Microsoft explains self-serve Power platform's bypassing of Office 365 admins to cries of 'are you completely insane?'

Well

Its a great idea from Microsofts perspective, almost like 'ooh, heres a way to print some more free money'...

For the short staffed and busy IT department and accounts, its more of a: 'why the flying f*** have those idiots done this to us?'

Would MS hand your IT dept a blank cheque? So why the reverse should happen is beyond me

"Microsoft will provide standard support for self-service purchasers."

So the end-user will contact Microsoft for support. There will no doubt be situations where there is a difference of opinion between what MS Support says and what In-House IT Support says. Will refunds be issued on the basis that the software cannot be effectively used by the purchaser? Will MS Support suggest ways to put pressure on In-House IT Support? (Oh I see this is locked down, you need to ask your IT people to do this), leading to needless disputes between consultancy-focused IT staff and management.

A very long time ago in a company far far away..

Early 90s I guess, when laptops were new, huge and cost a lot of money. I'd tried to convince the company to buy me one; I had the budget but IT did all the IT purchasing and they said no. I assumed that they were just being awkward-as-usual.

I was PM on a big comms project which used a PC as a control and monitoring system and the customer requested a contract change to provide a laptop version instead of the usual desktop. As a result we had to find a suitable laptop and then give it a part number so that we could buy it, configure it, create a drawing and config. pack, etc.

It went on the system (IBS) described as a Portable CMS Base Unit. Realizing that it was now just a part, I simply raised a P/O for one on my budget. Purchasing didn't recognize it as IT kit, so IT were bypassed and a few weeks later I got a shiny new Compaq laptop. As I unpacked it in my office I stuck two fingers up in the general direction of IT, plugged it in and turned it on. It worked OK, but there was only DOS, no Windows, no installation disks, nothing ....... you all know where this is going. I called IT to explain my problem and a senior IT bloke turned up instead of the PFY loaded down with installation discs that I was expecting. He politely reminded me that all IT kit had to be approved by IT, told me it wasn't supported by them and he'd only set it up if instructed by the IT director. He also told me not to bother calling the IT director because the second word would be "off". He was professional enough not to laugh at me until a few years later when we had developed a good working relationship due to one of us growing up a bit.

So I was the cocky PM with a £2k Compaq brick in my office.* Every time I went near IT for anything they always asked after my laptop. A couple of years' later when laptops were eventually rolled out mine was always "due in the next couple of weeks" and I was probably the last PM to get one.

*I transferred it onto the project --not without a lot of embarrassment-- so it wasn't wasted.

I can't speak for other countries, but certainly in the UK company directors are personally liable for unlicensed software being used in their company. As a result, most companies once they get to a certain size have pretty draconian software policies and centralised licence administration. My last employer even had spyware installed on all company PCs that looked for unlicensed software and deleted it. So if it was something you'd bought yourself it would only get deleted anyway as it wouldn't be in the central licence database.

"we're being responsive to our customers who have requested this capability"

Maybe users have requested it, but Microsoft are forgetting that their customers are the businesses/organisations that employ those users. Attempting to bypass their controls on what is purchased and installed is a trifle arrogant and might backfire big time if businesses defend themselves by blocking all such purchases as a matter of principle.

A few problems I see...

First up - users come up with something super-whizzy, but it grows to a size and scale they can't afford. Rather than abandon it, they'll just try to make it IT's problem.

Secondly - if someone comes up with something good and the company comes to rely upon it, what happens if that person leaves/gets handed a P45/falls under a bus ? The company holds the data, but the user apps evaporate when the money stops flowing.

Finally - some 365 services only store their data in the States. This doesn't affect PowerBI directly, but things like Sway and Whiteboard hold their data on the left side of the pond regardless of where your 365 tenancy lives. Embedding PowerBI reports into Sway could be interesting in terms of data protection, depending on the output of the embedded report.

Ha ha ha...

Microsoft said that "IT departments and partners aren't expected to provide support for products bought through self-service purchase. "

Many moons ago

back when I was a junior dev in South Africa I worked for a large forestry company. This company had a lot of research staff who liked to fiddle.

