M365 FM Podcast

Artificial Intelligence is transforming the enterprise world faster than most organizations can adapt. Every company wants AI. Every executive wants Copilot. Every IT department is under pressure to modernize. But as AI adoption accelerates, one critical question continues to grow louder: how do organizations stay secure while embracing the future? In this deep-dive episode of the m365.fm podcast, Mirko Peters sits down with Danilo Nogueira from Microsoft to explore the rapidly evolving intersection of AI, security, compliance, insider risk, automation, and data governance. This conversation goes far beyond hype and marketing buzzwords. Instead, it delivers practical, real-world insights directly from someone working inside Microsoft’s security ecosystem every single day. Danilo currently works as a Senior Product Manager at Microsoft focused on Microsoft Purview, Insider Risk Management, Data Security, and AI-driven security experiences. With more than twenty years of experience across productivity, compliance, SharePoint, enterprise architecture, governance, and security, Danilo brings a rare perspective that combines deep technical knowledge with hands-on customer experience. Throughout the episode, Danilo explains why AI is fundamentally changing the way organizations must think about security. Traditional “block everything” approaches no longer work in modern cloud environments. Instead, organizations need visibility, monitoring, intelligent automation, and strong governance strategies that still allow employees to remain productive and innovative.

THE REAL CHALLENGE OF AI ADOPTION

One of the biggest misconceptions around AI adoption is that deploying Copilot or enabling AI tools automatically creates productivity gains. Danilo explains that many organizations are rushing into AI without understanding the security implications hidden underneath their existing environments. Oversharing in SharePoint, poorly managed permissions, weak governance strategies, uncontrolled file access, and missing classification policies can suddenly become massive risks once AI systems gain access to organizational data. What employees previously struggled to find manually can now be surfaced instantly through AI-powered discovery. This is why Danilo repeatedly emphasizes the importance of “AI readiness.” AI readiness is not about licensing. It is not about deploying a chatbot. It is about understanding your data, your permissions, your governance model, and your organizational culture before AI becomes deeply integrated into daily operations. 

WHY OVERSHARING IS THE BIGGEST RISK

According to Danilo, oversharing remains one of the most dangerous and underestimated problems inside Microsoft 365 environments today. Many organizations have spent years granting broad permissions across SharePoint sites, Teams, file shares, and collaboration platforms without fully understanding the long-term consequences. Now AI changes everything. An employee who never manually searched through thousands of documents can suddenly ask Copilot simple questions that expose highly sensitive information. Financial data, salary information, contracts, confidential business plans, or executive communications may become discoverable if permissions are not properly governed. Danilo shares how organizations are only now waking up to the importance of proper data governance, classification, and access management because AI dramatically increases visibility into enterprise content. 

MICROSOFT PURVIEW EXPLAINED

For organizations unfamiliar with Microsoft Purview, Danilo offers one of the simplest and most relatable explanations imaginable. He compares Purview to a baby monitor. You do not completely block a baby from moving around the room. Instead, you monitor activity, understand behavior, and intervene when necessary. According to Danilo, modern enterprise security works the same way. Microsoft Purview enables organizations to monitor user activity, investigate insider risks, classify sensitive data, prevent data leakage, automate compliance workflows, and gain visibility into how information moves throughout the company. The platform becomes even more critical in the age of AI because organizations now need to understand:

• Who can access sensitive information
• Which data is classified as confidential
• How employees interact with AI tools
• What information AI systems can surface
• Where data is stored and shared
• How risky behavior can be detected automatically

INSIDER RISK IN THE AGE OF AI

The conversation also explores how insider risk management is evolving rapidly because of AI-powered systems. Danilo explains that organizations can no longer rely only on manual investigations or static policies. Modern environments generate enormous volumes of activity, alerts, and behavioral signals. AI agents and automation now play an increasingly important role in helping security teams prioritize what matters most. Examples include:

• Monitoring unusual file downloads
• Detecting suspicious data transfers
• Identifying abnormal user behavior
• Blocking risky actions automatically
• Alerting managers and HR teams
• Tracking long-term behavioral patterns

Danilo even shares real-world examples where organizations believed they had fully secured their environments, only to discover employees transferring sensitive data through Bluetooth or alternative methods that were never monitored properly.

