Intro

Hey everybody!

Today we're going to talk a little bit about Dataverse security.

I've gotten a few questions recently about Dataverse security:

• What are the options? What can we do different scenarios?
• And, How to approach them?

So, I'd like to do a quick video to kind of go over some of these scenarios and options, and show you what's possible with Dataverse security.

So let's get into it. okay?

Options in Dataverse's Security

Okay, first I wanted to lay out the different options that we have in Dataverse's security. Now, this isn't exhaustive. We also have 'Access Teams' which I'm not going to cover in this video, but the three main ones that I usually work with the most are:

But, the three main ones, that I usually work with the most, are:

• Organizational - Which is open to everything. Everyone has access to everything.
• Business Units - Which follows a strict hierarchy between the 'Business Units'. So Business, Child Business Unit, Child Business Unit. Beneath that it will flow along that linear line of 'Business Units'.
• Owner Teams - Which is the more flexible route that you can add to your environment. So, you can create teams, and you can add users to those teams, and they can be in one or many teams. You can then assign 'Owner Teams' to records in Dataversese and anybody, part of those teams, will then have access to those records as long as you set your security roles accordingly.

So, let's take a look at a couple scenarios that I've created here regarding 'Owner Teams' and 'Business Units'.

Business Units in Dataverse Security

Let's take a look at 'Business Units' first.

So I have two browsers open side by side. One is with a demo user called Scotty Security, and another is with my profile in our tenant.

Now, in my tenant I have the parent 'Business Unit' assigned to my profile, and in Scotty Security I have a child 'Business Unit' called Denver assigned to that user.

I have a table at the bottom here called 'Demo Business Unit Security'.

I have two records created in that table. One is created by myself and I have the parent 'Business Unit', Rockhop, and I assigned that to the owning 'Business Unit'. The other is created by Scotty Security who has the Denver Business unit.

Now you'll notice that there's a difference in records between both of these views. Since I'm in the parent 'Business Unit', and my user is in the parent 'Business Unit', I can see all records in that 'Business Unit'. And, any child records. Whereas, Scotty Security has the exact same permission assign to their security role, so they can't see anything above their 'Business Unit'.

Rockhop is a parent of the Denver Business, so Scotty Security cannot see anything above that.

Owner Teams in Dataverse Security

Okay, so that was 'Business Units'. Now I want to switch over to 'Owner Teams'.

I quickly want to show you the setup here. I have a team inside my environment called 'Demo Denver Region', and Scotty Security is inside of this team. If I switch over to the app, I have a record inside of the demo company's table. In the security role for Scotty Security and myself I have the user permission assigned to this table for that security role. So, if I am the owner of that, only I will be able to see that. Or, if a team is an owner of that record then whoever's in that team will see that record.

So right now 'Demo Denver Region' is the owner of this record, so we both can see this, as Scotty's a part of this and my account is actually a system administrator.

Now, what happens if I were to change this?

I'm going to make this my user and I'm going to save and close.

Let's refresh. I'm now no longer able to see that record. You'll also notice that the job and sub-jobs underneath this company have been assigned a new owner, and that's me because I have set up the parental relationship from companies to jobs to job. So, that owner assignment will trickle down to any child records underneath companies.

Now, let's just do this one more time to show you when I assign a user or team 'Demo Denver Region' that will trickle down to any child records.

And, now Scotty Security can see that.

So that's 'Owner Teams':

• Fairly flexible.
• Users can be a part of one or many teams.
• And, you can assign teams to records so that anybody in those teams can view those records.

Owner Teams Options

I quickly want to cover a couple of options that you have with 'Owner Teams'.

I'm going to navigate over to the team section in my environment inside of the Power Platform admin Center. And, then when I go to create a team, I have a few options of how I want to create that team which offers some flexibility.

Select whether you want it to be an 'Owner Team', an 'Access Team', a 'Security Group', or an 'Office Group' team.

Now, what do each of those mean?

I stated at the beginning of this video that I'm not going to cover 'Access Teams' as those are a different topic in itself. So, I'll cover 'Owner Security Group' and 'Office Group' as they all act as a similar type of team.

An 'Owner Team' is one that you will create custom within this environment, so you will add users to this team within the environment. Now, if you don't want to manage users within your Power Platform environments you have the option to create an 'Owner Team' from an 'Intra ID Security Group' or an 'Intra ID Office Group'. So, when you create a Security Group, you can associate that Security Group with a team inside of your environment so you can then search for your Security Group.

In this new team creation wizard, the same thing goes for an 'Office Group'. That can be managed outside of Power Platform, so pretty useful in terms of managing users for apps.

