Episode 431: Agent Governance Is the New App Governance
Welcome to Episode 431 of the Microsoft Cloud IT Pro Podcast. In this episode, Ben and Scott get into why agent governance is quickly becoming one of the most pressing challenges for Microsoft 365 administrators. As agentic workflows become more common across Copilot, Copilot Studio, and third-party platforms, organizations are dealing with a sprawl problem that looks familiar but hits differently. Agents bring their own identity, data access, permissions, lifecycle, and security concerns all at once, and unlike traditional apps, a single user can now have dozens of agents acting on their behalf or autonomously across Teams, SharePoint, Exchange, and beyond.
The episode walks through Microsoft Agent 365 as a starting point for building that control plane, including the agent registry, user and permission scoping, and the certification tab where publisher attestation gives some visibility into compliance claims though with notable gaps. Ben and Scott also touch on the Shadow AI preview in the Frontier program, the challenges of graph permission readability in the permissions view, and why the agent lifecycle problem, think what happens when the person who built a custom agent leaves the org, is something administrators need to start thinking about now before consumption billing turns an unmanaged agent into a surprise line item.

Your support makes this show possible! Please consider becoming a premium member for access to live shows and more. Check out our membership options.
Show Notes
- Overview of Microsoft Agent 365
- Episode 409 – Preparing for Copilot- Securing Your Microsoft 365 Data and Beyond
- Episode 425 – Exploring Collaboration and Governance at the MVP Summit with Joy Apple
- Manage agents in the Microsoft 365 admin center
- Agent management in Microsoft 365 admin center
- Shadow AI in Microsoft 365 admin center (Preview)
- Understand agent details in Microsoft 365 admin center
Sponsors
![]() |
Nasuni is a leading unstructured data platform for enterprises where file data is mission-critical for both people and AI. Nasuni powers the operational file layer where work happens — helping organizations manage, protect, and activate data so teams can work smarter, reduce costs, and operate securely without limits. |
![]() |
TrustedTech is a leading Microsoft Cloud Solution Provider (CSP) specializing in Microsoft Cloud services, Microsoft perpetual licensing, and Microsoft Support Services for medium and enterprise-sized businesses. Their robust team of in-house, U.S.-based Microsoft architects and engineers are certified in all 6/6 Microsoft Solutions Partner Designations in the Microsoft Cloud Partner Program. |
![]() |
ShareGate is your migration and governance solution for Microsoft 365. ShareGate helps your teams simplify tenant migrations, get Copilot-ready, and take control of Microsoft 365 governance. |
![]() |
Intelligink — Would you like to become the irreplaceable Microsoft 365 resource for your organization? Let us know! |
Published on:
Learn more


