エピソード

  • Modern .NET Development- From WPF to ASP.NET and gRPC with Gábor Ruzsinszki [MVP]

    Modern .NET Development- From WPF to ASP.NET and gRPC with Gábor Ruzsinszki [MVP]
    2026/05/15
    What does modern .NET development really look like in 2026? How has the ecosystem evolved from traditional Windows desktop applications with WPF to cloud-native ASP.NET services, microservices, and high-performance gRPC communication? In this episode of the m365.fm podcast, Mirko Peters sits down with Microsoft MVP Gábor Ruzsinszki to explore the past, present, and future of .NET development — from legacy enterprise applications to scalable modern backend architectures. Gábor Ruzsinszki is a Microsoft MVP in Developer Technologies specializing in C#, software architecture, and modern .NET development. Before becoming a professional software architect, Gábor originally worked as an IT and programming teacher, helping students learn algorithms, databases, software engineering, and development fundamentals. That strong educational background shines throughout the episode as he breaks down complex technical concepts into practical, understandable insights for developers at every level.THE EVOLUTION OF .NET DEVELOPMENT The episode begins with Gábor sharing his personal journey into software development and how he first became interested in C# and the .NET ecosystem. Starting with Delphi programming before transitioning into C and C++, he eventually discovered C# during university and immediately recognized its potential as a more modern and developer-friendly language. Since then, he has spent more than a decade building applications with .NET across desktop, backend, and enterprise systems. Mirko and Gábor dive deep into how the .NET ecosystem has transformed over the years. What started as a Windows-focused framework has evolved into a high-performance, truly cross-platform development ecosystem capable of powering cloud-native applications, Linux services, microservices, APIs, web applications, IoT systems, and enterprise-scale backend infrastructures. Gábor explains why modern .NET is faster, cleaner, and significantly more flexible than earlier versions of the framework. One particularly fascinating discussion focuses on performance improvements inside recent .NET releases. Gábor shares a real-world example where upgrading an enterprise application from an older version of .NET to .NET 9 reduced processing time from forty-five minutes down to twenty-five minutes without major code changes — purely because of framework-level optimizations and performance improvements from Microsoft. WHY WPF STILL MATTERS IN ENTERPRISE DEVELOPMENT Even though WPF (Windows Presentation Foundation) is now more than fifteen years old, many enterprise organizations still rely heavily on it for business-critical applications. Gábor explains why WPF became such a dominant desktop UI framework and why it remains relevant even today. Its powerful XAML-based architecture, flexibility, mature tooling inside Visual Studio, and massive community knowledge base still make it valuable for Windows-focused enterprise applications. The conversation explores how WPF influenced modern UI frameworks like MAUI and WinUI, both of which continue using XAML concepts introduced years ago with WPF. Gábor also discusses the challenges organizations face when attempting to migrate large legacy WPF applications toward newer technologies. Many enterprise systems are simply too large, too stable, or too business-critical to rewrite quickly. Mirko and Gábor also compare modern alternatives like .NET MAUI, Avalonia, Uno Platform, and WinUI. The discussion covers licensing considerations, cross-platform support, development experience, community maturity, and why developers should carefully evaluate their long-term platform strategy before starting new projects. ASP.NET CORE, MINIMAL APIS, AND MODERN BACKEND DEVELOPMENT A major focus of the episode is ASP.NET Core and the rise of modern backend architectures. Gábor explains why the software industry has shifted heavily toward SaaS platforms, distributed systems, APIs, and cloud-native applications. This evolution naturally pushed many developers away from purely desktop-focused development into scalable backend engineering using ASP.NET Core. The discussion also explores Minimal APIs — one of the most debated additions to modern ASP.NET Core. Some developers consider Minimal APIs revolutionary while others view them as unnecessary complexity. Gábor gives a balanced perspective, explaining that Minimal APIs are extremely effective for smaller services, lightweight APIs, and microservices, while larger enterprise systems may still benefit from traditional controller-based architectures. The episode goes deep into software architecture concepts including:Clean architecture and maintainable backend systemsHexagonal architecture and ports-and-adapters patternsMonoliths versus microservicesCloud-native development with .NET AspireScalable SaaS backend infrastructuresGábor explains why many startups prematurely adopt microservices before actually needing them and why a well-designed modular...