Okay, so those were the couple scenarios I wanted to quickly show you to demo 'Owner Teams' and 'Business Units' to give you some flexibility around security in your Dataverse environments.

Now, there's a bunch of other security options that you can do inside of Dataverse. These are the two main ones that I typically use on solutions and usually fits most of the criteria in terms of security requirements on any given solution.

So I hope this was helpful to explain how Dataverse security works.

Have a great rest of your day, and happy power platforming!

Intro

Hey everybody, welcome back!

Today I wanted to quickly talk to you about data flows and how they can be utilized alongside Alm within Power Platform. I've got a quick demo to show you how you can set up data flows between your Dev, test, and production environments specifically around Dataverse.
So let's go check this out.

Demo Environment Setup

So, I have a solution within our Rockhop environment around an out of office app. I have two tables, two Dataverse tables within this solution. One is really just a lookup table that I use for the main submission table. I want to demo how we can set up a data flow to take the data that's in production and sync it back down to our test and our Dev environment so that we get live up-to-date data for testing and development purposes, throughout the life cycle of our application.

Some other areas where this is super beneficial is you can have external data being synced with your production environment and then that data is then synced down to your Dev and test environment. So, you really only need to set up one data flow with external systems to your production environment, and have that data trickle down to your lower environments.

So I have my production environment here, and I have one record.

I have my Hawaii vacation that I wish I was taking, and I have a couple of leave types entered into this table.

Now, let's go ahead and set this up, and just so we take a look at Dev. We do not have any records within Dev right now, but I would like to sync production data to Dev.

So let's go ahead and setup a data flow.

Demo

So, I'm in my Dev environment. That's where I'm going to create this data flow and I'm going to be reaching out to my production environment to sync the data.

• I've got my start from blank data flow.
• I've entered in my production environments URL.
• And, for advanced options I make sure that I include relationship columns.
• And, then I'm going to create a new connection.

Let's go ahead and send it in.

All right, we'll click next, and search for our leave and out of office Mission table. And, we'll go ahead and transform data.

Okay, so we've got both tables here. Now, I'm not going to do anything special with this data. I'm just going to take it as is; no Transformations.

Click next.

We're going to load to an existing table, and we're going to look for our Rockhop leave type.

I'm even going to select and delete rows that no longer exist in the query output, so it's going to truly keep those two tables in sync, and it will delete anything that's added in Dev and does not match production.

And, I'm going to specify a key that I've created. Now, you can create a key, or you can use the the unique ID that Dataverse provides.

Then we'll do the out of office submissions. Load existing. Searching does not work in this so you have to go and search out of office submission. Again, I'm going to keep these in sync, and I'm just going to use the out of the box primary key here, with the unique ID. I do have a key created on this table as the names will all be unique and it's an auto number column, but we're just going to use the one that they create for us.

So, we've mapped both tables. We can click next. And, we can just refresh this manually. We can also set a schedule for this, but for now I'm just going to do a manual refresh whenever I want data up to date with production.

This is going to publish, and then it's going to kick off the refresh after it publishes, so I'm going to go ahead and pause this.

Okay so, that refresh is finished. It took a few minutes for that to happen, but if we go into our Dev environment we can now see our leave types have been updated in Dev now. And, we also have our out of office submission, and it also takes the unique ID that we have in production. Since we're using that as the key, it does sync that as well. So everything truly is completely in sync with our production environment.

So pretty awesome!

That was my demo on data flows and Alm within Power Platform.

Thank you for joining today, and happy power platforming!

Intro

Hey everyone! I hope you're having a great day.
Today I want to do a really quick video to show you a really, really, cool feature on model-driven apps that's just been released, and that is -- Copilot within model-driven apps.
So let's go check it out and see how we can turn this on.

Demo

So, I'm in my model-driven app now, and I have a customer ticket demo that I've created. And, we've got a bunch of customer tickets in here, but I have a few questions that I want to ask this app. So, let's go ahead and ask it and see how it responds.

Question: "How many tickets we've completed as a team?"
We've completed two tickets. That's great! Thanks for counting that for me co-pilot.

Question: "How many tickets are open?"
We've got a couple tickets open and it actually list them out, and I can see them all on the page as well.

So, it'll give me a filtered view on these tickets. Pretty cool!

Question: "What tickets am I assigned to?"
Hey, look at that. I have two tickets assigned to me, and again I can see them all on the page, or I can individually click on any of those tickets.

That's pretty useful!

Turn on Copilot

Now I know this was a very small data set but imagine a much bigger data set and how compelling model-driven apps and Dataverse are now with this Copilot feature built right in. Let's check out how we can turn this on for your environment.

