Skip to content

Control 2.1: Managed Environments

Control ID: 2.1 Pillar: Management Regulatory Reference: FINRA 4511, SEC 17a-4, GLBA 501(b), SOX 302 Last UI Verified: February 2026 Governance Levels: Baseline / Recommended / Regulated Last Verified: 2026-02-03

Agent 365 Architecture Update

Agent 365 lifecycle management complements Power Platform Managed Environments by providing cross-platform promotion gates and approval workflows. While Managed Environments continue to govern Copilot Studio agents, Agent 365 extends lifecycle governance to Agent Builder, Microsoft Foundry, and SharePoint agents. See Unified Agent Governance for lifecycle management architecture.

Objective

Enable premium governance capabilities for Power Platform environments by designating them as Managed Environments, providing enhanced control over sharing, solution deployment, usage monitoring, and maker onboarding essential for financial services governance.

Why This Matters for FSI

  • FINRA 4511: Usage insights provide activity records supporting books and records requirements
  • SEC 17a-4: Solution checker enforces change control for recordkeeping systems
  • GLBA 501(b): Sharing limits protect customer information from unauthorized access
  • SOX 302: Maker welcome content documents policy acknowledgment for internal controls

Prerequisites

Licensing Requirements

Managed Environments require Power Platform Premium capacity or equivalent licensing. Verify the following before implementation:

  • Managed Environment activation: Requires Power Apps, Power Automate, or Copilot Studio premium licenses, OR Dynamics 365 licenses, OR Power Platform per-app/per-user plans with premium entitlements
  • Advanced security features (IP Firewall, VNet, CMK, Lockbox): Require additional licensing beyond Managed Environment designation
  • Usage insights: Included with Managed Environment; no additional license required
  • Solution checker enforcement: Included with Managed Environment; no additional license required

Consult Microsoft Learn: Licensing overview for current licensing requirements.

Pay-As-You-Go Does NOT Satisfy Managed Environment Licensing

Enabling pay-as-you-go for a Managed Environment is NOT sufficient to meet licensing requirements if:

  • Users without standalone Power Apps licenses are using Power Apps in that environment, OR
  • Users without standalone Power Automate licenses are using flows in that environment

Pay-as-you-go consumption meters (Power Apps per app PAYG, Copilot Studio PAYG) do NOT satisfy Managed Environment licensing for active users—standalone premium licenses are required for each user accessing the environment.

Source: Microsoft Learn: Managed Environments Licensing

Critical Deadline: February 2026 Pipeline Requirement

Action Required: February 2026 Managed Environment Enforcement

Starting February 2026, Microsoft will automatically enable Managed Environments for any pipeline target environments that aren't already enabled.

Impact:

  • All pipeline target environments will become Managed Environments
  • Licensing charges may apply for environments without premium capacity
  • Developer environments are NOT affected (can remain unmanaged)
  • Pipeline host environments can be production without being managed

Required Actions:

  1. Audit all pipeline target environments in your tenant
  2. Verify premium licensing coverage for each target environment
  3. Proactively enable Managed Environment status to control timing
  4. Use Pipeline Governance Cleanup to discover and remediate personal pipelines before enforcement

Source: Microsoft Learn: Admin Deployment Hub

Control Description

Managed Environments provide premium governance capabilities for Power Platform environments, enabling centralized control over sharing, solution deployment, usage insights, and maker onboarding. When enabled, administrators gain access to governance capabilities including sharing controls, solution checker enforcement, usage insights, maker welcome content, and cross-tenant restrictions. Advanced security features such as IP Firewall, VNet support, Customer Managed Keys, and Lockbox require separate licensing and configuration beyond the Managed Environment designation.

For FSI organizations, Managed Environments are essential for enforcing governance policies at the environment level. The feature enables a "sterile default" strategy where all non-personal environments operate under controlled sharing, monitored usage, and enforced deployment gates.

Key capabilities particularly relevant for regulated financial services include:

  • Manage sharing - Limit how widely apps, flows, and agents can be shared
  • Solution checker enforcement - Block/warn on solution imports with security issues
  • Usage insights - Weekly digest of top apps and flows for compliance monitoring
  • Maker welcome content - Custom onboarding guidance communicating policy requirements
  • Cross-tenant restrictions - Control connector access across tenant boundaries

Key Configuration Points

Managed Environment Settings

  • Enable Managed Environment status for all non-personal environments
  • Configure sharing limits per resource type (Power Apps, Power Automate, Copilot Studio)
  • Set solution checker enforcement level: None (Zone 1), Warn (Zone 2), Block (Zone 3)
  • Enable usage insights with Compliance team as additional recipients
  • Configure maker welcome content with governance policy summary and policy links
  • Apply cross-tenant restrictions (disable inbound/outbound for regulated environments)
  • Configure masking rules to redact or mask sensitive data fields (e.g., SSN, account numbers) in agent responses within managed environments
  • Apply conditional access policies on individual apps within managed environments to enforce app-level authentication and authorization requirements beyond environment-level controls
  • Configure app allow/block lists to restrict which Power Apps and agents can run in each managed environment, supporting least-privilege application governance