    続きを読む 一部表示
    57 分
  • From Exams to Expertise- Building a Career in Power Platform with Nathalie Leenders [MVP/MCT]

    From Exams to Expertise- Building a Career in Power Platform with Nathalie Leenders [MVP/MCT]
    2026/05/15
    The Microsoft ecosystem is evolving faster than ever. Between AI, Copilot, automation, low-code development, cloud platforms, and the growing Power Platform ecosystem, many professionals are asking the same question: How do you actually build a long-term career in Microsoft technologies today? In this episode of the m365.fm podcast, Mirko Peters sits down with Microsoft MVP and Microsoft Certified Trainer Nathalie Leenders to explore the journey from certifications and exams to real-world expertise, consulting experience, and community leadership. Nathalie Leenders is widely known in the Microsoft community for her deep technical knowledge, her passion for Power Platform, her educational content, speaking engagements, and her strong presence within the Microsoft ecosystem. But her path into technology was not a traditional “developer from day one” story. Nathalie shares how she originally worked in IT service management and support roles before gradually moving into SharePoint, workflows, InfoPath, Power BI, and eventually Power Platform development. Her story is a powerful reminder that successful careers in tech rarely follow a perfectly straight line.HOW CURIOSITY AND LEARNING CREATED A MICROSOFT CAREER One of the strongest themes throughout this episode is curiosity. Nathalie explains how her willingness to continuously learn new technologies became the foundation of her success. Long before Power Platform became the global phenomenon it is today, she was already experimenting with SharePoint Designer workflows, automation scenarios, and business process optimization. When the opportunity arose to join an automation-focused team, she embraced the challenge even before fully understanding all the technical requirements. Rather than waiting until she felt “ready,” Nathalie learned by building real solutions in real environments. She discusses how tutorials, Microsoft Learn, YouTube videos, community content, and experimentation helped her grow into a Power Platform consultant capable of solving enterprise-scale problems. She also highlights how visual learning played a major role in her development and why practical hands-on work remains essential in modern IT careers. THE REAL VALUE OF MICROSOFT CERTIFICATIONS IN 2026 Are Microsoft certifications still worth it in 2026? Nathalie gives an honest and balanced perspective on certifications, exams, and technical learning paths. She explains that certifications themselves are not magic career shortcuts, but they can absolutely help people learn structured knowledge, build confidence, and open career opportunities when combined with practical experience. A major part of the conversation focuses on PL-400, one of the most advanced Power Platform certifications available. Nathalie shares how she intentionally challenged herself with the difficult Power Platform Developer certification early in her career, despite being told it might be “too difficult.” That challenge ultimately accelerated her technical growth and pushed her deeper into topics such as JavaScript, plugins, advanced Dataverse concepts, and Power Platform extensibility. Mirko and Nathalie also discuss common mistakes people make while preparing for Microsoft exams. Instead of simply memorizing practice questions, Nathalie encourages listeners to focus on understanding concepts, building real projects, experimenting with technologies, and connecting theoretical learning with actual business scenarios. She emphasizes that true expertise comes from combining certifications with implementation experience and continuous curiosity. WHY THE MICROSOFT COMMUNITY IS A CAREER SUPERPOWER Another major focus of this episode is the incredible impact of community involvement. Nathalie passionately explains how user groups, online community calls, Microsoft events, local meetups, and community-driven learning helped shape her career. She encourages beginners not to feel intimidated by technical communities and reminds listeners that most people in the Microsoft ecosystem are highly supportive and genuinely willing to help others succeed. The conversation highlights the Dutch Women in Tech community, local meetups, MVP networking, and the collaborative culture that makes the Microsoft ecosystem unique. Nathalie explains how even attending events quietly, listening to conversations, and asking small questions can become the starting point for massive career growth. Eventually, those same community interactions led her toward public speaking, blogging, mentoring, and becoming a recognized Microsoft MVP. POWER PLATFORM, LOW-CODE DEVELOPMENT, AND REAL-WORLD CONSULTING This episode also delivers deep insights into the Power Platform itself. Nathalie shares why so many people start with Canvas Apps and how Power Apps provides one of the most approachable entry points into modern application development. She explains how low-code development still requires real technical thinking, problem-solving skills...
