『M365.FM - Modern work, security, and productivity with Microsoft 365』のカバーアート

M365.FM - Modern work, security, and productivity with Microsoft 365

M365.FM - Modern work, security, and productivity with Microsoft 365

著者: Mirko Peters (Microsoft 365 consultant and trainer)
無料で聴く

概要

 Welcome to the M365.FM — your essential podcast for everything Microsoft 365, Azure, and beyond. Join us as we explore the latest developments across Power BI, Power Platform, Microsoft Teams, Viva, Fabric, Purview, Security, and the entire Microsoft ecosystem. Each episode delivers expert insights, real-world use cases, best practices, and interviews with industry leaders to help you stay ahead in the fast-moving world of cloud, collaboration, and data innovation. Whether you're an IT professional, business leader, developer, or data enthusiast, the M365.FM brings the knowledge, trends, and strategies you need to thrive in the modern digital workplace. Tune in, level up, and make the most of everything Microsoft has to offer. M365.FM is part of the M365-Show Network.

Become a supporter of this podcast: https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365--6704921/support.Copyright Mirko Peters / m365.fm - Part of the m365.show Network - News, tips, and best practices for Microsoft 365 admins 政治・政府
エピソード
  • The Only Azure Skill That Matters in 2026: Architecting Against Erosion

    The Only Azure Skill That Matters in 2026: Architecting Against Erosion
    2026/03/01
    Most Azure professionals are optimizing for the wrong thing. Certifications.Portal expertise.Individual services like AKS, Functions, Synapse. That’s not where long-term value is. The high-income skill in 2026 is governance architecture. The people who earn the most are not provisioning infrastructure.They are preventing the wrong infrastructure from being provisioned in the first place. 🧠 Big Idea: Azure Doesn’t Fail Loudly — It Erodes Cloud erosion is the slow drift between:Intended stateActual stateIt happens through:Policy exceptionsManual overridesOver-privileged identitiesCost driftAI retry loopsTagging inconsistencyCompliance blind spotsIt’s quiet. It compounds.Until one day you realize your architecture doesn’t resemble your original design. 💰 Why This Is a Career Lever Knowing Azure services = replaceable skillDesigning scalable governance frameworks = rare leverage The market in 2026 rewards people who:Design enforcement systemsBuild self-healing architecturesMake compliance automaticPrevent cost explosionsConstrain AI agents before executionCodify governance into CI/CDGovernance compounds. Service knowledge decays. The Core Framework Explained 1️⃣ The Fundamental Misunderstanding Most Azure architects think in terms of:ResourcesConfigurationsWorkloadsHigh-value architects think in terms of:Control planesEnforcement systemsDrift resistanceErosion preventionIf governance depends on perfect human behavior, it’s already failing. 2️⃣ What Cloud Erosion Actually Means Erosion has three drivers:Velocity – Teams move faster than policyComplexity – More services = more drift pointsIncentive misalignment – Builders optimize for speed, security for riskWith AI:Machine-speed decisions amplify small mistakes exponentially.Retry loops create cost explosions.Overprivileged agents create security disasters.3️⃣ The Three Layers of Architectural Control Layer 1: Identity & Access (Control Plane #1)Least-privilege by defaultJust-in-time elevationSeparate non-human identitiesImmutable audit trailsEntra Agent ID for AI governanceIf identity breaks, everything downstream fails. Layer 2: Policy & ComplianceAzure Policy in deny modeDeployIfNotExists remediationPolicy-as-code in GitNo “forever audit mode”Audit = visibilityDeny = control Most organizations stay in audit because deny is uncomfortable. Layer 3: Operational EnforcementCI/CD governance gatesCost estimation before deploymentDrift detectionAutomated remediationGovernance that isn't automated doesn’t scale. 4️⃣ AI Amplifies Every Governance Mistake AI agents operate at machine speed. Without constraints:Exponential cost growthData exfiltration riskShared credentials disastersOver-privileged agent chaosThe correct pattern:Pre-execution gatesAgent-specific identitiesScoped permissionsCost ceilingsImmutable logging5️⃣ ClickOps → IaC → Governance-as-Code ClickOps fails at scale. IaC solves reproducibility. Governance-as-Code solves enforcement. Workflow:Developer writes BicepCI pipeline runsPolicy validatesCost estimatedSecurity scannedDrift prevention validatedDeploy or block automaticallyThe system enforces what should happen. 6️⃣ Landing Zones as Governance Blueprints Landing zones embed intent before teams deploy anything. They define:Management groupsIdentity baselinesPolicy enforcementNetworking standardsMonitoring standardsThey prevent the blank-canvas chaos problem. 7️⃣ Azure Policy as the Enforcement Engine Key concepts:Definitions vs AssignmentsAudit vs DenyDeployIfNotExistsPolicy-as-CodeException disciplineHigh-income architects design policy frameworks where exceptions are rare, documented, and time-bound. 8️⃣ Identity Governance & Entra Agent ID Non-human identities now outnumber humans. Key practices:Dedicated service principalsScoped permissionsAgent registrationNo shared credentialsConditional access enforcementWithout identity governance, everything collapses. 9️⃣ Cost Governance & FinOps Automation Cost is not a finance problem.It’s an architectural problem. Design for:Cost classes (gold / silver / bronze)Budget enforcementPre-execution cost validationAuto-remediationAnomaly detectionAI makes cost erosion exponential. 🔟 CI/CD Governance Pipelines (Shift-Left Security) Governance enforced at pull request time:Policy checksCost checksSecurity scansCompliance validationFix problems when they’re cheap. 11️⃣ Drift Detection & Continuous Compliance Drift = governance failure signal. Pattern:Define intended state in IaCScan actual stateCompareAlertAuto-remediate when possibleTarget metrics:Policy compliance >95%Drift <5%Remediation <24 hours12️⃣ Management Groups & Hierarchical Governance Hierarchy enables scale. Pattern:Root (org-wide policies)Business unitEnvironment (prod/dev/test)TeamPolicies cascade automatically. Flat subscription structures create governance chaos. 13️⃣ Bicep Patterns That Prevent Erosion ReuBecome a supporter of this podcast: https://...
    続きを読む 一部表示
    1 時間 21 分
  • The Certification Trap: 5 Credentials That Actually Pay

