefiting from post-quantum protections without realizing it. BUILDING A QUANTUM READINESS PROGRAM Technology alone isn't enough.Successful migration requires governance, ownership, accountability, and long-term planning.We discuss how organizations should establish:Enterprise Cryptography ProgramsSteering CommitteesMigration roadmapsRisk prioritization modelsContinuous inventoriesVendor management processesCompliance reporting frameworksThe organizations that succeed will treat cryptography as a strategic capability rather than a technical implementation detail. THE MICROSOFT 365 IMPACT For Microsoft-centric organizations, the transition touches nearly every platform.We explore implications for:Microsoft 365Entra IDActive DirectoryExchange OnlineSharePoint OnlineTeamsAzurePower PlatformAzure API ManagementAzure NetworkingThe quantum transition is not a single project.It's an enterprise-wide transformation. WHO SHOULD LISTEN? This episode is designed for:CISOsCIOsCTOsEnterprise ArchitectsSecurity ArchitectsAzure ArchitectsMicrosoft 365 ArchitectsPKI AdministratorsIdentity EngineersInfrastructure TeamsCompliance LeadersRisk ManagersGovernment Technology TeamsIf your organization manages sensitive data, regulated workloads, or long-term digital assets, this episode provides a practical roadmap for navigating one of the most significant security transitions of the next decade. Become a supporter of this podcast: https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365--6704921/support.

    1 h 27 min
  2. Microsoft Purview in the Age of AI: Securing Copilot with Peter Rising [Microsoft]

    hace 19 h

    Microsoft Purview in the Age of AI: Securing Copilot with Peter Rising [Microsoft]

    As organizations race to adopt Microsoft 365 Copilot, AI Agents, and Generative AI, one critical question continues to emerge: is your data ready for AI? In this episode of M365 FM, Mirko Peters sits down with Peter Rising, Senior Partner Solution Architect at Microsoft, to explore Microsoft Purview, Zero Trust, Data Governance, Compliance, Security, and the growing importance of protecting information in the age of AI. Peter shares his remarkable journey from IT support in the 1990s to becoming one of Microsoft's leading voices on Security, Compliance, Identity, and Microsoft Purview. Having worked with some of Microsoft's most strategic partners across the UK and Ireland, Peter helps organizations securely adopt Microsoft 365 Copilot, Agents, and AI technologies while maintaining strong governance, compliance, and security foundations. WHY AI HAS CHANGED THE SECURITY CONVERSATION For years, organizations focused heavily on identity and endpoint protection through technologies such as Microsoft Entra ID and Microsoft Defender. However, the rise of Microsoft Copilot, AI Agents, and Agentic AI has dramatically increased the importance of understanding and governing organizational data. Peter explains why Microsoft Purview has become one of the most important platforms in the Microsoft ecosystem. AI systems depend on data as their fuel source, meaning organizations must understand, classify, secure, and govern their information before deploying AI at scale. Without proper governance, oversharing, compliance violations, and accidental data exposure become significant risks. Key takeaways: Why AI makes data governance more important than everThe relationship between Copilot and organizational dataSecurity challenges in the era of Generative AIWhy Purview adoption is acceleratingCommon mistakes organizations make before deploying AIUNDERSTANDING ZERO TRUST IN THE REAL WORLD Zero Trust has become one of the most frequently discussed security frameworks, but many organizations still struggle to understand what it actually means in practice. Peter breaks down Microsoft's Zero Trust philosophy into its three core principles: Verify Explicitly, Use Least Privilege, and Assume Breach. He explains why modern organizations can no longer rely on traditional perimeter security and how cloud-first environments require a completely different approach to identity protection, access control, and risk management. The discussion also highlights why small and medium-sized businesses are increasingly targeted by cybercriminals and why security should never be treated as an IT-only responsibility. Topics discussed: Zero Trust fundamentalsMulti-Factor Authentication (MFA)Privileged Identity Management (PIM)Assume Breach methodologyDefense in Depth strategiesBuilding a security-first cultureMICROSOFT PURVIEW EXPLAINED For many Microsoft 365 professionals, Microsoft Purview remains one of the most misunderstood products in the Microsoft portfolio. Peter provides a practical breakdown of Purview and explains why it serves as the foundation for modern data governance, compliance, and information protection. He identifies three core capabilities every organization should prioritize: Sensitivity Labels, Data Loss Prevention (DLP), and Data Lifecycle Management. The conversation explores how these features help organizations classify data, prevent accidental sharing, manage retention requirements, and ensure AI tools like Copilot respect existing security controls and permissions. Key Purview capabilities: Sensitivity LabelsData Loss Prevention (DLP)Data Lifecycle ManagementRetention PoliciesInformation ProtectionCompliance ManagementTHE OVERSHARING PROBLEM IN COPILOT One of the most common concerns surrounding Microsoft Copilot is data oversharing. Peter explains why oversharing is not primarily a Copilot problem but a data governance challenge. Copilot can only access information users already have permission to access. If data is incorrectly stored, poorly classified, or overly exposed, AI simply makes those issues more visible. The discussion explores practical strategies organizations can use to identify oversharing risks before deploying AI, including SharePoint Advanced Management, Data Security Posture Management (DSPM), Microsoft Defender for Cloud Apps, and comprehensive data discovery initiatives. Key takeaways: Oversharing vs governanceData Security Posture Management (DSPM)SharePoint Advanced ManagementDefender for Cloud AppsData discovery and classificationAI readiness assessmentsRESPONSIBLE AI, GOVERNANCE & COMPLIANCE As AI adoption accelerates, organizations must balance innovation with governance, compliance, and security requirements. Peter discusses what Responsible AI really means and why responsibility extends beyond technology platforms. Successful AI adoption requires collaboration between technology providers, security teams, business leaders, governance specialists, and end users. The conversation covers AI policies, governance frameworks, DLP strategies, pilot programs, user education, change management, and the importance of building strong foundations before deploying AI solutions across the enterprise. Topics covered: Responsible AI principlesGovernance frameworksAI rollout strategiesChange managementCompliance requirementsSecurity awareness programsAGENTS, SECURITY COPILOT & THE FUTURE OF AI Looking ahead, Peter shares his perspective on Agentic AI, Microsoft 365 Agents, Security Copilot, and the future of cybersecurity operations. Contrary to popular fears, Peter believes AI will augment security professionals rather than replace them. Security analysts will increasingly focus on higher-value activities while AI handles repetitive analysis, investigation, and operational tasks. The discussion also explores emerging technologies such as quantum computing, autonomous AI systems, and how Microsoft is building security and governance capabilities directly into the future of AI-powered work. Future trends discussed: Agentic AIMicrosoft 365 AgentsSecurity CopilotQuantum ComputingAI-powered Security OperationsAutonomous SystemsFuture Cybersecurity SkillsCOMMUNITY, MENTORING & MAKING TECHNOLOGY MORE HUMAN Beyond technology, Peter shares his passion for mentoring, Women in Tech initiatives, mental health awareness, neurodiversity advocacy, and Tourette Syndrome awareness. He discusses the value of community contributions, content creation, reverse mentoring, and helping the next generation of technology professionals develop successful careers. His message is clear: technology is ultimately about people, and creating inclusive communities is just as important as building secure systems. Become a supporter of this podcast: https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365--6704921/support.

