This article will guide you through the process of automating Office 365 governance with Rencore Governance.
Rencore Governance helps you to automate governance of your Office 365 tenant. Through enabling specific policies, it allows you to monitor changes to specific aspects of your tenant. To automate handling relevant changes in your tenant, you can use the Rencore Governance Power Platform connector (https://docs.microsoft.com/en-us/connectors/rencoregovernance/) and build Power Automate flows.
To help you get started automating the governance of your Office 365 tenant using Rencore Governance, we offer you several flow templates which you can adjust to meet your specific needs.
Before you start
Rencore Governance helps you to enforce governance in your Office 365 tenant through policies. A policy monitors specific types of resources in your Office 365 tenant, such as Power Automate flows that use premium features or execute frequently, external accounts that haven’t been used recently or unused Microsoft Teams and Office 365 groups. Resources, that don’t meet the specific policy will be listed as non-compliant resources. Each non-compliant resource has its owners and users and can be enabled or disabled (for example a Power Automate flow or a user account can be enabled or disabled). All this information is exposed to the Rencore Governance Power Platform connector to help you to automate the governance of your Office 365 tenant at scale.
Before you start automating the governance of your tenant, sign in to Rencore Governance, connect to your Office 365 tenant and enable the policies that you would like to enforce in your tenant. Next, go to Microsoft Power Automate, add a new connector to Rencore Governance and connect to is using the same account that you used to sign in to Rencore Governance previously. Having done this, you can start building your own flows or use the templates below to quickly get started.
Notify owners of non-compliant resources
One way to automate handling resources that don’t comply with the specific policy is to notify their owners and ask them to take the action.
After receiving information about resources that don’t comply with the selected policy, our template iterates over owners of all non-compliant resources. For each owner, it checks if the person has any non-compliant resources that are currently enabled. If that is the case, the template creates a list of all non-compliant resources owned by that person and sends them an email asking to review these resources.
After importing the template in your environment, you need to connect to Rencore Gernance and in the trigger, select the environment and the policy that you would like to track. Optionally, in the Send an email action, you can adjust the contents of the email and specify the email address from which the email should be sent.
Disable non-compliant flows after approval
Knowing about non-compliant resources in your organization is just the first step of governance. The second step, and often the hardest one, is to handle them at scale.
For some resources, like Microsoft Power Automate flows, there are actions that allow you to disable flows. If you use Rencore Governance for governance of Microsoft Power Automate flows, you can use our template to track non-compliant flows and disable them after the approval from their owners.
After receiving information about non-compliant flows, our template will iterate through them. If the particular non-compliant flow is enabled, the template will start an approval process with owners of that flow. If the first response approves disabling the flow the flow will proceed with turning the particular non-compliant flow off. You can tweak the flow to your organization’s needs by changing the conditions required to disable the particular flow, the contents of the message sent to flow’s owners and how to handle rejected approvals. Based on availability of Power Platform connectors, you could use the template to disable other types of resources as well.