    The Certification Trap: 5 Credentials That Actually Pay
    2026/02/28
    🔥 Introduction: The Uncomfortable Truth
    • Most certifications validate task execution, not authority.
    • 80% of certified professionals never see the raise or promotion they expect.
    • The real market premium isn’t for execution — it’s for architectural decision-making.
    • Salary delta between technician and architect: $40K–$120K annually.
    • This episode breaks down:
      • Why credential inflation is real
      • Which certifications actually pay
      • How to move from technician → architect
    🚨 The Certification Inflation Problem The Treadmill Effect
    • Fundamentals (AZ-900, MS-900, PL-900) = table stakes.
    • Associate stacking ≠ authority.
    • Certifications retire → forced recertification cycles.
    • Vendors win. Professionals stay stuck.
    The Paper Certification Trap
    • Passing exams ≠ designing systems.
    • Employers increasingly hire based on portfolio + design authority.
    • Execution is commoditized.
    • Governance is scarce.
    The Real Market Signal
    • Execution = compliance.
    • Architecture = control, decision authority, systemic thinking.
    • Scarcity of architects drives pricing power.
    🧠 Why These Five Certifications Are Different These credentials share key DNA:
    • Validate architectural thinking
    • Require trade-off analysis
    • Demand cross-domain reasoning
    • Cannot be memorized from dumps
    • Signal governance authority
    Market Forces
    • 3.4 million cybersecurity shortage
    • Azure enterprise migrations accelerating
    • Low-code projected to power 75% of new apps
    • AI impacting 86% of businesses by decade’s end
    These certifications position you for future architecture, not legacy support. 🏆 The 5 Credentials That Actually Pay 1️⃣ SC-100: Cybersecurity Architect Expert Signals: Security governance authority
    Validates: Threat modeling, zero-trust, hybrid security design
    Salary Range: $140K–$180K (top roles: $220K+)
    Premium: $25K–$40K over engineers Best For: Security engineers ready for architectural authority
    Not Ideal For: Small org (<500 employees), non-cloud environments Shift: From implementing controls → Designing security frameworks 2️⃣ AZ-305: Azure Solutions Architect Expert Signals: Enterprise infrastructure governance
    Validates: Resilience, cost optimization, hybrid architecture
    Salary Range: $130K–$170K (principal: $180K–$220K)
    Premium: $40K+ Best For: Azure admins with production experience
    Not Ideal For: AWS/GCP-only environments Shift: From operating Azure → Deciding what Azure should look like 3️⃣ PL-600: Power Platform Solution Architect Expert Signals: Enterprise low-code governance
    Validates: Citizen developer enablement, automation strategy
    Salary Range: $110K–$160K (combined Azure: $180K–$220K)
    Premium: ~$30K Market Insight:
    Fastest-growing credential. High demand. Low saturation (for now). Shift: From building flows → Designing automation ecosystems 4️⃣ AI-102: Azure AI Engineer Associate Signals: Production AI engineering capability
    Validates: RAG, prompt engineering, AI governance, model deployment
    Salary Range: $120K–$175K (specialists: $220K)
    Premium: ~25% over general dev roles 2026 Context: AI moving from experimentation → agentic systems. Shift: From coding features → Architecting intelligent systems 5️⃣ MS-102: Microsoft 365 Enterprise Administrator Expert Signals: Tenant-wide identity and compliance governance
    Validates: Entra ID, DLP, Conditional Access architecture
    Salary Range: $120K–$160K+
    Best Fit: Large enterprises (1,000+ users) Shift: From managing users → Designing identity systems

    Become a supporter of this podcast: https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365--6704921/support.