    1 h
  3. The Latency Wall: Why Your Cloud Strategy Fails at the Edge

    hace 1 día

    The Latency Wall: Why Your Cloud Strategy Fails at the Edge

    For years, organizations have followed a simple rule: move everything to the cloud.The strategy worked brilliantly for collaboration, analytics, business intelligence, and productivity workloads. Microsoft 365, Azure, Power BI, Teams, and modern cloud platforms transformed how organizations operate.But a growing number of industries are discovering a hard reality.Physics doesn't care about your cloud strategy.When robots, autonomous vehicles, computer vision systems, industrial sensors, healthcare devices, and critical infrastructure require responses measured in milliseconds, traditional cloud architectures hit an unavoidable barrier: the Latency Wall.In this episode, we explore why centralized cloud architectures struggle at the edge, why bandwidth isn't the answer, and how organizations are redesigning their technology platforms around private 5G, Multi-Access Edge Computing (MEC), Azure Stack Edge, Azure Arc, and sovereign edge architectures.If your future includes AI, automation, robotics, manufacturing, logistics, healthcare, energy, or industrial IoT, this episode explains why the next phase of digital transformation is happening closer to the data than ever before. WHY THE CLOUD BREAKS WHEN MILLISECONDS MATTER Most enterprise systems were designed around humans.Humans tolerate delay.A dashboard that loads in a few seconds feels fast.A chatbot that responds in under a second feels instant.An analytics report that refreshes in a minute is perfectly acceptable.Machines don't think that way.A robotic arm operating on a production line may require updates every few milliseconds.A computer vision system inspecting defects has fractions of a second to react.An autonomous guided vehicle navigating a warehouse cannot wait hundreds of milliseconds for instructions from a distant cloud region.The challenge isn't cloud performance.The challenge is physics.This episode explores the science of latency, jitter, determinism, and why distance creates a hard limit that no cloud provider can eliminate. THE PHYSICS OF LATENCY Every cloud strategy ultimately runs into the same constraint.Data must travel.Even at the speed of light, distance creates delay.As organizations connect factories, warehouses, hospitals, ports, mines, energy grids, and autonomous systems to cloud platforms, latency becomes an architectural problem rather than a networking problem.We discuss: Why latency and jitter matter more than bandwidthDeterministic versus best-effort networkingReal-world control loop requirementsThe impact of packet loss and network variabilityWhy cloud optimization cannot overcome physical distanceUnderstanding these concepts is critical for modern architects designing real-time systems. INDUSTRIES HITTING THE LATENCY WALL The edge is no longer a niche concept.Across every sector, organizations are discovering workloads that cannot depend on centralized cloud architectures.This episode examines real-world examples from: Manufacturing and industrial automationLogistics and warehouse roboticsHealthcare and patient telemetryEnergy and utilitiesMining operationsSmart ports and maritime logisticsRetail automationAutonomous transportationEach industry faces different challenges, but the underlying problem remains the same: critical decisions must happen locally. THE OLD CLOUD MODEL VS THE NEW EDGE MODEL For decades, enterprise architecture followed a hub-and-spoke model.Data flowed to the cloud.The cloud made decisions.The edge executed instructions.That model is changing.The modern edge architecture places intelligence closer to the source of the data.Instead of sending every sensor reading, image, and event to a distant cloud region, organizations process information locally and send only insights, exceptions, and analytics upstream.We explore: Edge-first architecturesDistributed intelligenceLocal decision-makingAutonomous operationsResilient offline systemsReal-time control loopsThe result is a fundamental inversion of traditional cloud thinking. PRIVATE 5G EXPLAINED Many organizations think 5G is simply faster wireless networking.Enterprise private 5G is something very different.It provides deterministic connectivity designed specifically for industrial and mission-critical environments.In this episode, we explain: Private 5G architectureNetwork slicingUltra-Reliable Low-Latency Communications (URLLC)SIM-based securityMobility managementQuality of Service (QoS)Deterministic networkingYou'll learn why private 5G is becoming a foundational technology for modern industrial environments. AZURE PRIVATE 5G CORE AND AZURE STACK EDGE Microsoft's answer to the edge challenge combines networking, compute, AI, and cloud management into a unified platform.We take a deep dive into: Azure Private 5G CoreAzure Stack EdgeAzure ArcAzure Network Function ManagerEdge AILocal inferenceSovereign deploymentsHybrid cloud architecturesDiscover how Microsoft enables organizations to run cloud services locally while maintaining centralized governance and management. MULTI-ACCESS EDGE COMPUTING (MEC) Private 5G alone doesn't solve the problem.Applications still need compute resources close to the workload.This is where Multi-Access Edge Computing comes in.We explore how MEC enables: Real-time AI inferenceComputer vision workloadsPredictive maintenanceDigital twinsAutonomous systemsEdge analyticsLow-latency application hostingThe combination of MEC and private 5G creates a platform capable of supporting next-generation industrial applications. THE EVENT-REASONING-ORCHESTRATION MODEL One of the most important concepts in this episode is a new way of thinking about intelligence at the edge.Instead of sending every event to the cloud, the edge becomes responsible for:Event DetectionCapturing data directly from sensors, cameras, machines, and devices.Local ReasoningRunning AI models and analytics locally.Immediate OrchestrationTaking action in real time without waiting for cloud responses.The cloud remains essential for governance, reporting, model training, and enterprise-wide intelligence, but the milliseconds that matter stay local. THE BUSINESS CASE FOR THE EDGE Edge computing isn't just about performance.It's also about economics.We explore real-world research showing how organizations achieve measurable returns through: Reduced downtimePredictive maintenanceAutomated quality inspectionEnergy optimizationAutonomous logisticsFlexible manufacturingReduced networking costsYou'll learn why some organizations are seeing extraordinary returns from private 5G and edge computing investments. DATA SOVEREIGNTY AND REGULATORY COMPLIANCE Latency isn't the only reason organizations are moving workloads closer to the edge.Data sovereignty is becoming equally important.This episode explores: GDPRNIS2The EU AI ActThe Data ActDORANational data residency requirementsSovereign cloud architecturesLearn why compliance requirements are reshaping enterprise architecture and accelerating investment in local processing capabilities. SECURITY AT THE EDGE Edge environments introduce new security challenges and opportunities.We discuss: Zero Trust architecturesSIM-based authenticationIdentity-driven networkingIEC 62443Operational Technology (OT) securityMicrosoft Defender integrationEdge security monitoringSecure AI deploymentsSecurity must evolve alongside edge infrastructure. THE CONVERGED FUTURE OF WI-FI 7 AND PRIVATE 5G The future isn't Wi-Fi versus 5G.The future is both.Organizations are increasingly adopting converged networking strategies where: Wi-Fi 7 supports knowledge workersPrivate 5G supports operational technologyAzure Arc provides unified managementApplications automatically use the best network availableThis converged model is rapidly becoming the standard architecture for enterprise environments. BUILDING YOUR EDGE STRATEGY For architects, technology leaders, and decision-makers, the question is no longer whether edge computing matters.The question is where the latency wall exists within your organization.We provide a practical roadmap covering: Pilot projectsPlatform selectionGovernance modelsData foundationsOrganizational changeEdge Centers of ExcellenceScaling strategiesOperational readinessUnderstanding these principles is essential for the next generation of cloud and AI architectures. Become a supporter of this podcast: https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365--6704921/support.

