Syskit Blog Rethinking Power Platform governance with Syskit Point
Microsoft 365 management Microsoft 365 security

Rethinking Power Platform governance with Syskit Point

By:  Syskit team

Last updated: May 12, 2025

11 min read

Leverage Power Platform's capabilities without stifling innovation.

Table of contents

Low-code platforms like Microsoft Power Platform promise agility. As of April 2024, Microsoft Power Platform boasts over 33 million monthly active users, highlighting its extensive reach across various industries. By leveraging Power Platform and generative AI, Cineplex automated key processes across departments and saved over 30,000 hours annually. The US utility company Evergy saves over 120,000 hours per year. The results are impressive, to say the least.

But without a strategic overview, that promise quickly turns into complexity, sprawl, and risk. In this blog, we’ll give you an overview of the Center of Excellence and how Syskit Point steps in to help enterprises regain control and enforce governance without stifling creativity.

The Power Platform challenge beneath the surface

Microsoft Power Platform is transformative, no question. But transformation without visibility creates risk. As organizations embrace Power Platform, IT leaders face a pressing dilemma: how do we enable innovation without losing control?

Let’s break down the top challenges organizations face:

1. Lack of visibility into what exists in your Power Platform

The Power Platform ecosystem grows quickly. Apps, flows, connectors, and environments, without a centralized inventory, IT teams struggle to answer basic questions:

  • What apps and flows are live?
  • Who owns them?
  • What data do they touch?
  • Are premium resources used and bleeding resources?
  • What Power BI reports and dashboards exist, and who can access them?

This opacity makes Power Platform management reactive at best, and dangerously blind at worst.

2. Security and compliance risks

Business users aren’t trained in governance, which is another problem we often talk about here in our blogs. They may inadvertently expose sensitive data through insecure connectors or poorly configured flows. Imagine a flow designed to share customer data with a third-party system, accidentally left open to the wrong audience.

With evolving regulations like GDPR and HIPAA, this kind of misstep can be costly, both financially and reputationally.

3. Shadow IT and unmanaged growth

When users can build without oversight, shadow IT becomes a reality. And while shadow IT may sound like a buzzword, its implications are very real:

  • Unsupported apps that become business-critical,
  • Flows running on orphaned accounts,
  • Redundant solutions wasting time and resources.

IT ends up firefighting instead of strategically guiding development.

4. Lifecycle and ownership gaps

What happens when a flow’s creator leaves the company? Often, nothing.

Until the flow breaks. And when it does, no one knows how to fix it. Similarly, apps created for temporary projects continue running in the background, consuming resources and posing security risks.

These are not just annoyances. They are systemic issues that reveal a gap in Power Platform governance.

The promise and pitfalls of native tools

The Microsoft community has long recognized the need for governance within Power Platform and has responded by offering free, native governance solutions, chief among them, the Power Platform Center of Excellence (CoE) Starter Kit.

At first glance, it seems like the answer to the growing problem of app and flow sprawl. It includes dashboards, automation templates, and tools that give IT teams a degree of visibility and control over their Power Platform footprint.

The CoE Kit might even be sufficient in small organizations or highly centralized teams. But as many enterprise IT leaders quickly discover, it comes with its own set of challenges.

CoE: A governance framework in theory

The CoE Starter Kit includes components designed to help organizations:

  • Inventory Power Platform resources (apps, flows, environments)
  • Monitor usage and performance metrics
  • Identify orphaned apps and flows
  • Set up approval workflows for app makers
  • Track connector usage and DLP policy violations
  • Facilitate self-service mechanisms (like request forms or ownership reassignment)

In essence, it’s a collection of Power Apps, Power BI dashboards, and Power Automate flows that can be customized to govern a Power Platform environment.

But here’s the catch: The gaps in real-world usage

While it sets a useful foundation, the CoE Kit has key limitations when it comes to operationalizing governance in large, distributed organizations:

1. Licensing Requirements for CoE Kit

The CoE Kit is free but not license-free. It relies heavily on Power Platform components, which incur real licensing and capacity costs. These usually include:

  • Microsoft 365 License,
  • Power Apps Per User License to manage apps,
  • Power Automate Per User or Per Flow License to manage automated workflows,
  • PowerBI Pro or Premium Per User License to utilize Power BI dashboards included in the Kit,
  • And Power Platform Service Admin Role which grants administrative privileges necessary for setup and ongoing management.