    If this clashes with how you’ve seen it play out, I’m always curious. I use LinkedIn for the back-and-forth.
    続きを読む 一部表示
    1 時間 13 分
  • The Millions in the Machine: Engineering the High-Performance Cloud

    The Millions in the Machine: Engineering the High-Performance Cloud
    2026/02/27
    A CFO opens an Azure bill.It’s $2.8 million higher than last quarter. No one can explain why. That’s not a spike.That’s systemic failure. Cloud promises elasticity, savings, and control.But without governance, it becomes a financial black hole. Core Thesis:The cloud does not make you efficient.It only gives you the capability to be efficient. Act 1 — The Day Finance Noticed Six months earlier, migration was declared a success:Datacenters shut downWorkloads moved“Cloud-first” celebrationMeanwhile:❌ Reserved Instances unused❌ Zombie VMs from failed projects❌ Dev/test running 24/7❌ No tagging enforcement❌ No workload classificationElasticity without discipline became a cost accelerant. Anatomy of Waste Part 1 — Idle Infrastructure Typical Enterprise Findings:27–32% of cloud spend = orphaned resourcesUnattached disks, snapshots, unused IPs18–42% of compute idle or <5% utilizationDev/test never shut downFix:30–90 day utilization measurementRight-size based on realityScheduled shutdownsMandatory taggingEnforced Azure PolicyResult:22–35% compute reduction~10% overall estate reductionPayback in ~120 daysYou don’t have a cost problem.You have a visibility problem. Part 2 — SaaS Sprawl Example patterns:4,800 Power Apps → 62% never opened after 90 days12,000 E5 licenses → only 28% need advanced securityDuplicate automations across departmentsRoot Cause: Permission without policy. Fix:Environment stratification (Prod / Sandbox / Personal)Inactive lifecycle deletion (90 / 180 / 365 days)Connector governanceLicense telemetry auditsResult:30–50% license reduction40% drop in support ticketsMassive clarity gainsPart 3 — Shadow AI & Copilot Explosion AI waste scales faster than traditional infrastructure. Case:12,000 Copilot seats licensedNo quotas or governanceAzure OpenAI spend: $340K/monthNo measurable ROIIntervention:Sensitivity labeling firstSharePoint cleanupPilot cohort (400 users)Token quotas per userConditional access enforcementResult:Spend reduced to $68K/month80% cost reductionControlled innovationAI without governance = financial accelerant. The Governance Reckoning Organizations that recovered millions did three things:Enforced Azure PolicyMandatory tagging (cost center, owner, env, app)Environment tiering & role-based accessAfter 90 days:Waste became attributableAccountability changed behaviorSustained reduction:25–35% long-term cost savingsCase Studies SnapshotCaseProblemResultManufacturing Firm42% PAYG compute35% compute reductionPower Platform Sprawl4,800 apps / 62% inactive50% license reductionM365 Over-Licensing12,000 E5 seats$1.2M annual savingsCopilot Pilot$340K/mo AI spend80% cost dropMulti-Region Duplication5 redundant regions$340K annual savings + faster provisioningThe Operating Model That Works 1️⃣ Governance FirstAzure Policy baselineTag enforcementManaged environmentsConditional access2️⃣ FinOps DisciplineMonthly cost boardQuarterly RI/Savings Plan rebalancingNightly license audits10% anomaly alertsChargeback accountability3️⃣ Consolidation StrategyReduce Power Platform environmentsRight-size M365 licensesEnforce landing zonesHub-spoke architecture4️⃣ AI Governance Before ScaleData cleanup firstPilot secondQuotas alwaysMeasure ROI before expandingMetrics That Actually MatterReserved Instance coverage (65–75%)Cost per workload / transactionIdle resource percentage (<5%)Forecast variance (>80% accuracy)License utilization ratesShadow workload ratio (<10%)Metrics drive behavior.Choose uncomfortable ones. The Architectural Law Unmanaged cloud mathematically produces waste.Provisioning without deprovisioning → debtLicensing without measurement → overspendExperimentation without governance → shadow ITPermission without policy → chaosThe organizations that saved millions:Implemented governance before optimizationBuilt FinOps as a rhythm, not a projectConsolidated aggressivelyMade efficiency structuralCompetitive Advantage of Determinism When governance becomes structural:Provisioning: 21 days → 3 daysIncident recovery: -60% timeAudit compliance: 62% → 98%Sustained cost drop: 25–35%They don’t just spend less.They operate better. The Playbook — What To Do Monday Morning First 90 DaysFull forensic auditMandatory tagging enforcementAzure Policy baselineManaged environment implementationBy Month 6Monthly FinOps board runningSavings Plan coverage optimizedLicense rationalization automatedChargeback liveBy Year 1Consolidated platformsHub-spoke architectureCopilot governed and measuredExpected outcome: ~30–35% sustained cost reduction. Final Insight The millions aren’t hidden in negotiations.Become a supporter of this podcast: https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365--6704921/support.If this clashes with how you’ve seen it play out, I’m always curious. I use LinkedIn for the back-and-forth.
    続きを読む 一部表示
    1 時間 17 分
まだレビューはありません