    1 h 21 min
  4. Infrastructure as Code, DevOps & the Future of Azure with Maik van der Gaag [MVP]

    hace 1 día

    Infrastructure as Code, DevOps & the Future of Azure with Maik van der Gaag [MVP]

    What does it really take to build secure, scalable, and automated cloud environments in Microsoft Azure? In this episode of M365 FM, Mirko Peters sits down with Microsoft Azure MVP Maik van der Gaag to explore Infrastructure as Code, DevOps culture, Terraform, Bicep, GitHub, Azure automation, cloud governance, and the growing impact of AI on modern platform engineering. Drawing from more than 15 years of experience helping organizations modernize their technology landscapes, Maik shares practical lessons from real-world cloud transformations, enterprise Azure deployments, and large-scale automation projects. The conversation starts with Maik's journey from traditional software development and SharePoint projects into Azure cloud architecture, eventually becoming CTO at 3fifty and later Head of Technology for the Microsoft business at Data Balance. Along the way, he reflects on building technical communities, organizing user groups, and what he has learned from years of helping professionals navigate the rapidly changing cloud landscape. THE STATE OF AZURE, CLOUD & HYBRID INFRASTRUCTURE As organizations continue to evaluate cloud-first strategies, Maik discusses the shift he is seeing toward hybrid cloud and sovereign cloud models. While many organizations remain committed to Microsoft Azure, others are balancing public cloud investments with private datacenters and local infrastructure. The discussion explores how geopolitical concerns, compliance requirements, and business continuity planning are influencing modern cloud architecture decisions. Key takeaways: Why hybrid cloud is growing againThe rise of sovereign cloud discussionsAzure versus on-premises infrastructureCloud transformation challengesEnterprise cloud strategy trendsSecurity considerations for modern workloadsINFRASTRUCTURE AS CODE EXPLAINED  Infrastructure as Code (IaC) has become one of the most important practices in cloud engineering. Maik breaks down the concept in simple terms, explaining how infrastructure can be represented as code, version-controlled, automated, and deployed consistently across environments. Rather than manually creating virtual machines, databases, networking components, and cloud resources, organizations can define their entire environment through reusable code. This approach reduces human error, improves consistency, accelerates deployments, and creates repeatable infrastructure patterns across development, testing, and production environments. Topics covered: What Infrastructure as Code actually meansWhy manual deployments create problemsReducing configuration driftVersion control for infrastructureAutomation and repeatabilityCost savings through standardizationTERRAFORM VS BICEP One of the most practical parts of the discussion focuses on Terraform and Microsoft Bicep. Maik explains the strengths and weaknesses of both approaches and why the right choice depends heavily on organizational requirements. While Bicep offers a streamlined Azure-focused experience and serves as an abstraction layer for ARM templates, Terraform provides multi-cloud flexibility across Azure, AWS, Google Cloud, Cloudflare, and many other platforms. The conversation also explores state management, extensibility, and the growing capabilities of modern Infrastructure as Code tooling. Key takeaways: Terraform vs BicepARM templates and Azure deploymentsState management conceptsMulti-cloud infrastructure strategiesInfrastructure extensibilityChoosing the right tool for your organizationDEVOPS IS NOT A TOOL One of the strongest messages from this episode is Maik's belief that DevOps is fundamentally about culture, processes, and collaboration rather than technology alone. Many organizations mistakenly focus on tools while ignoring the organizational changes required to achieve DevOps success. Maik explains why successful DevOps teams combine developers, operations professionals, security experts, and business stakeholders into integrated teams focused on delivering value. The discussion also covers Azure DevOps, GitHub Enterprise, GitOps, DevSecOps, and how organizations can build more effective engineering cultures.  Topics discussed: DevOps as culture versus technologyWhy organizations struggle with DevOpsAzure DevOps vs GitHubGitOps explainedDevSecOps principlesBuilding self-organizing teamsSECURITY, GOVERNANCE & SECRETS MANAGEMENT Security remains a recurring theme throughout the conversation. Maik highlights one of the most common mistakes organizations make when moving to Azure: assuming cloud environments are automatically secure. The episode explores identity management, Microsoft Entra ID, MFA, Key Vault, managed identities, federated credentials, GitHub Actions, governance strategies, and best practices for protecting enterprise cloud environments. Key takeaways: Azure security fundamentalsManaging secrets securelyMicrosoft Entra ID considerationsKey Vault best practicesFederated identity credentialsCloud governance and complianceAI, GITHUB COPILOT & THE FUTURE OF CLOUD ENGINEERING Artificial Intelligence is impacting every area of technology, including cloud engineering and Infrastructure as Code. Maik shares how GitHub Copilot and AI-assisted development have dramatically accelerated his daily work. Rather than writing every Terraform or Bicep template manually, AI can generate infrastructure code in seconds. However, Maik stresses a critical point: engineers must still understand, validate, and review every line of AI-generated code. Organizations that blindly trust AI outputs risk introducing security issues, configuration errors, and operational challenges. The discussion covers practical AI adoption, prompt engineering, code validation, AI governance, and how engineers can use AI responsibly without losing critical technical expertise.  Topics covered: GitHub Copilot for Infrastructure as CodeAI-assisted cloud engineeringValidating AI-generated codePrompt engineering techniquesResponsible AI adoptionFuture skills for cloud professionalsCAREER ADVICE FOR CLOUD ENGINEERS The episode concludes with practical advice for professionals looking to start their Infrastructure as Code journey. Maik explains why understanding the "why" behind automation matters more than simply learning a tool and shares recommendations for choosing between Terraform and Bicep based on organizational needs. His final message is simple but powerful: do the things you love, stay engaged with the community, continue learning, and never assume technology is as easy as it first appears. Whether you're a Cloud Architect, Azure Administrator, DevOps Engineer, Platform Engineer, Security Professional, Infrastructure Engineer, IT Consultant, Microsoft MVP, or technology leader, this episode delivers valuable insights into the technologies, practices, and mindsets shaping the future of cloud computing. Become a supporter of this podcast: https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365--6704921/support.