THE SHIFT FROM BLOCKING TO MONITORING

One of the most important themes throughout the episode is the shift away from traditional security thinking. For years, enterprise security focused heavily on blocking access, restricting behavior, and locking down environments. But in cloud-first and AI-powered organizations, that model becomes increasingly difficult to maintain. Danilo argues that the future belongs to intelligent monitoring and adaptive security strategies. Instead of blocking everything, organizations must understand context, user behavior, risk patterns, and productivity requirements. This philosophy represents a major cultural transformation for many companies and security teams. 

AI AGENTS, AUTOMATION, AND THE FUTURE OF COMPLIANCE

Another major topic in this episode is the future of autonomous AI agents. Danilo explains how Microsoft is increasingly investing in AI-powered systems that can help organizations:

• Prioritize security alerts
• Analyze insider risks
• Investigate suspicious activity
• Surface critical incidents automatically
• Recommend remediation actions
• Improve compliance operations at scale

These systems are not designed to replace security professionals. Instead, they enhance productivity and help teams focus on the highest-priority issues faster than ever before. The discussion also explores how automation tools like Power Automate combined with AI can fundamentally transform business operations and security workflows.

BUILDING A REAL AI CULTURE

One of the strongest insights from Danilo is that organizations must build a true AI culture instead of simply deploying AI tools. Companies need to decide:

• What is acceptable AI usage?
• Which AI systems are approved?
• How should employees interact with AI?
• What data can AI access?
• What governance rules exist?
• How should sensitive information be protected?

Danilo believes the future workplace will increasingly attract talent based on AI maturity. Employees will actively look for organizations that embrace AI effectively, securely, and responsibly.

Become a supporter of this podcast: https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365--6704921/support.

In this episode of the m365.fm podcast, Mirko Peters sits down with Azure MVP and Microsoft Certified Trainer Vladimir Stefanovic to discuss one of the most underestimated topics in modern cloud architecture: Azure Governance at Scale. With more than twenty years of IT experience, Vladimir shares real-world lessons from enterprise cloud environments, large-scale Azure architectures, networking, identity, automation, and governance projects that either succeeded because of strong planning — or failed because of poor early decisions. The conversation starts with Vladimir’s journey from installing operating systems, configuring printers, and building small local networks to becoming a globally recognized Azure expert focused on governance, networking, infrastructure, and cloud strategy. He explains why understanding the foundations of infrastructure and networking is still critical today, even in a cloud-first and AI-driven world where many engineers jump directly into modern services without understanding the basics underneath.

WHY GOVERNANCE MUST START ON DAY ZERO

One of the core themes of this episode is that governance cannot be an afterthought. Vladimir explains why organizations often focus on applications, features, and rapid growth first, while governance, landing zones, permissions, automation, and security are pushed aside until systems become too large and too complex to fix easily. He compares poor cloud planning to building a house without designing the foundation first. The episode dives into:

• Why governance decisions become exponentially harder later
• The risks of unmanaged Azure growth
• Why “temporary” environments often become permanent production systems

THE REAL COST OF BAD AZURE DECISIONS

Vladimir explains how early architectural mistakes can create enormous operational and financial problems later. From incorrect networking models and weak permission structures to unmanaged subscriptions and missing automation, the episode explores how technical debt grows inside cloud environments over time. The discussion also covers:

• Brownfield vs greenfield Azure environments
• Why fast-growing companies struggle to redesign cloud architectures
• The operational impact of scaling without governance
• Why companies often prioritize new features over infrastructure stability

SECURITY, COSTS & CLOUD CHAOS

One of the strongest warning signs of weak governance is cloud chaos. Vladimir explains why security incidents and uncontrolled Azure costs are usually the first visible indicators that governance has failed. The conversation explores how organizations frequently underestimate governance because leadership often struggles to see immediate business value in preventive architecture work. The episode highlights:

• Why security breaches become business-critical events
• How governance reduces attack surfaces
• Why cost optimization starts with proper architecture
• The relationship between governance, automation, and operational stability