One several occasions we would have this scenario: there would an MS Access db application that one of the researchers had cobbled together to help him in his day to day work. He would then share this with his colleagues. And in some cases the researcher would have moved on to a new job, shuffled off from this mortal coil, or simply forgot what was happening in the back ground of the app

Then suddenly IT would get a support ticket as something had gone wrong, and as the whole department was now using this Access App it was mission critical.

Ok, where is the documentation? What's that.

Ok, what does it do in the background? Not sure (often some very complicated modelling).

Do you really need it? Yes!

And so a rewrite of the MS Access App into Oracle and .NET1.1 would start.

My boss eventually banned all users from having MS Access.

Translations

"The intent of the self-service purchase option is to enable users to develop their own solutions to unlock productivity [...]"

either

"The intent of the self-service purchase option is to increase our revenues by bypassing corporate budgetary controls in the face of a dwindling market".

or

"The intent of the self-service purchase option is to force an many folks as possible onto the subscription-based cloud".

or maybe both.

Daft levels of daftness

Microsoft claimed only that "we're being responsive to our customers who have requested this capability", adding that "organizations can rely on their own internal policies, procedures and communications to ensure that those individuals making self-service purchases are complying with company policies".

Customers will also request that their password be made the same as their house number and be automatically updated if they move home. Just because a bunch of people request something doesn't make it a good idea, especially if it's a bunch of people who may very well have a narrow understanding of the situation and no concept of the implications. Bad Microsoft. Go sit on the naughty step -- and don't fidget!

IT Screwed over by Microsoft

This has pretty much always been MS's modus operandi. The always sold to other staff (in the past senior management and let IT pick up the pieces later). Things like Outlook, pretty much needed Exchange with this, but certainly (esp in the early days) wasn't the best email/groupware server out there, IT just had to suck it up.

We are going to see a lot more of this as the cloud becomes the only option, easy to get into for management, "hey we can save money on IT, we don't need to buy all this stuff", to "wow this is expensive to run month to month, IT how did you let this happen!".

Microsoft is enabling "Shadow IT"

Not surprising. Companies buying tons of licenses for office suites, and who will be fined by the BSA for having unlicensed copies (or where the license cannot be located) are leery of shadow IT where end users buy whatever software they want. Microsoft is still working from the idea that "Really, all PC users are hobbyists who are running a little non-networked machine to play with Basic programming."

They are really pushing for the world of cloud computing where a lot of companies are unable to control department-level shadow IT. At least in the cloud model, the licenses are sorted.

"As employees become more independent and better versed in technology"

Yes they may be becoming more independent but sure as shit they're not becoming better versed in technology.

It's bad enough with "DevOps" teams running rogue and building plies of crap with dodgy support schemes to prop them up. Now MS are making it easy for random punters in an organisation to throw in whatever they want.

What could possibly go wrong?

But that's ok - it's "boosting productivity".

This is of course the thin end of the wedge. One day it'll be other O365 products, like extra office 365 Premium licences. As a managed service provider, we rely on selling these to customers (usually small businesses), and for that we provide a service. If the customer can just bypass this can get their own licences (possibly cheaper), then we'll have to start saying "no, we can't support the new employee you just hired and bought your own licence for, bypassing us". It's just going to create more problems than it solves.

Microsoft knows best

"Currently the company is in effect stating that it knows better than IT admins what is best for their users."

This has been Microsoft's attitude for a while.

"We don't like the ribbon." -- "SHUT UP! We know what is best."

"We don't like the Windows 8 touch interface." -- "SHUT UP! We know what is best."

"We don't like not having control of updates in Windows 10." -- "SHUT UP! We know what is best."

It is hubris, plain and simple. Microsoft is in a a powerful position because they know people have little choice. OSX is Apple only and Linux is an unknown to most. They know they can get away with a lot because you have little choice except to take it. One day they may go too far.

"As employees become more independent and better versed in technology,

What? who? where?