    52 min
  5. How to Architect Low-Cost AI Agents in the Microsoft Cloud

    hace 2 días

    How to Architect Low-Cost AI Agents in the Microsoft Cloud

    Most organizations think their AI costs are driven by model pricing.They're wrong.The biggest cost problems in Microsoft AI environments often have nothing to do with GPT-5, Azure OpenAI, or Copilot licensing. Instead, they come from hidden architectural decisions that quietly multiply costs behind the scenes.In this episode, we break down the real economics of building AI agents in Microsoft Azure, Microsoft 365, Copilot Studio, and Azure AI Foundry. You'll learn why some organizations spend thousands of dollars per month on AI while others deliver the same business outcomes for a fraction of the cost.We explore the three hidden taxes affecting nearly every enterprise AI deployment: the Context Tax, the Reasoning Tax, and the Autonomous Tax. Together, these invisible costs can turn a successful proof-of-concept into a budget crisis.More importantly, you'll learn how to eliminate them. THE PROMISE VS THE INVOICE Microsoft has made AI easier to deploy than ever before.Copilot appears inside Teams, Outlook, Word, PowerPoint, and Microsoft 365. Azure AI Foundry simplifies model deployment. Copilot Studio allows low-code agent development. Power Platform integrates AI into business processes.But simplicity often hides complexity.The moment you build a custom Copilot Studio agent, connect SharePoint knowledge sources, invoke Azure OpenAI models, or trigger autonomous workflows, you enter a world of consumption billing where every token, action, and retrieval operation has a cost.In this episode, we uncover how Microsoft's AI billing layers actually work and why understanding them is the foundation of any successful AI architecture. THE THREE HIDDEN TAXES OF ENTERPRISE AI Most organizations unknowingly pay three separate AI taxes.The Context TaxPoor retrieval design floods prompts with irrelevant content.Instead of retrieving only the information needed to answer a question, many RAG implementations pull dozens of documents into the prompt, dramatically increasing token consumption while often reducing answer quality.The Reasoning TaxMany organizations route every request to their most expensive model.Simple FAQ requests, classifications, and summarizations frequently run on frontier models when smaller and cheaper models could deliver identical outcomes.The Autonomous TaxAutonomous agents never sleep.Background workflows, Graph grounding, Power Automate actions, and event-driven agents continue consuming credits long after employees have logged off.When these three taxes combine, AI spending can spiral out of control. UNDERSTANDING COPILOT STUDIO COSTS Copilot Studio has become one of the most powerful tools in the Microsoft ecosystem.It also introduces new consumption models that many organizations underestimate.We discuss:Copilot CreditsCapacity PacksPay-As-You-Go billingGraph Grounding costsAgent actionsAutonomous triggersAI Builder transitionsThe November 2026 licensing changesUnderstanding these mechanics is essential before deploying large-scale business agents. THE NOVEMBER 2026 AI BUILDER DEADLINE One of the most important dates in Microsoft's AI roadmap arrives on November 1st, 2026.On that date, seeded AI Builder credits disappear.Organizations currently relying on included AI Builder capacity may discover that previously "free" AI workloads suddenly become billable.We explain:What changes in November 2026Which workloads are affectedHow to prepare before the deadlineWhy many organizations could face unexpected costsHow to build a transition strategy today THE COST ARCHITECTURE FRAMEWORK Reducing AI costs isn't about buying cheaper models.It's about designing better architectures.The framework discussed in this episode focuses on four core engineering principles:Semantic CachingAvoid generating answers that already exist.Using Azure API Management and vector similarity search, organizations can dramatically reduce repeat LLM calls while improving response times.Prompt CompressionMost prompts are larger than they need to be.We explore Microsoft's LLMLingua framework and how prompt compression can reduce token consumption without reducing answer quality.Model RoutingNot every request deserves GPT-5.Azure AI Foundry's Model Router enables intelligent routing between GPT-5 Nano, GPT-5 Mini, and larger frontier models based on task complexity.Capacity OptimizationLearn when Pay-As-You-Go pricing makes sense and when Provisioned Throughput Units (PTUs) become financially attractive. AZURE AI FOUNDRY AND MODEL ROUTING One of the most exciting developments in Microsoft's AI stack is model routing.Instead of selecting a single model for every task, organizations can allow the platform to automatically choose the most cost-effective model for each request.We explore:GPT-5 GlobalGPT-5 MiniGPT-5 NanoAzure AI Foundry Model RouterMulti-model architecturesCost optimization strategiesEnterprise deployment patternsThe result is often substantial cost reductions with little or no impact on user experience. AZURE COST MANAGEMENT FOR AI You can't optimize what you can't measure.This episode walks through practical techniques for monitoring AI costs using:Azure Cost ManagementAzure MonitorLog AnalyticsKusto Query Language (KQL)Azure CopilotResource TaggingCost Classification FrameworksLearn how to identify cost anomalies before they become budget problems. BUILDING A GOVERNANCE MODEL FOR AI Technology alone won't solve cost challenges.Organizations need governance.We discuss:Cost Classes (Gold, Silver, Bronze)Chargeback ModelsPlatform Team ResponsibilitiesCitizen Developer GovernanceBudget ControlsConsumption CapsAI Service CatalogsQuarterly Review ProcessesWithout governance, cost optimization efforts rarely survive long-term. THE 90-DAY IMPLEMENTATION ROADMAP To help organizations move from theory to execution, this episode presents a practical 90-day roadmap.Days 1–30: AuditGain visibility into your AI costs.Days 31–60: Quick WinsDeploy caching, retrieval optimization, and budget controls.Days 61–90: Architecture TransformationImplement compression, model routing, governance, and long-term optimization.The roadmap provides a practical path toward sustainable AI economics. REAL-WORLD CASE STUDY We conclude with a detailed case study showing how a support agent architecture was redesigned using the techniques discussed throughout the episode.The results demonstrate how:Retrieval optimization reduced prompt sizeSemantic caching eliminated redundant requestsModel routing lowered inference costsGovernance prevented future cost driftThe outcome was a dramatic reduction in operating costs while maintaining service quality and user satisfaction. WHO SHOULD LISTEN? This episode is designed for:Microsoft 365 AdministratorsCopilot AdministratorsAzure ArchitectsEnterprise ArchitectsIT LeadersCIOsCTOsAI EngineersPlatform EngineersPower Platform ProfessionalsCopilot Studio DevelopersFinOps TeamsCloud Financial Management TeamsSecurity & Governance ProfessionalsIf you're building AI solutions on Microsoft technologies, this episode provides a practical blueprint for controlling costs without sacrificing innovation. Become a supporter of this podcast: https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365--6704921/support.