Environment Provisioning Governance

  • Restrict environment creation to authorized admins: In Power Platform Admin Center > Tenant Settings, configure the following to "Only specific admins" for each environment type:

    • Developer environment assignments
    • Production environment assignments
    • Trial environment assignments

    This prevents uncontrolled environment sprawl where trial or developer environments may expose sensitive data or bypass compliance controls

  • Configure environment routing: In PPAC > Tenant Settings > Environment Routing, configure routing rules to ensure new environments are created in the correct region aligned with data residency requirements and organizational governance policies. This supports compliance with data locality regulations and optimizes resource management

  • Enable tenant isolation: In PPAC > Security > Identity and access > Tenant Isolation, enable "Restrict Cross-Tenant Connections" to prevent data from moving into or out of the tenant via Power Platform connectors. Configure explicit exceptions (by Tenant ID and direction) only for trusted partner tenants. Unrestricted cross-tenant connectivity increases risk of unintended data exchange and regulatory non-compliance

  • Configure environment security groups: In PPAC > Security > Identity and access > Environment Security Groups, assign a security group to each environment to control user access. Without security groups, environment access may default to broad access, increasing risk of unauthorized access to sensitive data and applications

Zone-Specific Requirements

Zone Requirement Rationale
Zone 1 (Personal) Apply baseline minimum; document exceptions for personal agents; environment creation restricted to admins Reduces risk from personal use while keeping friction low
Zone 2 (Team) Enable managed environment governance; require identified owner and approval trail; security groups required; tenant isolation enabled Shared agents increase blast radius; controls must be consistently applied
Zone 3 (Enterprise) Require strictest configuration enforced via policy; treat changes as controlled; security groups required; tenant isolation enforced; environment routing configured for data residency compliance Enterprise agents handle most sensitive content and highest regulatory risk

Roles & Responsibilities

Role Responsibility
Power Platform Admin Configure environment settings, enable Managed Environment, set sharing limits
Environment Admin Environment-level administration and user management
AI Administrator Copilot settings governance within managed environments
Compliance Officer Review usage insights, approve governance zone classifications
IT Governance Define sharing limit policies and solution checker requirements
AI Governance Lead Configure agent-specific sharing settings
Control Relationship
1.20 - Network Isolation VNet support implementation for private connectivity
2.2 - Environment Groups Group-level governance rules that complement environment settings
2.15 - Environment Routing Automatic maker placement into governed environments
1.4 - Advanced Connector Policies Data policies enforced within managed environments
2.3 - Change Management Solution deployment controls using solution checker
2.22 - Inactivity Timeout Enforcement Inactivity timeout policies operate within managed environment framework

Implementation Playbooks

Step-by-Step Implementation

This control has detailed playbooks for implementation, automation, testing, and troubleshooting:

Advanced Implementation: Configuration Hardening Baseline

This control is covered by the Configuration Hardening Baseline, which consolidates SSPM-detectable settings across all 7 mapped controls into a single reviewable checklist with automation classification and evidence export procedures.

Verification Criteria

Confirm control effectiveness by verifying:

  1. Managed Environment status shows enabled in PPAC environment details
  2. Sharing limits block attempts to share beyond configured thresholds (test with non-admin user)
  3. Solution checker blocks non-compliant solution imports (if Block mode enabled)
  4. Weekly usage insights digest arrives at configured recipient addresses
  5. Maker welcome content displays for new users accessing the environment
  6. Environment creation is restricted to authorized admins only (PPAC > Tenant Settings > verify "Only specific admins" is set for Developer, Production, and Trial environment assignments)
  7. Environment routing is configured for correct region (PPAC > Tenant Settings > Environment Routing)
  8. Tenant isolation is enabled (PPAC > Security > Identity and access > Tenant Isolation > "Restrict Cross-Tenant Connections" is on)
  9. Security groups are assigned to all Zone 2/3 environments (PPAC > Environment details > Security group)

Additional Resources

Advanced Implementation: Environment Lifecycle Management

For automated environment provisioning with Managed Environment status enabled from creation, see Environment Lifecycle Management.

Deployable Solution: environment-lifecycle-management provides Python automation scripts for Dataverse schema creation, security roles, and evidence export.

Agent 365 Blueprint Lifecycle (Preview)

Preview Notice

Microsoft Agent 365 SDK and Agent Essentials are in limited preview (Frontier program). Verify feature availability and GA timelines before implementing production controls dependent on these capabilities. Expect changes before general availability.

Agent 365 Blueprints introduce 3-phase lifecycle management that aligns with Managed Environment promotion paths:

  • Phase 1: Design - Define agent requirements and governance zone
  • Phase 2: Build - Develop in development Managed Environment

  • Phase 3: Deploy - Promote to production Managed Environment via Blueprint registration

  • Microsoft Learn: Agent 365 Blueprint (Preview) - 3-phase deployment framework

Implementation Note

Organizations should verify that their implementation meets their specific regulatory obligations. This control supports compliance efforts but requires proper configuration and ongoing validation.

Updated: February 2026 | Version: v1.3 | UI Verification Status: Current