AZURE NETWORKING, LANDING ZONES & ENTERPRISE DESIGN

The discussion goes deep into Azure networking strategies, hybrid environments, landing zones, hub-and-spoke architectures, governance models, and enterprise connectivity planning. Vladimir explains why every organization requires a different architectural approach depending on workload type, scale, operational maturity, and future business goals. Topics include:

• Hybrid networking architectures
• VPN vs ExpressRoute decisions
• Azure Firewall and virtual appliance strategies
• Subscription structures and management groups
• Enterprise landing zone planning

THE IMPORTANCE OF NAMING CONVENTIONS & TAGGING

One surprisingly important part of the episode focuses on naming conventions and tagging strategies. Vladimir explains why proper naming standards are massively underrated in enterprise cloud environments and how strong conventions enable automation, governance, and scalable infrastructure deployment. The conversation explores:

• Automated landing zone deployments
• Resource organization strategies
• Standardized workload management
• Governance through automation

POLICY-DRIVEN GOVERNANCE & AUTOMATION

Another major topic is Azure Policy and policy-driven governance. Vladimir explains how organizations can automate governance controls, security standards, logging, resource deployment, and operational guardrails using Azure-native tooling and Infrastructure as Code approaches. The episode discusses:

• Policy-driven governance at enterprise scale
• Role-Based Access Control (RBAC)
• Least privilege principles
• Automation-first infrastructure
• Four-eyes approval models
• DevOps and DevSecOps governance

ZERO TRUST, IDENTITY & SECURITY GOVERNANCE

Security governance is another major focus of this episode. Vladimir shares his perspective on Zero Trust, identity management, Entra ID governance, private networking, privileged access, and operational security. He explains why identity is the foundation of everything inside Microsoft Cloud environments and why many organizations still underestimate its importance. The discussion covers:

• Identity governance challenges
• Zero Trust principles
• MFA and privileged access
• Microsoft Defender and Sentinel
• Operational security at scale
• Governance for Microsoft 365 and Azure together

AI, COPILOT & THE FUTURE OF GOVERNANCE

The conversation also explores how AI is starting to impact Azure operations, governance, and cloud management. Vladimir shares his thoughts on AI-powered automation, Copilot, Azure OpenAI, cloud agents, and AI-assisted operations. He explains both the opportunities and the risks of relying on AI systems without having enough technical expertise to validate the results. 
Topics include:

• AI-assisted cloud operations
• Automation with AI agents
• Governance for AI-driven environments
• The risks of unmanaged AI actions
• Cloud cost analysis using AI

EXPERIENCE, SIMPLICITY & GOOD DECISIONS

One of the strongest messages from this episode is that simplicity usually wins. Vladimir explains why the best architectures are often the simplest ones and why overengineering creates unnecessary complexity, operational overhead, and governance problems. The discussion highlights how experience plays a massive role in making good architectural decisions. The episode also explores:

• Why simplicity is difficult to achieve
• Learning through bad decisions
• The value of experienced architects
• T-shaped engineers and cross-functional expertise
• Designing systems for operational teams

Become a supporter of this podcast: https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365--6704921/support.

In this episode of the m365.fm podcast, Mirko Peters sits down with Microsoft MVP and MCT Nick Doelman to explore one of the most important technology shifts happening right now: the evolution of Agentic Coding and the future of AI-driven software development. From low-code platforms and Power Platform solutions to natural language interfaces and autonomous AI agents, this conversation dives deep into how developers, makers, consultants, and enterprise organizations must adapt to a completely new way of building business applications. Nick shares his incredible journey from programming on a Commodore 64 and working with C++ and Microsoft Dynamics CRM to becoming one of the leading voices in the Microsoft Power Platform ecosystem. He explains how his technical background, combined with years of real-world consulting and Microsoft experience, shaped his perspective on modern development, automation, governance, and AI-powered engineering.