    1 h 24 min
  6. Copilot Studio, Dataverse MCP & The Future of Agentic AI in Microsoft 365 with Nathan Rose [MVP]

    hace 2 días

    Copilot Studio, Dataverse MCP & The Future of Agentic AI in Microsoft 365 with Nathan Rose [MVP]

    The Microsoft AI landscape is evolving at an incredible pace, and few people are closer to the transformation than Microsoft Business Applications MVP Nathan Rose. In this episode of M365 FM, host Mirko Peters welcomes Nathan for an in-depth conversation about Copilot Studio, Dataverse MCP (Model Context Protocol), Business Skills, Agentic AI, Microsoft 365 Copilot, and the future of intelligent business applications across the Microsoft ecosystem.Nathan shares his journey from the early Microsoft Dynamics CRM 2011 days to becoming a leading Power Platform Solution Architect and community voice. Along the way, he explains how the transition from traditional low-code development to AI-powered application development is reshaping careers, organizations, and enterprise software architecture. For anyone working with Microsoft 365, Power Platform, Dynamics 365, Azure AI, Copilot Studio, Dataverse, or Microsoft Copilot, this episode provides valuable insights into where the industry is heading. THE EVOLUTION FROM LOW-CODE TO AGENTIC AI The conversation begins with Nathan's experience in the Microsoft Power Platform community and how low-code tools such as Power Apps, Power Automate, Dataverse, and Power Virtual Agents opened the door for people from non-traditional technical backgrounds. As AI becomes increasingly integrated into Microsoft's platform strategy, Nathan explains why organizations are moving beyond traditional workflows and into a new era of Agentic AI.Rather than simply automating predefined processes, modern AI agents can reason, make decisions, discover tools, interact with business data, and perform complex actions autonomously. Nathan discusses why Copilot Studio is becoming one of the most important platforms in the Microsoft ecosystem and how natural language is rapidly replacing traditional development approaches.Key topics include: Low-code vs Agentic AICopilot Studio evolutionMicrosoft Power Platform innovationAI-powered business applicationsPrompt engineering and AI workflowsFuture skills for Microsoft professionalsWHAT IS DATAVERSE MCP AND WHY DOES IT MATTER? One of the most valuable parts of the discussion focuses on Dataverse MCP (Model Context Protocol), one of Microsoft's most exciting new technologies for enterprise AI solutions.Nathan explains why MCP should not simply be viewed as "the new API." Instead, MCP enables AI agents to understand context, discover capabilities, reason about data, and dynamically select the tools needed to complete a task. Using a memorable comparison, Nathan describes APIs as Spotify playlists while MCP acts more like a live DJ that continuously adapts to the environment and audience.The conversation explores how Dataverse MCP allows AI agents to interact with Microsoft Dataverse, Dynamics 365, customer records, business processes, opportunities, support cases, and enterprise data without requiring the extensive custom integrations organizations traditionally needed.Key takeaways: Understanding Model Context Protocol (MCP)MCP vs traditional APIsContext-aware enterprise AIDataverse integration strategiesIntelligent tool discoveryMicrosoft AI architectureDATAVERSE: MORE THAN JUST A DATABASE Many organizations still view Dataverse as simply another database. Nathan explains why this perspective misses the bigger picture.Dataverse serves as Microsoft's intelligent business data platform, providing a unified data layer that connects Power Apps, Power Automate, Dynamics 365, Copilot Studio, Microsoft 365 Copilot, and AI agents. Instead of managing disconnected systems and endless integrations, organizations can leverage Dataverse as a common data foundation that simplifies development, governance, security, and AI adoption.The discussion highlights why Dataverse is becoming increasingly important as organizations deploy AI agents that require access to customer data, operational information, business processes, and enterprise knowledge.Topics covered: Dataverse architectureUnified business data platformsDynamics 365 integrationEnterprise data managementAI-ready data foundationsModern application developmentBUSINESS SKILLS: THE NEXT GENERATION OF ENTERPRISE AUTOMATION Nathan also introduces Dataverse Business Skills, one of the most promising emerging capabilities for Copilot Studio and AI agents.Business Skills allow organizations to define reusable business logic and procedures that agents can discover and execute dynamically. Rather than modifying, testing, and redeploying entire agents every time a process changes, organizations can update individual skills that become immediately available to AI systems through Dataverse MCP.This creates a more scalable architecture for enterprise AI, reduces deployment complexity, and enables business teams to contribute directly to automation initiatives.Key discussion points: What Business Skills areMicroservices for AI agentsScalable enterprise automationBusiness-user driven AI developmentDynamic agent capabilitiesFuture Microsoft AI architectureGOVERNANCE, COMPLIANCE AND SHADOW AI No AI discussion is complete without addressing governance, compliance, security, and risk management.Mirko and Nathan discuss the growing challenge of Shadow AI, where employees use external AI tools such as ChatGPT, Claude, Perplexity, and other generative AI platforms outside corporate governance frameworks. Rather than attempting to block AI adoption completely, Nathan argues that organizations should focus on education, visibility, governance, and responsible AI implementation.The conversation also explores Microsoft's growing investments in AI governance, agent management, security controls, compliance frameworks, and enterprise oversight capabilities.Key takeaways: AI governance best practicesManaging Shadow AIEnterprise AI securityResponsible AI adoptionMicrosoft governance capabilitiesCompliance in the age of AITHE FUTURE OF COPILOT STUDIO AND MICROSOFT AI Looking toward the future, Nathan predicts that organizations will eventually operate hundreds or even thousands of specialized AI agents. These agents will handle repetitive work, automate business processes, surface insights, manage customer interactions, and support employees across departments.The discussion explores how Copilot Studio, Microsoft 365 Copilot, Dataverse MCP, Business Skills, AI orchestration, and emerging technologies from Microsoft Build are creating the foundation for this future. Nathan also shares why he believes human expertise, creativity, relationships, and strategic thinking will become even more valuable as AI takes over routine administrative tasks.Whether you are a Microsoft 365 administrator, Dynamics 365 consultant, Power Platform developer, Solution Architect, AI strategist, business leader, or technology enthusiast, this episode offers practical insights into the technologies that will define the next generation of enterprise software. IN THIS EPISODE YOU'LL LEARN How Copilot Studio is transforming enterprise AIWhy Dataverse MCP is a game changer for business applicationsThe role of Business Skills in scalable agent architecturesHow Agentic AI differs from traditional automationWhy governance and Shadow AI matter more than everThe future of Microsoft 365 Copilot and AI agentsHow organizations can prepare for an AI-first futureWhy Dataverse is becoming the foundation of Microsoft's AI strategyEmerging trends from Microsoft BuildSkills Microsoft professionals should focus on next Become a supporter of this podcast: https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365--6704921/support.