    続きを読む 一部表示
    57 分
  • PowerShell Is Fun — Automating things with PowerShell in multiple areas with Harm Veenstra [MVP]

    PowerShell Is Fun — Automating things with PowerShell in multiple areas with Harm Veenstra [MVP]
    2026/05/14
    PowerShell has become one of the most important automation tools in the Microsoft ecosystem, and in this episode of the m365.fm podcast, Mirko Peters welcomes Microsoft MVP Harm Veenstra to discuss why automation is no longer optional for modern IT teams. Harm shares his journey from helpdesk technician to automation specialist and explains how PowerShell transformed the way he approaches Microsoft 365, Azure, Exchange, Teams, Intune, and enterprise administration.WHY POWERSHELL BECAME ESSENTIAL FOR MODERN IT During the conversation, Harm explains how PowerShell stopped being “just scripting” and became a creative problem-solving platform. Once IT professionals understand the logic behind PowerShell objects, properties, and automation workflows, repetitive manual tasks can be replaced with scalable and consistent processes. Harm highlights that automation is not only about saving time — it is about improving reliability, reducing human errors, and allowing IT teams to focus on more valuable work instead of endless click-ops. The episode also explores how PowerShell evolved alongside Microsoft technologies. From the early Exchange Server days to today’s Microsoft Graph integrations, automation is now deeply connected to nearly every Microsoft cloud service. Harm explains how Microsoft Graph APIs and PowerShell modules give administrators complete control across Microsoft 365 and Azure environments. AUTOMATING MICROSOFT 365 AT SCALE One of the biggest topics in the episode is large-scale automation inside enterprise environments. Harm shares practical examples from real consulting projects where PowerShell was used to automate user onboarding, Microsoft 365 migrations, permissions management, account provisioning, Google Workspace to Microsoft 365 transitions, Teams meeting migrations, and hybrid identity processes. The discussion highlights how repetitive tasks like creating users, assigning licenses, configuring devices, syncing identities, and managing permissions become far more efficient when automated correctly. Harm explains that the true value of automation appears when organizations need consistent results across hundreds or thousands of users and devices. MICROSOFT GRAPH, APIs, AND MODERN AUTOMATION Mirko and Harm spend significant time discussing Microsoft Graph and why it has become one of the most powerful platforms for automation in Microsoft 365. Harm explains how administrators can monitor Graph API calls, discover backend actions performed inside admin portals, and use PowerShell to fully automate workflows that previously required manual configuration. The episode also covers how vendors outside the Microsoft ecosystem increasingly provide PowerShell modules for their products, making PowerShell a universal automation language across cloud platforms, infrastructure services, and enterprise tools. SECURITY, GOVERNANCE, AND SCRIPTING BEST PRACTICES Security plays a major role throughout the conversation. Harm explains why storing credentials inside scripts is one of the biggest mistakes administrators can make and why secure authentication methods such as Azure Key Vault, certificates, and secret management modules should always be used instead. The discussion also touches on governance, monitoring, version control, and documentation. Harm explains how GitHub workflows, revision tracking, testing pipelines, and proper documentation help teams maintain stable and secure automation environments over time. He emphasizes that good documentation is critical because automation should remain understandable for colleagues and future administrators, not just the original script author. AI, COPILOT, AND THE FUTURE OF AUTOMATION The conversation naturally moves into AI and Copilot. Harm shares a balanced perspective on AI-generated code and explains why understanding the logic behind automation still matters. While AI tools can assist with project planning, summaries, and development support, blindly generating scripts without understanding them can create long-term problems for administrators and organizations. Mirko and Harm also discuss the financial side of AI automation versus traditional scripting approaches, highlighting how PowerShell often remains the more efficient and cost-effective solution for many automation scenarios. THE POWER OF THE MICROSOFT COMMUNITY Another major theme in the episode is community. Harm explains how the Microsoft MVP community, blogging, knowledge sharing, and collaboration have helped him continuously improve his PowerShell skills. He describes how writing blog posts forces him to learn new topics deeply and why sharing automation knowledge benefits the entire IT ecosystem. The episode closes with a rapid-fire round covering favorite PowerShell modules, productivity shortcuts, Microsoft technologies, and Harm’s final advice for IT professionals: stop postponing learning PowerShell and start automating today. WHAT YOU WILL LEARNHow PowerShell ...