FROM TRADITIONAL DEVELOPMENT TO AI-POWERED ENGINEERING

The conversation explores how software development has rapidly evolved over the past few years. Nick explains how Visual Studio Code, GitHub Copilot, Claude, MCP servers, and AI agents are transforming development workflows and dramatically increasing productivity. Instead of manually creating every field, table, and process inside Power Platform, developers can now use natural language prompts to generate data models, business logic, and application structures in minutes instead of hours. Nick also shares practical examples of how he now spends most of his time working with AI-assisted tooling rather than traditional development interfaces. The episode highlights how developers are increasingly collaborating with AI systems instead of simply writing code manually from scratch. 

WHAT AGENTIC CODING REALLY MEANS

One of the central topics of this episode is the meaning of Agentic Coding. Nick explains why Agentic Development is much more than simple vibe coding or asking AI to generate random applications. Instead, it is a structured collaboration between humans and intelligent agents where developers guide, supervise, validate, and refine AI-generated solutions. The discussion breaks down how developers can:

• Build structured product requirement documents with AI
• Generate reusable prompts and workflows
• Create data models through natural language
• Use AI for testing, documentation, and architecture
• Improve application quality through iterative collaboration

THE FUTURE OF POWER PLATFORM

Nick shares his vision for the future of Microsoft Power Platform and explains how tools like Power Apps, Power Pages, Dataverse, and Copilot Studio are evolving in the AI era. The discussion explores how Code Apps, Generative Pages, Single Page Applications, and AI-assisted development are changing the role of makers and enterprise developers. The episode also explains why Dataverse remains critically important as the secure and governed data foundation for AI-driven enterprise applications. Even in a world of autonomous agents and AI-generated apps, governance, security, compliance, and business logic remain essential. 

NATURAL LANGUAGE AS THE NEW PROGRAMMING LANGUAGE

One of the most fascinating parts of the episode focuses on how natural language is becoming the purest form of low-code development. Nick explains how developers are moving away from traditional syntax-heavy coding and toward conversational interfaces powered by AI systems. The conversation explores:

• Prompt engineering for enterprise development
• Voice-driven coding workflows
• AI-generated architecture diagrams
• Reusable AI skills and prompt libraries
• The evolution of developer productivity

Nick also explains why AI coding assistants are becoming more like pair-programming partners rather than simple autocomplete tools.

WHY GOVERNANCE AND DOCUMENTATION MATTER MORE THAN EVER

As AI-generated development accelerates, the importance of governance, documentation, and reusable prompts becomes even more critical. Nick explains why organizations must maintain control over:

• Source code repositories
• AI-generated prompts
• Documentation assets
• Test cases
• Security configurations
• Governance standards

The discussion highlights why future enterprise projects will require not only source code management, but also prompt management and AI workflow governance.

THE FUTURE OF BUSINESS APPLICATIONS

The episode also explores how enterprise users may soon interact with AI systems differently than today. Instead of opening separate applications for CRM, ERP, ticketing, or reporting, Nick predicts that users will increasingly interact through Microsoft 365 Copilot, Teams, conversational interfaces, and intelligent agents. This future includes:

• AI-driven customer support experiences
• Conversational business applications
• Agent-to-agent communication
• Automated workflows powered by natural language
• Intelligent enterprise collaboration systems

POWER PLATFORM, AI, AND THE NEXT GENERATION OF MAKERS

Nick also discusses how Power Platform makers must evolve in the AI era. Instead of focusing only on app creation, modern makers will increasingly need skills in:

• Business process analysis
• AI supervision
• Governance management
• Prompt engineering
• Solution architecture
• System thinking

The episode highlights how AI will not replace skilled developers or makers, but instead amplify creativity, productivity, and innovation for those who understand how to collaborate effectively with intelligent systems.

IN THIS EPISODE

• The rise of Agentic Coding and AI-assisted engineering
• How GitHub Copilot and Claude change software development
• Why Visual Studio Code is becoming central for Power Platform development
• The future of Power Apps, Power Pages, and Dataverse
• Prompt engineering and reusable AI skills
• Governance, compliance, and enterprise AI development
• Natural language as the future programming interface
• The evolution of makers, developers, and solution architects

ABOUT NICK DOELMAN

Nick Doelman is an independent Power Platform specialist, trainer, coach, Microsoft MVP, and Microsoft Certified Trainer. He previously worked at Microsoft as a Senior Content Developer focused on Power Pages, Power Automate, and Power Platform documentation and enablement. Nick is also a content creator, podcast co-host, and international competitive powerlifter representing Team Canada.