    57 min
  7. The SLM Revolution: How Small Models Are Fixing Copilot’s Biggest Flaw

    hace 3 días

    The SLM Revolution: How Small Models Are Fixing Copilot’s Biggest Flaw

    What if Microsoft's biggest AI breakthrough isn't a larger model?What if the future of Microsoft Copilot, enterprise AI, and Microsoft 365 productivity isn't powered by trillion-parameter frontier models at all?What if the real innovation is happening in the opposite direction?In this deep-dive episode, we explore one of the most important shifts happening in artificial intelligence today: the rise of Small Language Models (SLMs) and why they may be the key to solving Copilot's most significant architectural challenge.For years, the AI industry operated under a simple assumption: bigger models are better models. More parameters meant more intelligence, more capability, and better outcomes. That assumption helped fuel the rise of GPT-4, Claude, Gemini, and other frontier AI systems that transformed how organizations think about productivity and automation.But enterprise reality is revealing a different story.Most Microsoft 365 users are not asking AI to solve theoretical physics problems or write novels. They're summarizing email threads in Outlook. They're extracting action items from Teams meetings. They're generating document summaries in Word. They're classifying files in SharePoint. They're asking simple questions about company information, policies, procedures, and project documentation.These are narrow, repetitive, high-volume tasks.And increasingly, organizations are discovering that using the world's largest AI models for every single request may be the wrong architecture entirely.In this episode, we unpack why enterprises are rethinking their AI strategy and why Small Language Models are emerging as one of the most important developments in the Microsoft ecosystem. WHY COPILOT'S BIGGEST PROBLEM ISN'T THE LICENSE PRICE When organizations evaluate Microsoft 365 Copilot, most discussions begin with licensing costs.The conversation typically focuses on per-user pricing, deployment budgets, and ROI calculations.But in reality, the license is only the beginning.Behind every Copilot interaction sits an AI inference engine processing prompts, generating responses, and consuming computational resources. Every email summary, every meeting recap, every generated draft, and every document analysis triggers an AI workload.Multiply those requests across thousands of employees, hundreds of departments, and millions of interactions each month, and a hidden cost begins to emerge.The challenge isn't simply licensing.It's architecture.We explore how large-scale AI deployments create operational costs that most organizations fail to anticipate and why enterprises are beginning to adopt model portfolios rather than relying on a single AI model for every workload. THE HIDDEN COST OF FRONTIER MODELS Enterprise AI spending isn't just growing.It's becoming unpredictable.As AI adoption increases, organizations are seeing inference costs, compute requirements, and cloud consumption expand far beyond original expectations.In this episode, we examine: Why AI costs scale differently than traditional software licensingThe economics of AI inference and token consumptionHow routine Microsoft 365 tasks create massive AI workloadsWhy enterprise AI budgets are becoming increasingly difficult to forecastHow organizations are reducing costs through hybrid model strategiesYou'll learn why some enterprises are achieving dramatic cost reductions by routing routine tasks to smaller models while reserving premium models for high-complexity scenarios. THE LATENCY PROBLEM NOBODY TALKS ABOUT Cost is only part of the story.Speed matters.Users expect AI to feel instant.If an employee clicks "Summarize this email thread" and waits several seconds for a response, the experience quickly becomes frustrating. When delays become common, adoption slows. When adoption slows, ROI disappears.We explore how Small Language Models dramatically reduce latency and why response times measured in milliseconds rather than seconds can fundamentally change how employees interact with AI-powered tools.The discussion covers: User adoption psychologyReal-world Copilot usage patternsWhy latency kills productivity gainsEdge AI deploymentsLocal inference strategiesThe relationship between performance and user trustTHE DATA SOVEREIGNTY CHALLENGE For many organizations, the biggest concern isn't cost or performance.It's control.Where is your data actually processed?Who has access to it?What happens when AI workloads cross geographic boundaries?What does compliance look like in a world where AI systems may process information across multiple regions and multiple providers?This episode takes a detailed look at: Microsoft Copilot Flex RoutingEU Data Boundary considerationsGDPR implications for AI workloadsCross-border processing concernsSovereign AI strategiesRegulatory requirements in healthcare, finance, government, and critical infrastructureWe explain why data sovereignty is rapidly becoming one of the most important conversations in enterprise AI and why local AI processing is gaining momentum across regulated industries. INTRODUCING MICROSOFT'S PHI FAMILY Microsoft isn't simply talking about Small Language Models.They're building them.The Phi family represents Microsoft's strategic investment in efficient, highly capable AI models designed for real-world deployment scenarios.We take a deep dive into: Phi-3 MiniPhi-3 SmallPhi-3 MediumPhi-3.5Phi-3 VisionMixture-of-Experts architecturesOn-device AIEdge AI workloadsYou'll discover why these models are attracting so much attention and how Microsoft is positioning them as a core component of the future AI stack. CAN SMALL MODELS REALLY COMPETE? One of the biggest misconceptions in AI is that smaller models automatically mean lower quality.The reality is far more nuanced.In this episode, we examine benchmark results, real-world workloads, enterprise deployment scenarios, and the growing evidence that Small Language Models can outperform expectations when applied to the right tasks.We discuss: MMLU performanceInstruction-following benchmarksSummarization workloadsDocument processingEmail draftingMeeting recap generationKnowledge retrievalEnterprise searchThe goal isn't replacing frontier models.The goal is using the right model for the right job.AZURE LOCAL AND THE SOVEREIGN AI FUTUREAzure Local may become one of the most important platforms in Microsoft's AI strategy.As organizations demand greater control over where AI runs and how data is processed, local AI infrastructure is becoming increasingly attractive.We explore how Azure Local enables organizations to: Run AI workloads closer to their dataReduce latencyImprove complianceSupport disconnected environmentsEnable edge AI deploymentsBuild sovereign AI architecturesWhether you're operating in manufacturing, healthcare, government, defense, finance, or energy, this section provides practical insights into the future of local AI infrastructure. THE RISE OF MODEL ROUTING Perhaps the most important idea discussed in this episode is the concept of model routing.The future isn't GPT-4 versus Phi.The future is GPT-4 and Phi working together.Instead of asking which model is best, organizations are beginning to ask which model is best for each specific task.This shift introduces a new architectural pattern where: Small models handle routine requestsLarge models handle complex reasoningRouting engines determine the optimal destinationCosts decreasePerformance improvesGovernance becomes easierWe explain why many experts believe this model portfolio approach represents the next evolution of enterprise AI. BUILDING A MICROSOFT 365 AI STRATEGY Technology alone is not enough.Successful AI adoption requires governance, architecture, operating models, security frameworks, and long-term planning.In the final section, we outline practical guidance for IT leaders, architects, Microsoft 365 administrators, security professionals, and business decision-makers who want to prepare for the next generation of AI-powered workplaces.You'll learn how to: Identify suitable SLM workloadsBuild hybrid AI architecturesEvaluate deployment optionsImprove governance controlsReduce AI operating costsIncrease employee adoptionPrepare for Microsoft's evolving AI roadmap Become a supporter of this podcast: https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365--6704921/support.

    1 h 27 min
  8. Mastering ALM for Power Platform: From Citizen Development to Enterprise Delivery with Parvez Ghumra [MVP]

    hace 3 días

    Mastering ALM for Power Platform: From Citizen Development to Enterprise Delivery with Parvez Ghumra [MVP]