    続きを読む 一部表示
    49 分
  • Protecting Microsoft Copilot with Purview, DLP & Insider Risk with Alan Cox [MVP]

    Protecting Microsoft Copilot with Purview, DLP & Insider Risk with Alan Cox [MVP]
    2026/05/14
    In this episode of the M365FM Podcast, Mirko Peters sits down with Microsoft MVP Alan Cox to explore one of the biggest security and governance challenges facing enterprises today: securing Microsoft Copilot before AI begins surfacing sensitive organizational data at scale. The conversation dives deep into Microsoft Purview, Data Loss Prevention, Insider Risk Management, AI governance strategy, and why organizations must rethink permissions, sharing, and compliance before rolling out Copilot broadly.AI DOES NOT CREATE RISK — IT EXPOSES IT Alan explains that Copilot itself is not the true danger. Instead, AI exposes the hidden weaknesses already living inside most Microsoft 365 environments. Overpermissioned SharePoint sites, forgotten Teams channels, excessive sharing, and missing governance controls suddenly become visible the moment AI can summarize and retrieve information instantly. The biggest mistake organizations make is assuming that because employees technically already had access to the data, there is no additional risk. In reality, Copilot dramatically accelerates discoverability. Data that once remained buried inside folders and old conversations can suddenly surface through a single prompt. WHAT MICROSOFT PURVIEW REALLY IS Alan breaks Microsoft Purview down into simple terms. At its core, Purview is about protecting organizational data and bringing hidden risks into focus. Instead of viewing governance purely as restriction and compliance enforcement, he frames governance as a proactive strategy designed to prevent future incidents before they happen. He simplifies Purview into three foundational areas:Data Loss PreventionRetentionSensitivity LabelingThese three pillars ultimately determine what Copilot can access, process, summarize, or expose across Microsoft 365 workloads.INSIDER RISK IS NOW AN AI PROBLEM One of the most important themes in the discussion is how Insider Risk Management changes in the age of generative AI. Alan explains that most insider threats are not malicious attacks. Most incidents happen because employees unintentionally expose sensitive information without understanding the consequences. AI amplifies this problem because natural language prompts make it easier than ever to retrieve information from across the organization. Insider Risk Management helps organizations detect suspicious access patterns, risky prompts, unusual sharing activity, and abnormal behavior before those actions become full-scale incidents. DSPM FOR AI CHANGES GOVERNANCE A major focus of the episode is Microsoft’s evolving DSPM for AI capabilities. Alan explains how Microsoft is consolidating AI governance features into centralized dashboards that simplify policy creation for Copilot protection. Organizations can now deploy controls that restrict AI access to sensitive information in only a few clicks rather than building highly complex manual rule sets. The goal is to make AI governance operationally scalable instead of turning it into an overwhelming compliance project. WHY AUTO-LABELING MATTERS Alan strongly recommends automated sensitivity labeling over manual classification by end users. He explains that users should not be responsible for making security decisions every time they create content. Instead, organizations should automatically identify sensitive information and apply governance policies behind the scenes. His preferred strategy is straightforward:Automatically apply sensitivity labelsUse DLP policies tied to those labelsPrevent Copilot from accessing protected contentThis allows organizations to block AI processing for specific SharePoint sites, document libraries, or files automatically.THE HIDDEN RISK OF TEAMS TRANSCRIPTS One of the more surprising parts of the conversation focuses on Teams transcripts and AI-generated meeting summaries. Alan explains that legal and compliance teams are increasingly worried about the long-term retention of AI-generated meeting metadata. As Copilot automatically creates summaries, notes, and action items, organizations must rethink how this information interacts with retention policies, legal holds, and regulatory obligations. This concern is especially significant in healthcare, finance, and other highly regulated industries. OVERPERMISSIONING IS THE REAL THREAT Alan repeatedly emphasizes that the biggest governance problem is not AI itself. The real issue is that most organizations do not fully understand who has access to what inside their tenant. Employees often inherit permissions without realizing it, and Copilot simply makes those permission issues visible much faster than traditional search ever could. Before deploying Copilot broadly, organizations should:Audit SharePoint permissionsReview external sharing settingsEvaluate retention policiesClassify sensitive dataImplement DLP controlsWithout those steps, AI can unintentionally expose years of poorly governed information.GOVERNANCE SHOULD NOT CREATE SHADOW IT A key takeaway...