Become a supporter of this podcast: https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365--6704921/support.

Finance departments are entering one of the biggest technological transformations in decades. Artificial Intelligence, autonomous agents, Copilot experiences, automation platforms, and modern ERP systems are rapidly changing how organizations manage accounting, reporting, forecasting, procurement, compliance, and financial operations. But what does this transformation actually look like inside real Dynamics 365 Finance & Operations environments? In this episode of the m365.fm podcast, Mirko Peters sits down with Microsoft MVP and Microsoft Certified Trainer Billur Samdancioglu to explore the future of finance in D365FO, AI-powered business applications, Copilot experiences, autonomous agents, cloud ERP modernization, and how Microsoft is reshaping enterprise finance workflows. Billur Samdancioglu is a Dynamics 365 Finance & Operations expert, Microsoft MVP, Microsoft Certified Trainer, public speaker, and business applications specialist with deep experience helping organizations modernize financial systems and enterprise operations. Throughout the episode, Billur shares practical insights from working with enterprise customers, implementing D365FO projects, and helping finance teams navigate the growing impact of AI inside Microsoft business applications.

HOW FINANCE TRANSFORMATION IS ACCELERATING

The conversation begins with Billur sharing her journey into the Microsoft ecosystem and how Dynamics 365 Finance & Operations evolved into one of the most powerful ERP platforms inside modern enterprises. What was once viewed primarily as an accounting system has transformed into a fully connected digital operations platform capable of integrating finance, procurement, logistics, reporting, analytics, automation, and AI-driven decision support. Billur explains that many organizations are now facing increasing pressure to modernize legacy ERP systems because older platforms simply cannot keep pace with modern cloud expectations, automation requirements, AI integrations, compliance demands, and real-time reporting needs. Companies want faster processes, more visibility, better forecasting, lower operational overhead, and smarter financial insights — all while maintaining strong governance and security. One of the strongest themes throughout the episode is that finance modernization is no longer only about replacing software. It is about redesigning how finance teams actually work. AI is changing workflows themselves, not just the tools being used. 

WHAT COPILOT REALLY MEANS FOR D365FO

A major focus of the discussion centers around Microsoft Copilot and how AI assistants are being integrated directly into Dynamics 365 Finance & Operations. Billur explains that Copilot is far more than a chatbot inside ERP systems. It represents a shift toward contextual AI assistance where users can interact with business systems using natural language rather than navigating deeply complex enterprise interfaces. The episode explores how Copilot can already assist finance professionals with:

• Invoice analysis and validation
• Financial summarization
• Procurement assistance
• Reporting generation
• Data exploration
• Workflow acceleration
• Process guidance
• Forecasting support

Billur shares how many repetitive operational tasks inside finance departments are ideal candidates for AI-assisted automation because they involve structured processes, predictable data patterns, and repetitive validation activities. Mirko and Billur discuss how finance professionals increasingly interact with ERP systems conversationally instead of manually searching through dozens of menus, forms, and reports. Rather than spending time locating data, employees can ask business questions directly and receive actionable insights instantly.

AI AGENTS, COWORK, AND AUTONOMOUS BUSINESS PROCESSES

One of the most exciting parts of the episode focuses on autonomous agents and Microsoft’s vision for “Cowork” experiences inside enterprise applications. Billur explains that AI agents are evolving beyond passive assistants toward systems capable of independently executing tasks, monitoring workflows, identifying anomalies, and assisting departments proactively. The discussion explores scenarios where AI agents may eventually:

• Monitor overdue invoices automatically
• Detect unusual financial activity
• Recommend procurement optimizations
• Generate operational summaries
• Trigger workflows independently
• Escalate compliance risks
• Assist with budgeting processes
• Coordinate cross-department processes

Billur explains that Microsoft’s broader AI strategy increasingly revolves around collaborative AI systems where humans and AI agents work together rather than fully replacing employees. Instead of eliminating finance professionals, AI will likely remove repetitive administrative work and allow teams to focus more heavily on strategy, analysis, and business decision-making. The episode also examines the growing relationship between Dynamics 365, Microsoft Fabric, Power Platform, Copilot Studio, and Microsoft’s broader AI ecosystem. Modern finance environments are becoming increasingly interconnected, with data flowing across multiple systems simultaneously.

