M365.FM - Modern work, security, and productivity with Microsoft 365 cover art

M365.FM - Modern work, security, and productivity with Microsoft 365

M365.FM - Modern work, security, and productivity with Microsoft 365

By: Mirko Peters (Microsoft 365 consultant and trainer)
Listen for free

About this listen

 Welcome to the M365.FM — your essential podcast for everything Microsoft 365, Azure, and beyond. Join us as we explore the latest developments across Power BI, Power Platform, Microsoft Teams, Viva, Fabric, Purview, Security, and the entire Microsoft ecosystem. Each episode delivers expert insights, real-world use cases, best practices, and interviews with industry leaders to help you stay ahead in the fast-moving world of cloud, collaboration, and data innovation. Whether you're an IT professional, business leader, developer, or data enthusiast, the M365.FM brings the knowledge, trends, and strategies you need to thrive in the modern digital workplace. Tune in, level up, and make the most of everything Microsoft has to offer. M365.FM is part of the M365-Show Network.

Become a supporter of this podcast: https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365--6704921/support.Copyright Mirko Peters / m365.fm - Part of the m365.show Network - News, tips, and best practices for Microsoft 365 admins Politics & Government
Episodes
  • Beyond the Sidebar: How Altera Unlocks the Autonomous Microsoft Enterprise

    Beyond the Sidebar: How Altera Unlocks the Autonomous Microsoft Enterprise
    Feb 8 2026
    Most organizations think “AI agents” mean Copilot with extra steps: a smarter chat box, more connectors, maybe some workflow buttons. That’s a misunderstanding. Copilot accelerates a human. Autonomy replaces the human step entirely—planning, acting, verifying, and documenting without waiting for approval. That shift is why fear around agents is rational. The moment a system can act, every missing policy, sloppy permission, and undocumented exception becomes operational risk. The blast radius stops being theoretical, because the system now has hands. This episode isn’t about UI. It’s about system behavior. We draw a hard line between suggestion and execution, define what an agent is contractually allowed to touch, and confront the uncomfortable realities—identity debt, authorization sprawl, and why governance always arrives after something breaks. Because that’s where autonomy fails in real Microsoft tenants. The Core Idea: The Autonomy Boundary Autonomy doesn’t fail because models aren’t smart enough. It fails at boundaries, not capabilities. The autonomy boundary is the explicit decision point between two modes:Recommendation: summarize, plan, suggestExecution: change systems, revoke access, close tickets, move moneyCrossing that boundary shifts ownership, audit expectations, and risk. Enterprises don’t struggle because agents are incompetent—they struggle because no one defines, enforces, or tests where execution is allowed. That’s why autonomous systems require an execution contract: a concrete definition of allowed tools, scopes, evidence requirements, confidence thresholds, and escalation behavior. Autonomy without a contract is automated guessing. Copilot vs Autonomous Execution Copilot optimizes individuals. Autonomy optimizes queues. If a human must approve the final action, you’re still buying labor—just faster labor. Autonomous execution is different. The system receives a signal, forms a plan, calls tools, verifies outcomes, and escalates only when the contract says it must. This shifts failure modes:Copilot risk = wrong wordsAutonomy risk = wrong actionsThat’s why governance, identity, and authorization become the real cost centers—not token usage or model quality. Microsoft’s Direction: The Agentic Enterprise Is Already Here Microsoft isn’t betting on better chat. It’s normalizing delegation to non-human operators. Signals are everywhere:GitHub task delegation as cultural proofAzure AI Foundry as an agent runtimeCopilot Studio enabling multi-agent workflowsMCP (Model Context Protocol) standardizing tool accessEntra treating agents as first-class identitiesTogether, this turns Microsoft 365 from “apps with a sidebar” into an agent runtime with a massive actuator surface area—Graph as the action bus, Teams as coordination, Entra as the decision engine. The platform will route around immature governance. It always does. What Altera Represents Altera isn’t another chat interface. It’s an execution layer. In Microsoft terms, Altera operationalizes the autonomy boundary by enforcing execution contracts at scale:Scoped identitiesExplicit tool accessEvidence capturePredictable escalationReplayable outcomesThink of it as an authorization compiler—turning business intent into constrained, auditable execution. Not smarter models. More deterministic systems. Why Enterprises Get Stuck in “Pilot Forever” Pilots borrow certainty. Production reveals reality. The moment agents touch real permissions, real audits, and real on-call rotations, gaps surface:Over-broad accessMissing evidenceUnclear incident ownershipDrift between policy and realitySo organizations pause “for governance,” which usually means governance never existed. Assistance feels safe. Autonomy feels political. The quarter ends. Nothing ships. The Autonomy Stack That Survives Production Real autonomy requires a closed-loop system:Event – alerts, tickets, telemetryReasoning – classification under policyOrchestration – deterministic tool routingAction – scoped execution with verificationEvidence – replayable run recordsIf you can’t replay it, you can’t defend it. Real-World Scenarios CoveredAutonomous IT remediation: closing repeatable incidents safelyFinance reconciliation & close: evidence-first automation that survives auditSecurity incident triage: reducing SOC collapse without autonomous self-harmAcross all three, the limiter is the same: identity debt and authorization sprawl. MCP, Tool Access, and the New Perimeter MCP makes tool access cheap. Governance must make unsafe action impossible. Discovery is not authorization. Tool registries are not permission systems. Without strict allowlists, scope enforcement, and version control, MCP accelerates privilege drift—and turns convenience into conditional chaos. The Only Cure for “Agent Said So”: Observability & Replayability Autonomous systems must produce:InputsDecisionsTool callsIdentity contextVerification ...
    Show More Show Less
    1 hr and 24 mins
  • The Fabric Governance Illusion: Why Your Data Strategy Is Rotting