    What separates successful Power Platform implementations from those that become difficult to manage, impossible to scale, and increasingly risky to maintain?In this in-depth episode of the M365 Podcast, host Mirko Peters welcomes Microsoft MVP Parvez Ghumra for a comprehensive discussion on Application Lifecycle Management (ALM), enterprise delivery, governance, DevOps, CI/CD, and the future of Microsoft Power Platform development. With more than a decade of experience helping organizations implement enterprise-grade Power Platform, Dynamics 365, and Azure solutions, Parvez shares practical lessons learned from real-world projects spanning government organizations, universities, enterprises, and global businesses.As Microsoft continues to position Power Platform as the leading low-code platform for digital transformation, organizations face a growing challenge: how do you empower citizen developers while maintaining the governance, security, quality, and operational standards required by enterprise environments? This episode explores exactly that challenge and provides listeners with practical guidance for scaling Power Platform responsibly. THE JOURNEY FROM TRADITIONAL SOFTWARE ENGINEERING TO LOW-CODE DEVELOPMENT Before becoming one of the leading voices in Power Platform ALM, Parvez began his career in traditional software engineering. During the conversation, he shares his journey through ASP.NET development, C#, SQL Server, enterprise application architecture, and Dynamics CRM before eventually becoming a specialist in Application Lifecycle Management and enterprise Power Platform delivery.Parvez explains why traditional software engineering principles remain just as relevant today as they were twenty years ago. While low-code and no-code platforms simplify development, the underlying concepts of architecture, source control, deployment automation, testing, security, scalability, and governance have not disappeared. Instead, they have become even more important as organizations accelerate development and enable larger numbers of makers to build business solutions.Listeners will discover why understanding software engineering fundamentals can significantly improve the quality, reliability, and scalability of Power Platform solutions. WHAT IS APPLICATION LIFECYCLE MANAGEMENT (ALM) AND WHY DOES IT MATTER? Application Lifecycle Management is often misunderstood as simply moving solutions between environments. In reality, ALM represents a complete framework for managing software from initial development through testing, deployment, governance, maintenance, and ongoing improvement.Parvez breaks down ALM into practical concepts that both technical and non-technical audiences can understand. He explains how source control, deployment pipelines, testing environments, automated releases, rollback capabilities, and governance frameworks work together to create predictable and reliable software delivery processes.The conversation explores why organizations that neglect ALM often experience: Deployment failuresUncontrolled solution growthSecurity risksProduction outagesPoor collaboration between teamsLack of visibility into changesDifficult maintenance and support challengesAt the same time, listeners learn how a well-designed ALM strategy creates confidence, consistency, repeatability, and quality across the entire software delivery lifecycle. UNDERSTANDING ENVIRONMENTS, SOLUTIONS, AND SOURCE CONTROL One of the most valuable sections of the episode focuses on explaining core Power Platform concepts in language that business leaders and stakeholders can understand.Parvez provides practical analogies for development environments, testing environments, and production environments, helping listeners understand why separation between these stages is critical. He also explains the true purpose of Power Platform solutions and why they are much more than simple containers for transporting customizations.The discussion covers: Development environmentsTest environmentsProduction environmentsManaged solutionsUnmanaged solutionsSolution dependenciesSolution layeringPublishers and managed propertiesSource control integrationVersion managementRelease managementWhether you are a Power Platform maker, architect, administrator, or business sponsor, these concepts provide a foundation for building scalable and maintainable solutions. WHEN SHOULD ORGANIZATIONS IMPLEMENT ALM? Many organizations ask the same question: Should we think about ALM from day one, or can it wait until later?Parvez provides a nuanced answer based on years of consulting experience. For enterprise-scale projects supporting thousands of users, he argues that ALM should be considered non-negotiable and should be designed before development begins. For smaller initiatives and proof-of-concept projects, organizations may choose a lighter approach initially while still planning for future growth.The discussion highlights how organizations can evolve their ALM maturity over time without introducing unnecessary complexity too early.Listeners gain valuable guidance on: ALM maturity modelsEnterprise adoption strategiesGovernance planningDevelopment team structuresMaker enablementScaling