    続きを読む 一部表示
    59 分
  • How to get happy users and how to make AI adoption scalable within 90 days with Carina de Vries [MVP]

    How to get happy users and how to make AI adoption scalable within 90 days with Carina de Vries [MVP]
    2026/05/13
    In this episode of the M365FM Podcast, Mirko Peters sits down with Microsoft MVP and adoption strategist Carina de Vries to unpack one of the biggest failures in enterprise AI rollouts: Most organizations are deploying AI tools before understanding how people actually work. While the industry obsesses over prompts, copilots, and new features, Carina argues that successful AI adoption has almost nothing to do with technology alone. It is about behavior. It is about communication. And most importantly, it is about making users genuinely happy in their daily work. This episode breaks down Carina’s ninety-day AI adoption framework, her philosophy around simplifying technology instead of endlessly adding features, and why most Microsoft 365 rollouts fail because organizations forget the human side of transformation. If your Copilot rollout feels chaotic, your users are resistant, or your organization keeps buying AI licenses without measurable engagement, this episode is your blueprint for fixing it.FROM SECRETARY TO MICROSOFT MVP Carina’s path into technology did not begin in IT. It started as a secretary helping colleagues troubleshoot printers, Outlook issues, Excel formulas, and workplace applications. That early experience shaped her entire philosophy around adoption:Technology only matters if it helps people do their jobs better. Over time, she transitioned into application management, workplace modernization, and eventually user adoption consulting after seeing firsthand how poorly organizations handled change management. Instead of focusing purely on technical implementation, she became obsessed with understanding:Why users resist technologyWhy training alone failsWhy communication matters more than documentationHow habits form around digital toolsWhy employees need emotional clarity before technical clarityThat eventually led to the creation of Workspace Heroes, her company focused entirely on Microsoft 365 adoption strategy.THE REAL PROBLEM WITH AI ADOPTION According to Carina, most organizations make the same critical mistake: They buy AI before understanding workflows. During the conversation, she openly agrees that companies are purchasing AI solutions without first understanding how people actually operate inside the business. This creates a dangerous pattern:Leadership buys Copilot licensesIT enables the technologyUsers receive mandatory trainingAdoption stalls almost immediatelyWhy? Because AI is not just another software rollout. Copilot changes behavior. And behavior takes time. Carina explains that successful Copilot adoption is not about teaching features. It is about helping users build repeatable daily habits around AI-assisted work.WHAT IS A “HAPPY USER”? One of the most powerful moments in the episode happens when Mirko asks a deceptively simple question: “What is a happy user?” Carina explains that most organizations never ask users this directly. Instead, companies measure:ProductivityEfficiencyTicket reductionRevenue impactBut they rarely ask whether the technology actually improves the employee experience. Her definition of a happy user:Someone who can use technology in the best possible way to perform their daily work while feeling more confident, capable, and mentally supported. This becomes the foundation of her adoption philosophy:AI should not only increase output.It should improve work itself.THE NINETY-DAY AI ADOPTION MODEL At Microsoft Ignite, Carina presented her ninety-day framework for scalable AI adoption. The framework is built around one core principle: Copilot adoption is behavior transformation. Not software enablement. Phase 1 — The First Fourteen Days: Build the Guardrails The first two weeks focus on preparing:Communication strategyTraining approachInternal championsGovernance basicsRollout structureCarina argues that organizations spend far too much time overengineering preparation instead of starting small and learning quickly. Phase 2 — The Thirty-Day Habit Window This is where most AI projects either succeed or fail. Carina explains that users must repeatedly interact with Copilot during their normal workflow in order to build sustainable habits. Her recommended cadence:Monday → Share one practical Copilot tipWednesday → Run a Q&A sessionFriday → Let users share their best prompts and experiencesThis creates repetition. And repetition creates behavior change. Instead of overwhelming users with every feature at once, the goal is to help employees discover one task where AI genuinely improves their day. That single win becomes the anchor habit.WHY MOST ROLLOUTS FAIL Carina identifies several warning signs that indicate an AI rollout is already failing:Nobody attends Q&A sessionsUsers stop sharing promptsCommunication disappears inside corporate noiseChampions lose enthusiasmLeadership pushes technology without contextOne of her strongest recommendations:“Fake it till you make it.” In early adoption stages, project teams should ...