    The Fabric Governance Illusion: Why Your Data Strategy Is Rotting
    Feb 7 2026
    Most organizations believe Microsoft Fabric governance is solved the moment they adopt the platform. One tenant, one bill, one security model, one governance story. That belief is wrong — and expensive. In this episode, we break down why Microsoft Fabric governance fails by default, how well-intentioned governance programs turn into theater, and why cost, trust, and meaning silently decay even when usage looks stable. Fabric isn’t a single platform. It’s a shared decision engine. And if you don’t enforce intent through system constraints, the platform will happily monetize your confusion. What’s Broken in Microsoft Fabric Governance Fabric Is Not a Platform — It’s a Decision Engine Microsoft Fabric governance fails when teams assume “one platform” means one execution model. Under the UI lives multiple engines, shared capacity scheduling, background operations, and probabilistic performance behavior that ignores org charts and PowerPoint strategies. Governance Theater in Microsoft Fabric Most Microsoft Fabric governance programs focus on visibility instead of control:
    • Naming conventions
    • Centers of Excellence
    • Approval workflows
    • Best-practice documentation
    None of these change what the system actually allows people to create — which means none of them reduce risk, cost, or entropy. Cost Entropy in Fabric Capacities Microsoft Fabric costs drift not because of abuse, but because of shared compute, duplication pathways, refresh overlap, background load, and invisible coupling between teams. Capacity scaling becomes the default response because it’s easier than fixing architecture. Workspace Sprawl and Fabric Governance Failure Workspaces are not governance boundaries. In Microsoft Fabric, they are collaboration containers — and when treated as security, cost, or lifecycle boundaries, they become the largest entropy generator in the estate. Domains, OneLake, and the Illusion of Control Domains and OneLake help with discovery, not enforcement. Microsoft Fabric governance breaks when taxonomy is mistaken for policy and centralization is mistaken for ownership. Semantic Model Entropy Uncontrolled self-service semantic models create KPI drift, executive distrust, and refresh storms. Certified and promoted labels signal intent — they do not enforce it. Why Microsoft Fabric Governance Fails at Scale Microsoft Fabric governance fails because:
    • Creation is cheap
    • Ownership is optional
    • Lifecycle is unenforced
    • Capacities are shared
    • Metrics measure activity, not accountability
    The platform executes configuration, not intent. If governance doesn’t compile into system behavior, it doesn’t exist. The Microsoft Fabric Governance Model That Actually Works Effective Microsoft Fabric governance operates as a control plane, not a committee:
    • Creation constraints that block unsafe structures
    • Enforced defaults for ownership, sensitivity, and lifecycle
    • Real boundaries between dev and production
    • Automation with consequences, not emails
    • Lifecycle governance: birth, promotion, retirement
    The cheapest workload in Microsoft Fabric is the one you never allowed to exist. The One Rule That Fixes Microsoft Fabric Governance If an artifact in Microsoft Fabric cannot declare:
    • Owner
    • Purpose
    • End date
    …it does not exist. That single rule eliminates more cost, risk, and trust erosion than any dashboard, CoE, or policy document ever will.

    Become a supporter of this podcast: https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365--6704921/support.