Let’s deep dive into licensing.

a) Power Apps/Power Automate Premium Licenses

To use premium connectors like Dataverse (which the CoE Kit uses extensively), you’ll typically need:

  • At least 1-2 premium licenses to set up and run the CoE Kit (Power Apps per user or per app plan).
  • If automation is involved across environments, more Power Automate per-flow plans or per-user plans may be required.

b) Dataverse Capacity

  • The CoE Kit stores telemetry and audit logs in Dataverse.
  • For large orgs, this can balloon quickly: expect 1–2 GB per environment per year, sometimes more depending on the number of makers and solutions.
  • Extra storage costs $40/GB/month (Dataverse Database), and larger organizations often quickly exceed the 10 GB baseline quota.

c) Power BI Premium or Pro

  • The CoE Starter Kit includes dashboards built in Power BI.
  • These dashboards need either:
    • Power BI Pro licenses for every viewer (at $10/user/month), or
    • Power BI Premium Capacity (starts around $4,995/month) for large-scale sharing.

2. People requirements (time and roles)

Running a CoE Kit effectively especially in a large organization typically involves multiple roles:

Role
Approximate FTE Need
Notes
Platform Admin

0.5–1 FTE

Setup, environment strategy, capacity mgmt.
CoE Owner

1 FTE

Oversees adoption, reporting, governance policy
Support / Ops

1–2 FTE

Manage Dataverse performance, bugs, updates
Data Analysts

0.5–1 FTE

Maintain/extend Power BI dashboards
Compliance/Security Analyst

0.25–0.5 FTE

Handles audit reviews, access requests

In large organizations (>1,000 makers), you’re often looking at 3–5 FTEs total. In today’s lean environments, where teams are already stretched, this adds a significant load. Instead of managing dashboards and fixing CoE issues, what if your team could focus on building productivity-boosting solutions for the business?

3. DIY setup and maintenance

The CoE Kit is not a plug-and-play solution. It requires:

  • Manual installation and configuration,
  • Frequent updates (often involving re-deployments),
  • Troubleshooting when components fail.

There’s no official Microsoft support, only a GitHub repository. For a governance-critical tool, this presents a considerable risk. If something breaks, you could be waiting days for a community contributor to respond, if they respond at all.

4. Limited automation for remediation

The CoE Kit can surface issues, but it does not provide direct action capabilities for fixing them. For example, while it may identify orphaned flows or apps, it doesn’t allow you to reassign ownership from within the same interface. Admins must switch to the Power Platform Admin Center or run PowerShell scripts, adding complexity and delay.

5. Fragmented user experience and steep learning curve

One of the most common pain points IT teams encounter when adopting the CoE Starter Kit is the user experience itself. Though powerful in theory, the kit was designed by developers for developers, leaving a steep learning curve for those unfamiliar with the intricacies of Power Platform.

Admins often find themselves jumping between multiple apps and dashboards, trying to piece together an accurate view of their environment. The data, while technically available, is scattered and inconsistent across reports. Interpreting it often requires manual cleanup, context switching, or even custom scripting. And when teams attempt to customize the templates to match internal policies or compliance standards, they quickly realize the complexity involved.

The framework may create more friction rather than empower administrators to take ownership of governance. This fragmentation makes it difficult to scale visibility across business units or confidently delegate responsibilities.

6. Scalability and performance issues

As the Power Platform footprint grows, the CoE Kit’s data sync and reporting processes can become slow and error-prone. Sync jobs may fail or experience significant delays, especially in organizations managing thousands of apps and flows. Microsoft notes that the approach is generally adequate for small to mid-sized tenants. Still, in larger environments where the combined number of environments, apps, and flows exceeds 10,000, it may begin to show performance strain.

Without scalability, insights are delayed or incomplete, leading to slower decision-making and elevated risk.

7. Security and compliance blind spots

The CoE Kit lacks several controls that enterprise IT and security teams expect, including:

  • Granular access reporting across environments,
  • Role-based permission management for apps and flows,
  • Audit-ready logs and reporting aligned to compliance standards,
  • Automated cleanup or archiving of inactive resources.

These gaps limit its effectiveness in regulated industries or organizations with mature security frameworks.

The result: A framework, not a fully functional solution

In summary, the CoE Starter Kit is a helpful starting point. It introduces key governance concepts, provides baseline telemetry, and offers a toolkit for building more mature processes. The CoE Starter Kit is a great example of how Microsoft and the Power Platform community have come together to provide a solid governance starting point.

It’s a valuable blueprint, especially for consulting teams looking to tailor governance frameworks to their clients’ needs. But for large-scale enterprises, it remains a framework, not a complete enterprise-grade solution.