All right, so I've headed over to my Power Platform admin Center and I've navigated to the environment where my model-driven app lives.

You need to make sure, in the update section that the 2024 Release Wave One is turned on. Once you do that it will install the updates in your environment and then you should see that Copilot pop up on your model-driven apps going forward. Pretty awesome!

So, that was my quick update on model-driven apps and the really cool new Copilot feature that you get for free with model-driven apps and Dataverse.

So thanks for joining me today.
I hope you all have a great rest of your day and I'll catch you soon!

Video Transcript

Hey team, this is Venice and in this video I want to show you what Copilot within Power BI looks like.

As you know, we have a bunch of different Copilots in play. And so I've heard questions from customers exploring well, what can specifically Copilot in Power BI do for me, right? Why should I get Power BI? Why should I get the certain capacity needed in order to utilize Copilot?

In this example I'm going to explore that with you. I have S64, Fabric 64 Skew and Azure turned on in order to see Copilot within this workspace. And we're going to explore a couple of examples, all within the function of showing off what Copilot can do. And really the goal of Copilot within Power BI is to help folks understand their data better. Right? And be able to ask questions upon their data. So Copilot can see everything within the workspace here, and I can ask questions along the lines of instead of me going into the report and searching for an answer to a question I have, I'm able to ask Copilot to do that for me to save me time if I don't know where to find it. Right, and it really takes search one step further where you're not searching to narrow down what you're looking for and then finding the answer yourself. The goal is that Copilot helps you find an answer, right?

So, previously if I would have searched for Riley Johnson in order to answer the question that I had of "How many opportunities has Riley Johnson won?" I can ask Copilot that question instead and I'm still directed towards where I can find more information or where they found that information so that I understand where the data is coming from.

Another example, if I would have previously searched for close percentage or product categories I can ask Copilot what I'm looking for of "What is the close percentage and which product category has the highest closed percentage?" And, I'm given that answer with where to look to find that information as well. So, it's helping me navigate and narrow down the search for what I'm looking for.

It really takes it one step further though, because often times with reports and analytics a user is stuck with what is designed or they're exporting to excel to find exactly what they're looking for. Copilot opens that up so that I'm able to ask questions about my data even if there's not a visualization specifically built to help me identify that. So for example: "Which managers have the highest close percentage?" Here are the top three managers with their respective close percentages, and I'm able to understand who those managers are. But this visualization only shows it at the owner level, and each manager has many different sales owners associated with them. I want to zoom out a little bit and understand: "How are the owners doing?" "Are there any differences between owners?" Where previously I would have had to export the data on the back end create this pivot table for myself to be able to view the data how I want to see it I'm able to ask Copilot to do that for me.

So it summarized the data across the different owners at the manager level so that really it helps me avoid taking the data to excel. It saves me the time that it would take for me to manipulate it myself and I'm able to get my questions answered right in that context.

I'm also able to use Copilot to help me not just find the data that I'm looking for but help me answer the questions that I'm looking to get answered by coming to this report, right? So, I'm not just looking for specific rows of data but I'm coming here to understand what changes should I be making to how I am handling my sales Pipeline and my sales team Etc.
So, I'm able to ask Copilot questions like, where should we divest sales based on the data that we have.

Copilot is able to operate across the whole data set and perhaps find relationships and patterns that I can't even see or haven't been built in visually into the report yet. So, I ask Copilot where should we divest and it has given me a couple of ideas. Unfortunately that's um suggesting to maybe let of some of my salespeople go, look at product C categories that have a low close rate, and look at folks that are having a low close rate.

So, this gives me some ideas of across all of the visualizations where should I drill into and really saves me some time in doing the analytics myself.

In a more positive light I can ask questions like what could be a mover or a driver to close the opportunities that I have already, using the data that you have exposure to Copilot and here are some suggestions that it's come up from me:
Improving engagement with high performing owners
Looking at the sales owners that are closing a lot of deals
Then maybe let's look at our product strategy. Here our data suggests customers show high interest in certain products like an e-reader.

Focus can be increased in these areas and then look at the owner management pairing, right? Who can we pair high-performing managers with owners to get better results.

So, those are some interesting examples. And, maybe I would have come across those ideas myself by looking at these reports. Maybe not, right? But, either way it saves me time and creates new data driven insites for the people looking at the report so, takes it a couple steps further from just filtering the report via search.

Thank you so much for watching and please reach out to us to discuss how your organization can utilize Power BI and Copilot.

Have a good one!

Microsoft Copilot Security and Governance

Microsoft Copilot Instances