low-code solutionsEnterprise architecture considerationsIS POWER PLATFORM READY FOR ENTERPRISE SOFTWARE DELIVERY? Despite being widely known as a low-code platform, Power Platform has evolved into a sophisticated enterprise application platform capable of supporting mission-critical business workloads.Parvez discusses how Power Platform has matured through its Dynamics CRM heritage and explains how capabilities such as Dataverse, Model-Driven Apps, enterprise integrations, Azure services, and advanced governance features make enterprise-grade delivery possible.The conversation explores how organizations are using Power Platform for: Enterprise business applicationsProcess automationCustomer engagement solutionsEmployee experience platformsData managementAI-powered business processesLarge-scale digital transformation initiativesListeners gain a realistic perspective on both the strengths and limitations of the platform when deployed at scale. THE EVOLUTION OF CI/CD FOR POWER PLATFORM Continuous Integration and Continuous Delivery have undergone significant transformation within the Power Platform ecosystem.Parvez explains how the early days of ALM required deep expertise in Azure DevOps, source control systems, and deployment tooling. He contrasts that with today's landscape, where features such as Power Platform Pipelines, Native Git Integration, GitHub Actions, and the Power Platform CLI have dramatically lowered the barrier to entry.The discussion explores: CI/CD best practicesDeployment automationBuild pipelinesRelease pipelinesPower Platform CLIGit repositoriesAutomated testingQuality gatesBuild artifactsEnterprise deployment strategiesListeners learn how modern tooling is making professional software delivery practices accessible to both makers and experienced development teams. AZURE DEVOPS VS GITHUB ACTIONS: WHICH SHOULD YOU CHOOSE? One of the most practical sections of the episode focuses on comparing Azure DevOps and GitHub Actions.Having implemented enterprise ALM solutions using both platforms, Parvez provides a balanced comparison of their strengths, weaknesses, and ideal use cases.Topics covered include: Azure DevOps BoardsWork item managementGitHub Actions workflowsSource control strategiesEnterprise DevOps practicesIntegration with JiraPipeline flexibilityDeveloper productivityGitHub Copilot integrationFuture Microsoft investmentsAs Microsoft continues to expand GitHub's capabilities and introduces AI-powered development experiences, understanding these differences becomes increasingly important for technology leaders and architects. REAL-WORLD ENTERPRISE ALM SUCCESS STORIES Parvez shares practical examples from customer projects where organizations successfully transformed manual deployment processes into modern, automated ALM solutions.These stories illustrate the measurable benefits organizations can achieve through proper implementation of: Source controlDeployment automationEnvironment managementGovernance frameworksRelease pipelinesAutomated quality controlsTeam collaboration processesThe discussion demonstrates how even organizations with limited DevOps experience can successfully adopt enterprise-grade delivery practices. GOVERNANCE IN THE AGE OF CITIZEN DEVELOPMENT As Power Platform adoption grows, governance becomes one of the most important considerations for organizations.The conversation explores how businesses can balance innovation with control while empowering makers to build solutions safely and responsibly.Parvez discusses: Environment strategiesSecurity modelsMicrosoft Entra ID integrationData protectionAccess controlPower Platform governanceCenter of Excellence evolution Become a supporter of this podcast: https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365--6704921/support.

    52 min
Ver todo (650)

Calificaciones y reseñas

5
de 5
3 calificaciones

Acerca de

Welcome to the M365.FM — your essential podcast for everything Microsoft 365, Azure, and beyond. Join us as we explore the latest developments across Power BI, Power Platform, Microsoft Teams, Viva, Fabric, Purview, Security, and the entire Microsoft ecosystem. Each episode delivers expert insights, real-world use cases, best practices, and interviews with industry leaders to help you stay ahead in the fast-moving world of cloud, collaboration, and data innovation. Whether you're an IT professional, business leader, developer, or data enthusiast, the M365.FM brings the knowledge, trends, and strategies you need to thrive in the modern digital workplace. Tune in, level up, and make the most of everything Microsoft has to offer. M365.FM is part of the M365-Show Network. Become a supporter of this podcast: https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365--6704921/support.

Información

  • Creador
    Mirko Peters - Founder of m365.fm, m365.show and m365con.net
  • Años de actividad
    2025 - 2026
  • Episodios
    650
  • Clasificación
    Apto
  • Copyright
    © Copyright Mirko Peters / m365.fm - Part of the m365.show Network - News, tips, and best practices for Microsoft 365 admins
  • Mostrar sitio web
    M365.FM - Modern work, security, and productivity with Microsoft 365

También te podría interesar