Additionally, its open-source nature also means that support is not guaranteed. Enterprises with mission-critical needs may find the support gaps untenable.

Enter Syskit Point: Visibility, control, and confidence

Designed to address the challenges of Power Platform management at scale, Syskit Point transforms how enterprises approach governance. It provides the visibility and tools needed to manage Power Platform holistically, without impeding innovation.

Let’s walk through what it enables.

Unified inventory and deep insights

Imagine opening a dashboard and seeing every Power App, flow, and environment in your tenant, along with who owns them, who has access, and what they’re connected to. No more guesswork.

Syskit Point provides:

  • A centralized inventory of Power Platform environments, flows, and apps,
  • Visibility into standard, premium, and custom connectors,
  • Full access insights: primary owners, co-owners, and users,
  • Power BI reports and dashboards, and who has access to them.

This gives IT the power to spot redundancies, assess risk, and make informed decisions instantly.

Syskit Point Power Platform

Comprehensive Power Platform reports

Syskit Point doesn’t just show data. It tells a story. The platform provides powerful, customizable Power Platform reports that let you:

  • Track app and flow usage over time,
  • Identify underused or inactive flows, apps and flows shared externally, the most popular apps and flows, production apps in default environments, apps and flows requiring premium licensing, etc.
  • Monitor connector usage across environments,
  • Audit who accessed what and when.

This kind of reporting is essential for compliance audits, internal reviews, and resource planning.

Power Platform Report Center

Proactive Power Platform access management

One of the most overlooked risks in Power Platform is app and flow abandonment. By keeping outdated, inactive, and orphaned apps and flows, you risk operational disruptions and an increased possibility of security risks. With our Power Platform features, you can simplify tasks by eliminating jumping from one service to another and mitigate potential risks immediately. Directly from the report, admins can now:

  • Remove access from deactivated users,
  • Clean up orphaned flows and apps,
  • Prevent access violations before they become breaches.

This ensures every app and flow has clear ownership and nothing runs in the shadows.

Power Apps Permissions

Power Platform lifecycle management

This visibility into your Power Platform ensures that only relevant, supported tools remain active, reducing both cost and risk. You can take direct action to maintain a well-governed environment by:

  • Deleting apps, flows, or entire environments that are no longer in use helps reduce clutter and minimize unnecessary exposure.
  • Changing the owners of Power Apps and Flows to ensure each resource has a responsible point of contact.
  • Adding co-owners, either individually or in bulk (particularly useful for addressing orphaned resources and improving continuity).
Power Platform action

Power Platform with Copilot, AI, and the road ahead

Generative AI, including Microsoft’s Copilot Studio, is accelerating Power Platform adoption. Users can now describe workflows or apps in natural language and Copilot will attempt to build them.

This is powerful. It’s also dangerous.

Without governance, AI-generated app sprawl could outpace even the most agile IT team. Syskit Point steps in with guardrails through ongoing monitoring of new apps and flows. As we enter the next era of low-code development, a platform like Syskit Point will be critical, not just for compliance but for operational sanity.

Even though the agents in Copilot Studio are in the early stages, we are developing a solution that will support visibility and control in this evolving space. You can expect the announcement very soon. If you’re interested in finding out more details, reach out to us.

Governance as an enabler, not a roadblock

Power Platform management shouldn’t mean locking down innovation. It should mean enabling innovation safely, sustainably, and strategically. With Syskit Point, enterprises can strike that balance. IT regains control. Business users keep building. And leadership gains the confidence that their digital transformation is happening on a strong, secure foundation.

While the CoE Kit sets a strong foundation, it’s not equipped for scale. It lacks official support, relies on manual processes, and places additional load on already-busy IT teams. Syskit Point offers a different approach:

  • Familiar interface for Microsoft 365 admins,
  • Dedicated support and expert onboarding,
  • Built to scale in large, regulated environments.

With Syskit Point, you get a partner, not just a framework or suite of governance and security features.

Related Posts

syskit security
Microsoft 365 security

SharePoint permissions cleanup - How to avoid mess & optimize costs

In this SP permissions cleanup guide, you will learn how to find and manage you…

November 12, 2018 4 min read
Microsoft management
Microsoft 365 governance

Microsoft Purview Licensing: E3 vs E5 bundle comparison 

Find out which Microsoft Purview features are available with E3 and E5 licenses

November 6, 2024 2 min read
syskit security
Microsoft 365 security

4 steps to minimize oversharing and stay Copilot ready

Are you ready to roll out Copilot for Microsoft 365 but worried about overshari…

May 14, 2024 7 min read