    続きを読む 一部表示
    53 分
  • The Human Side of CRM & Business Applications with Thomas Sandsør [MVP]

    The Human Side of CRM & Business Applications with Thomas Sandsør [MVP]
    2026/05/13
    In this episode of the m365.fm podcast, Mirko Peters sits down with Microsoft MVP Thomas Sandsør for a refreshingly honest and deeply human conversation about CRM, business applications, AI, customer relationships, and the future of Microsoft Dynamics 365. But this is not another highly technical “which button should you click” discussion. Instead, Thomas shares nearly 20 years of real-world experience working with CRM systems and explains why successful CRM projects have far more to do with people, culture, leadership, and trust than with technology itself. From failed implementations and change management struggles to AI agents, sales psychology, customer service workflows, and the future of human interaction in business software — this episode dives into the realities behind modern CRM projects.FROM SOCCER GOALKEEPER TO “THE CRM KEEPER” Thomas shares the story behind his well-known nickname “The CRM Keeper,” combining his background as a soccer goalkeeper with his long-standing passion for Dynamics CRM. What began as a dream of becoming a professional football player eventually transformed into a career helping organizations build stronger customer relationships through technology. Throughout the episode, Thomas reflects on how lessons from sports — teamwork, leadership, collaboration, discipline, and understanding personalities — still influence the way he leads teams and approaches CRM projects today. WHY CRM IS REALLY ABOUT PEOPLE — NOT SOFTWARE One of the strongest themes throughout the episode is the idea that CRM implementations are fundamentally human projects. Thomas explains how, early in his career, he believed technology alone could solve business problems. Over time, however, he realized that even the best CRM platform fails if people do not trust, understand, or embrace the change behind it. The conversation explores:why many CRM projects failthe importance of change managementhow leadership impacts adoptionwhy company culture mattersthe psychology behind user behaviorthe challenge of getting teams invested in transformationAs Thomas puts it, CRM is not simply about deploying software — it is about changing how people work together.AI, COPILOT & THE FUTURE OF CRM The discussion also dives deep into AI and the future of Dynamics 365. Thomas shares both excitement and skepticism around the rapid rise of AI agents, Copilot experiences, automation, and prompt-based workflows. While AI is clearly improving productivity and reducing repetitive work, he also raises important questions around trust, governance, data quality, and whether businesses are truly ready for fully autonomous systems. The episode explores:AI-assisted sales workflowsCRM agents and automationthe future of user interfacesprompt-driven business applicationsAI-generated customer journeysdata quality challengesgovernance and security concernsthe changing role of CRM consultantsThomas predicts that future CRM experiences may become far less interface-driven and much more conversational, voice-based, and AI-assisted — while still requiring strong human relationships and trust to close deals and build customer loyalty.WHY MANY CRM IMPLEMENTATIONS FAILOne of the most valuable sections of the conversation focuses on why so many CRM projects still struggle — despite modern platforms being more powerful than ever. Thomas explains that failure rarely comes from missing technology features. Instead, the real challenges are:poor organizational buy-inlack of leadership engagementweak change managementunclear business goalsinsufficient user adoptiondisconnected company cultureHe also explains how sales teams, customer service departments, and marketers all require completely different adoption strategies because they interact with CRM systems in fundamentally different ways.KEY INSIGHTS FROM THE EPISODE “CRM IS NOT A TECHNOLOGY PROJECT. IT’S A BUSINESS TRANSFORMATION PROJECT.” One of the strongest takeaways from the conversation is that successful CRM adoption depends on people understanding the value behind the system — not simply being forced to use another tool. “THE BEST CRM IS THE ONE PEOPLE ACTUALLY USE.” Thomas explains that adoption matters more than features. Even the most advanced CRM system becomes useless if employees refuse to engage with it consistently.“AI WON’T REPLACE CONSULTANTS. CONSULTANTS USING AI WILL REPLACE THOSE WHO WON’T.” The conversation explores how AI is already changing the consulting industry by dramatically increasing productivity, automation, and solution delivery speed. TOPICS COVEREDDynamics 365 & CRM strategyThe human side of technologyAI agents & CopilotSales psychology & CRM adoptionCustomer service workflowsMarketing automationData quality & governanceChange managementLeadership in technology projectsThe future of business applicationsCRM implementation failuresPower Platform evolutionUser adoption challengesRemote work vs onsite collaborationAI ...
