Session

App Governance in Microsoft 365 - Wild, Wild West or Staying In Control

Microsoft 365 is a platform for apps. Extending Teams and SharePoint with modern app development practices is quite common, and both offer already hundreds of third-party, ready-made solutions in their stores. Microsoft 365 user identity allows also using lots of third-party SaaS apps. Modern apps are easy to deploy, and in most cases require just a couple of clicks, and the new app is deployed to the whole organization or to a single user.
When a new app is deployed, some permissions are always required. User sign-in information and a small portion of the user's identity are required always for single sign-on, but an app can require wider permission set for accessing users' or organizations' data. This brings one threat factor, which requires governance.
Is the user really aware of what happens when he/she approve permission for a new app? Should there be some level of control over what apps are used in the organization?
In this session I will cover the management of apps in Teams and SharePoint, how organizations can govern apps and have a centralized way to publish apps to users, and what basic app security settings organizations should consider in their cloud environment.

Matti Paukkonen

Modern Workplace Lead | Microsoft MVP, M365 Apps & Services

Kuopio, Finland

View Speaker Profile