The intent of the self-service purchase option is to enable users to develop their own solutions to unlock productivity and drive business impact, while respecting organizations’ data governance and compliance."

Users developing their own solutions, no just no! We all know governance will be straight out of the Window/s. Data Protection / GDPR?!?

Microsoft said that "IT departments and partners aren't expected to provide support for products bought through self-service purchase. Microsoft will provide standard support for self-service purchasers."

Good theory but in practice it's the IT department that will get the calls.

When I was a BoFH, the disk failed in a server that held a lot of vital data. I was called into the CEO's office and asked to explain why this server wasn't backed up. I replied that it was not my problem. The department concerned had bought it and set it up themselves without involving the IT department.

Things did not go well for the manager of that department.

Meanwhile I got a lot of credit by using some fancy low-level disk tools to recover most of the data.

On site Office

I guess this is why MS is making purchasing on site Office installs progressively harder. They have really been pushing O365 the last couple of years (and we know they wouldn't do that if there was less money to be made) and now they are providing scope creep to the users. Nice.

I'm just a user

I'm just a user here for the puns in the headlines, but even I can see this is a clusterfuck of an idea...

Microsoft said, and there are no current plans to extend it to other Office 365 services.

There might not be plans to extend it, but I bet they have goals of extending it.

Same old bollocks just in the "cloud"

Such a bad idea and not even new. So a certain place I was once at decided to bring in "low code" so "Departments can create their own apps. No longer will we be locked to external companies and their apps that are no longer updated". Then they realised low code isn't as easy as it was sold so the departments can't have it. A "Development" team are required to managed them all. What? So Inhouse development that years ago you abandoned and outsourced to all the 3rd party companies and their apps.

Ooo, what were you doing before that then? You bought it the "low code" idea and let everyone free to create apps with MSAccess, this was over 10 years ago. What happened with that idea, the idea that sounds exactly like what you're doing again! and the idea that MS are touting in this article. Oh, what’s that? I can't hear you. Did people create MSAccess apps for their department, with no thoughts on security and no thoughts (because they are also busy having to do their actual day job) of writing up documentation for that app. So, then what happened? That person was made redundant or retired you say? So, then you had to employ actual developers to maintain those undocumented apps. And because those developers also had their own work to do, they had to try and work out how this legacy app works. I know of two such MSAccess apps that were REALLY old but they so heavily relied on but the everyday joe/jane that was allowed to create them was LONG gone.

I have no problem with non-developers developing, that's how we all learn, but this isn't the way too do it Microsoft! And even if this isn't developing as such, the setup of said app still won't be documented by these departments. Especially if it's not something they are used to.

Same old bollocks but now in the cloud with a more costly bill because instead of being a one off purchase app, that a company with little money can carry on, reluctantly supporting way past end of life, it will be a monthly sub instead. Same old bollocks is going to happen again. People/departments are going to get excited. Buy the apps, create what they need that suits them. Not think about security. Not think about creating documentation and then decide to quit, retire or be made redundant.

This is a totally stupid move by MS and it makes me think, is all the shit from this really worth it? Maybe time to run ggogle docs through its paces again!

Appears the complaints have amassed

And they are now putting in the option for IT Admins to disable the option to purchase on an app by app bases via Powershell.

Is in the Weekly Digest get sent for Office 365.

"MC193609

Plan For Change

Published On : 21 October 2019

UPDATE as of October 31, 2019: Over the past week, we’ve been listening to your feedback regarding the rollout of our self-service purchase capabilities for Power Platform products. To those of you who provided your input, thank you! Based on your feedback, we’ve adjusted our approach to better address the needs of both IT admins and end users within organizations. We’re making the following changes to our plan:

On November 19th, we will provide IT admins a way to turn off self-service purchasing on a per product basis via PowerShell. More details will be forthcoming.

To provide more time to prepare for this change, we are updating the launch for self-service purchase capabilities for Power Platform products to start with Power BI on January 14, 2020 for all commercial cloud customers.

Thank you again for taking the time to provide your feedback. We look forward to a continued partnership to help empower organizations to achieve more."