WHY DATA QUALITY BECOMES EVEN MORE IMPORTANT WITH AI

One of the most important insights from the conversation is Billur’s strong emphasis on data quality. AI systems are only as effective as the underlying data powering them. Poor ERP configurations, inconsistent business processes, incomplete records, or inaccurate financial information can quickly create unreliable AI outputs. Billur explains that organizations rushing into AI adoption without first cleaning up their ERP environments may face major operational problems later. Before deploying advanced AI capabilities, companies need:

• Structured master data
• Consistent business processes
• Strong governance
• Proper permissions
• Secure integrations
• Reliable reporting structures
• Accurate financial records

Mirko and Billur discuss how many organizations underestimate the preparation required before AI can deliver meaningful business value. AI is not magic — it amplifies the quality of existing systems and processes.

THE ROLE OF FINANCE PROFESSIONALS IS CHANGING

Another major theme throughout the episode is how the role of finance professionals is evolving. Traditional accounting work increasingly becomes automated through ERP systems, AI tooling, robotic process automation, and intelligent workflows. Billur believes the future finance professional will require a broader combination of:

• Financial expertise
• Technology understanding
• Data literacy
• AI awareness
• Process optimization skills
• Business analysis capabilities
• Strategic thinking

Rather than spending entire days performing repetitive transactional work, finance teams increasingly focus on interpreting insights, improving operations, supporting strategic decisions, and collaborating across departments. The conversation also highlights how younger professionals entering finance careers are already expecting modern digital tooling, automation, cloud-based collaboration, and AI-assisted workflows as standard workplace experiences.


 be compromised. The episode explores concerns around:

• AI governance

Become a supporter of this podcast: https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365--6704921/support.

What does secure cloud automation actually mean in modern Microsoft environments? How can organizations automate user management, identity workflows, Microsoft 365 operations, and Azure infrastructure without creating massive security risks? And why is Microsoft Graph becoming one of the most important technologies every Microsoft administrator should understand? In this episode of the m365.fm podcast, Mirko Peters sits down with Microsoft MVP Ahmed Uzejnovic to explore secure Azure automation, Microsoft Graph API, identity-driven automation, hybrid cloud infrastructure, PowerShell scripting, and the future of enterprise automation inside Microsoft ecosystems. Ahmed Uzejnovic is an IT automation and infrastructure specialist from Salzburg with a strong focus on PowerShell, Azure Automation, Microsoft Graph, identity security, hybrid environments, and enterprise-scale automation. Throughout the conversation, Ahmed shares practical real-world insights from building secure automation systems for onboarding, offboarding, identity synchronization, cloud governance, and operational management across hybrid Microsoft environments.

HOW A SIMPLE USER OFFBOARDING SCRIPT STARTED EVERYTHING

Ahmed’s automation journey started in local IT support where repetitive manual tasks quickly became impossible to ignore. One of the earliest examples he shares is user onboarding and offboarding. Administrators were spending multiple hours every day manually disabling accounts, updating systems, configuring permissions, handling Exchange tasks, and managing repetitive operational work. Instead of accepting repetitive manual work as “normal,” Ahmed started building small PowerShell scripts step-by-step to automate individual tasks. What began as tiny automation scripts eventually evolved into a fully automated user offboarding process that is still running successfully years later. This became the starting point for a much larger automation career focused on solving operational problems at scale. One of the strongest themes throughout the episode is Ahmed’s belief that automation is not really about scripts — it is about process thinking. Before automation can work effectively, organizations first need stable, repeatable, and clearly defined operational processes. Bad processes create bad automation. Good processes create scalable automation systems. 