    続きを読む 一部表示
    51 分
  • The Service Principal Crisis: Why Personal Accounts Are Killing Your Security

    The Service Principal Crisis: Why Personal Accounts Are Killing Your Security
    2026/05/12
    Your Microsoft 365 automation environment is probably running on borrowed identity. In this episode of the M365FM Podcast, we expose one of the biggest hidden risks inside modern cloud architecture: enterprise workflows tethered to personal user accounts. It starts innocently enough. An engineer builds a Power Automate flow, connects a Logic App, configures a Power BI refresh, or deploys a SharePoint integration using their own credentials because it is fast and convenient. But the moment that person changes roles, resets a password, triggers Conditional Access, loses MFA access, or leaves the company entirely, the entire automation chain collapses. This is identity rot. Organizations across the world are unknowingly building mission-critical infrastructure on top of human dependencies instead of infrastructure identities. The result is brittle automation, failed workflows, silent outages, security gaps, and operational chaos that often goes unnoticed until production systems fail. As Microsoft moves toward the 2026 identity model, the era of service-principal-less automation is ending. Legacy authentication patterns are being deprecated, old Azure AD Graph integrations are disappearing, and modern workloads are being forced toward identity-first architecture. This episode breaks down why Service Principals, Managed Identities, Federated Credentials, and Zero-Secret authentication are no longer optional modernization projects. They are now foundational requirements for operational survival. If your automation breaks when an employee resigns, your architecture is already unstable.THE SHADOW ACCOUNT TRAP Most identity problems begin with convenience. An engineer connects a workflow using their own Microsoft 365 account because the permissions already exist and the deployment is faster. The automation works immediately, the project launches successfully, and nobody realizes they just embedded a hidden human dependency into critical infrastructure. Until the password changes. Until Conditional Access blocks the sign-in. Until MFA expires. Until the employee leaves the company. This episode explores why modern enterprises are trapped in what we call the Shadow Account Model:Personal accounts acting as infrastructure identitiesMFA incompatibility with headless automationAuthentication rot across Power Automate and Logic AppsOffboarding failures causing workflow collapseService accounts operating as unsecured ghost usersWe explain why Microsoft 365 security policies are designed for humans while enterprise automation requires non-human identity architecture.WHY MICROSOFT IS FORCING THE SHIFT Microsoft has officially recognized the structural flaw of user-based automation. As we move toward 2026:Legacy SharePoint 2013 workflows are being retiredAzure AD Graph is being deprecatedService-principal-less authentication is disappearingApp-only modern authentication is becoming mandatoryThe message from Microsoft is clear:Automation must have its own identity. This episode explains why organizations are no longer fighting technical debt alone. They are now fighting the direction of the platform itself. The old model asked:“Which person is running this automation?” The new model asks:“Which workload is authorized to perform this action?” That architectural shift changes everything.IDENTITY AS INFRASTRUCTURE Modern identity is no longer a human construct. It is infrastructure. In this episode, we explore how Service Principals function as non-interactive runtime identities that represent workloads instead of employees. We break down:The Decoupling Principle in enterprise securityWhy workloads need independent identity boundariesThe shift from human-centric to resource-centric authorizationWhy identity must become a deployment artifactHow infrastructure-native authentication improves resilienceWe also explain why Managed Identities represent the highest form of cloud-native identity architecture.MANAGED IDENTITIES AND ZERO-SECRET AUTHENTICATION The strongest credential is the one nobody ever handles. Managed Identities fundamentally change how enterprise authentication works because Azure manages the entire lifecycle automatically:Credential generationRotationStorageExpirationTrust enforcementThis episode explores:Why Managed Identities eliminate secret sprawlHow Zero-Secret authentication reduces breach riskWhy workload-bound identity changes operational securityHow Azure ties identity directly to resource lifecycleThe security benefits of infrastructure-native trustWe also explain why organizations are aggressively moving away from static client secrets and passwords toward short-lived trust-based authentication models.FEDERATED CREDENTIALS AND THE END OF STATIC SECRETS Static secrets are one of the largest liabilities in enterprise automation. This episode explores how Federated Credentials and OpenID Connect (OIDC) are replacing long-lived secrets inside GitHub Actions, CI/CD pipelines, and multi-cloud ...