    If this clashes with how you’ve seen it play out, I’m always curious. I use LinkedIn for the back-and-forth.
    Show More Show Less
    1 hr and 21 mins
  • You Don’t Have a Microsoft Tool Problem — You Have a People Problem

    You Don’t Have a Microsoft Tool Problem — You Have a People Problem
    Feb 6 2026
    Most Microsoft 365 governance initiatives fail — not because the platform is too complex, but because organizations govern tools instead of systems. In this episode, we break down why assigning “Teams owners,” “SharePoint admins,” and “Purview specialists” guarantees chaos at scale, and how fragmented ownership turns Microsoft 365 into a distributed decision engine with no accountability. You’ll learn the real governance failure patterns leaders miss, the litmus test that exposes whether your tenant is actually governed, and the system-first operating model that fixes identity drift, collaboration sprawl, automation risk, and compliance theater. If your tenant looks “configured” but still produces incidents, audits surprises, and endless exceptions — this episode explains why. Who This Episode Is For (Search Intent Alignment) This episode is for you if you are searching for:Microsoft 365 governance best practicesWhy Microsoft 365 governance failsTeams sprawl and SharePoint oversharingIdentity governance problems in Entra IDPower Platform governance and Power Automate riskPurview DLP and compliance not workingCopilot security and data exposure concernsHow to design an operating model for Microsoft 365This is not a tool walkthrough. It’s a governance reset. Key Topics Covered 1. Why Microsoft 365 Governance Keeps Failing Most organizations blame complexity, licensing, or “user behavior.” The real failure is structural: unclear accountability, siloed tool ownership, and governance treated as configuration instead of enforcement over time. 2. Governing Tools vs Governing Systems Microsoft 365 is not a collection of independent apps. It is a single platform making thousands of authorization decisions every minute across identity, collaboration, data, and automation. Tool-level ownership cannot control system-level behavior. 3. Microsoft 365 as a Distributed Decision Engine Every click, link, share, and flow run is a policy decision. If identity, permissions, and policies drift, the platform still executes — just not in ways leadership can predict or defend. 4. The Org Chart Problem Fragmented ownership creates “conditional chaos”:Teams admins optimize adoptionSharePoint admins lock down storageSecurity tightens Conditional AccessCompliance rolls out PurviewMakers automate everythingEach role succeeds locally — and fails globally. 5. Failure Pattern #1: Identity Blind Spots Standing privilege, mis-scoped roles, forgotten guests, and unmanaged service principals turn governance into luck. Identity is not a directory — it’s an authorization compiler. 6. Failure Pattern #2: Collaboration Sprawl & Orphaned Workspaces Teams and SharePoint sites multiply without lifecycle ownership. Owners leave. Data remains. Search amplifies exposure. Copilot accelerates impact. 7. Failure Pattern #3: Automation Without Governance Power Automate is delegated execution, not a toy. Default environments, unrestricted connectors, and personal flows become invisible production systems that outlive their creators. 8. Compliance Theater and Purview Illusions Having DLP, retention, and labels does not mean you are governed. Policies without owners become noise. Alerts without authority become ignored. Compliance without consequences is theater. 9. The Leadership Litmus Test Ask one question to expose governance reality:“If this setting changes today, who feels it first — and how would we know?”If the answer is a tool name, you don’t have governance. 10. The System-First Governance Model Real governance has three parts:Intent — business-owned constraintsEnforcement — defaults that hold under pressureFeedback — routine drift detection and correction11. Role Reset: From Tool Owners to System Governors This episode defines the roles most organizations are missing:Platform Governance LeadIdentity & Access StewardInformation Flow OwnerAutomation Integrity OwnerGovernance is not a committee. It’s outcome ownership. What You’ll Walk Away WithA mental model for Microsoft 365 governance that actually matches platform behaviorA way to explain governance failures to executives without blaming usersA litmus test leaders can use immediatelyA practical operating model that reduces exceptions instead of managing themLanguage to stop funding “more admins” and start funding accountabilityBecome a supporter of this podcast: https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365--6704921/support.If this clashes with how you’ve seen it play out, I’m always curious. I use LinkedIn for the back-and-forth.
    Show More Show Less
    1 hr and 18 mins
No reviews yet
In the spirit of reconciliation, Audible acknowledges the Traditional Custodians of country throughout Australia and their connections to land, sea and community. We pay our respect to their elders past and present and extend that respect to all Aboriginal and Torres Strait Islander peoples today.