WHY MICROSOFT GRAPH IS BECOMING ESSENTIAL FOR MODERN ADMINS

A major focus of the episode is Microsoft Graph API and why it is rapidly becoming one of the most important technologies inside Microsoft 365 and Azure administration. Ahmed explains that Microsoft Graph is essentially the backend operating layer behind Microsoft cloud services. Nearly every action performed inside Microsoft 365 admin portals, Azure portals, Intune, Entra ID, Teams, and Exchange eventually translates into API calls against Microsoft Graph. The discussion explores how Microsoft administrators can use Graph API to automate:

• User management
• Group management
• Intune administration
• Device management
• Microsoft Teams operations
• Azure identity workflows
• Authentication management
• Azure Automation processes
• Enterprise onboarding and offboarding

Ahmed explains why learning Graph API gives administrators deeper visibility into Microsoft services compared to only using graphical portals. Instead of clicking through interfaces manually, administrators gain the ability to programmatically manage workloads, build scalable automation systems, deploy repeatable configurations, and integrate Microsoft services into broader enterprise processes. One particularly interesting section focuses on how Ahmed uses Microsoft Graph documentation to discover what is technically possible inside Microsoft ecosystems. Before starting any automation project, he first investigates whether Graph endpoints already exist for the workload he wants to automate.

THE BIGGEST SECURITY MISTAKE IN AUTOMATION

When the conversation shifts toward automation security, Ahmed becomes very direct about one of the most common and dangerous mistakes organizations still make today: hardcoded secrets and passwords. Ahmed explains that many organizations still store credentials directly inside scripts, configuration files, or automation systems without properly securing them. While this may have been common practice years ago, modern cloud security threats make this approach extremely dangerous. A compromised script containing hardcoded secrets can potentially expose entire Microsoft tenants, identity systems, or enterprise infrastructure. The episode explores why organizations should instead adopt modern security practices such as:

• Azure Key Vault
• Managed identities
• Least privilege permissions
• Role-based access control
• Secure app registrations
• Identity-based authentication
• Federated credentials

Ahmed strongly emphasizes the importance of designing automation systems under the assumption that attackers may eventually gain access to scripts or infrastructure components. Because of that, automation systems should always minimize permissions and reduce blast radius wherever possible.

MANAGED IDENTITIES, APP REGISTRATIONS & ZERO TRUST

One of the most valuable parts of the conversation is Ahmed’s explanation of managed identities and secure authentication patterns in Azure automation environments. He explains how managed identities eliminate the need for storing passwords or secrets by allowing Azure services to authenticate securely using Microsoft-managed credentials. The discussion dives deep into app registrations, service principals, permissions, and Graph API authentication. Ahmed explains why many organizations incorrectly create single “super-powered” app registrations with excessive permissions that become extremely dangerous if compromised. Instead, he recommends splitting automation workloads into separate app registrations with tightly scoped permissions designed only for their specific purpose. Mirko and Ahmed also discuss several core security principles including:

• Zero Trust security
• Identity-first security models
• Least privilege access
• Conditional access
• Permission management
• Secure token handling
• Consent management
• Secure cloud governance

Ahmed strongly believes that identity has become the new security perimeter inside cloud environments. Rather than relying only on traditional network boundaries, organizations increasingly secure access through identity validation, conditional access policies, and tightly controlled authentication systems.

HYBRID CLOUD AUTOMATION IS STILL THE REALITY

Another important topic throughout the episode is the reality of hybrid infrastructure. While cloud adoption continues accelerating, Ahmed explains that most organizations still operate hybrid environments combining on-premises systems with Azure and Microsoft 365 services. Rather than completely replacing on-premises infrastructure overnight, many enterprises gradually extend workloads into Azure while continuing to maintain Active Directory, local databases, internal systems, and hybrid identity architectures. This creates new automation challenges where systems must securely exchange data across cloud and on-premises boundaries. Ahmed explains how Azure Automation hybrid workers, Azure Arc, Microsoft Graph, and secure identity models help organizations bridge these environments while maintaining operational consistency and security. 

Become a supporter of this podcast: https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365--6704921/support.