    続きを読む 一部表示
    19 分
  • The Death of Manual Tagging: Real-Time AI for Microsoft Purview

    The Death of Manual Tagging: Real-Time AI for Microsoft Purview
    2026/05/12
    Manual tagging is dead. The modern enterprise simply produces too much data, too quickly, for humans to classify it accurately. In this episode of the M365FM Podcast, we expose the structural failure behind traditional Microsoft Purview labeling strategies and explain why relying on employees to manually classify sensitive information has become one of the biggest security blind spots in modern organizations. For years, enterprise governance frameworks have depended on a dangerous assumption: that users will consistently stop what they are doing, evaluate the sensitivity of a document, and apply the correct label every single time they save a file. But real-world adoption rates tell a different story. Most organizations see manual labeling adoption hover around thirty percent, leaving the majority of intellectual property effectively invisible to security controls, Data Loss Prevention policies, and compliance enforcement mechanisms. This episode breaks down why the entire model of user-driven classification is collapsing under the weight of AI, high-velocity collaboration, and massive unstructured data growth across Microsoft 365, Teams, SharePoint, OneDrive, Slack, and Copilot environments. We are moving away from human-driven governance and into an era of autonomous classification where AI understands the meaning, context, and intent of data in real time.THE STRUCTURAL FAILURE OF MANUAL GOVERNANCE Traditional labeling systems were designed for a slower world. A world where users created fewer files, collaboration moved at human speed, and security teams believed awareness training could compensate for operational friction. That world no longer exists. Today’s employees are overwhelmed by notifications, meetings, chat streams, AI-generated content, and constant collaboration requests. Expecting them to behave like full-time data librarians while trying to perform their actual jobs is structurally unrealistic. We explore why:Manual tagging creates productivity frictionUsers consistently choose speed over governanceSensitivity labels are often misunderstood or ignoredSecurity models built on human choice inevitably fail at scaleUnlabeled files become invisible to downstream security controlsThis episode also examines how modern compliance failures increasingly originate from governance gaps rather than firewall breaches or encryption failures.WHY REGEX AND KEYWORD MATCHING ARE NO LONGER ENOUGHFor years, organizations relied on regex patterns and keyword matching to identify sensitive content. These tools are incredibly fast—but fundamentally context blind. A regex engine can detect a pattern that looks like a credit card number or social security identifier, but it cannot understand the meaning of a document. It cannot distinguish between a public training manual and a confidential merger strategy. This creates dangerous false positives and even more dangerous false negatives. We explain:Why regex fails against modern unstructured dataThe difference between pattern recognition and semantic understandingHow intellectual property bypasses traditional detection enginesWhy context is now the most important security signalHow AI-driven content changes the economics of governanceAs organizations deploy Microsoft Copilot and AI-powered search experiences, unlabeled data becomes dramatically more dangerous because AI systems amplify every governance mistake hidden inside the environment.BUILDING THE AI INTELLIGENCE LAYER FOR MICROSOFT PURVIEW The future of Microsoft Purview is not user-driven labeling. It is autonomous AI-driven governance operating directly inside the data stream. This episode explores how organizations are deploying Large Language Models as real-time classification engines that understand the intent, relationships, and sensitivity of data without requiring any user interaction. We break down:How AI inference engines integrate with Microsoft PurviewWhy LLMs outperform traditional pattern-matching systemsThe role of semantic understanding in modern governanceHow fine-tuned models recognize proprietary business contextWhy autonomous classification reduces human error dramaticallyInstead of asking users to select labels manually, AI systems now analyze documents automatically at creation time, mapping content directly to Purview sensitivity labels behind the scenes. Governance becomes invisible infrastructure rather than an interruption to productivity.REAL-TIME CLASSIFICATION AND THE LATENCY PROBLEM One of the biggest architectural failures in modern Purview deployments is the mismatch between AI speed and traditional compliance systems. AI operates in milliseconds. Most Microsoft Graph labeling workflows operate asynchronously and can take minutes—or even hours—to fully propagate across Microsoft 365 workloads. This creates a dangerous vulnerability window where sensitive content exists without protection while AI systems like Copilot can already access and index it. We explore:Why ...
    続きを読む 一部表示
    18 分