The real choice is not between locking the Power Platform down and letting people build freely; it is between ungoverned sprawl and governed enablement, and both extremes fail. Shadow IT, where business users build apps and flows with no oversight, creates real risk: regulated data sitting in unreviewed apps, no security review, and critical processes that depend on one person who has since left. But locking the platform down so hard that nobody can build kills the value you bought it for. The answer is a governed Power Platform: managed environments, data-loss-prevention policies, and a center of excellence that lets people build inside guardrails. i3solutions has run governed Power Platform at the scale of a federal defense agency supporting roughly 10,000 personnel.

If your organization has the Power Platform, you already have makers, whether you have decided to or not. People build apps and flows because the tools are in their Microsoft 365 license and the work in front of them is painful. The question is not whether citizen development happens; it is whether it happens with guardrails or in the dark. That reframes the comparison, because the honest alternatives are not freedom versus control, they are ungoverned shadow IT versus governed enablement.

Shadow IT carries specific, nameable risks, not vague ones.

Regulated data in unreviewed apps. A maker builds a useful app and, without meaning to, puts controlled data in a place that was never security-reviewed and may not meet your compliance obligations. In an aerospace, financial services, or healthcare environment, that is not a hypothetical, it is a finding waiting to happen, because the data went somewhere no control was applied.

No security or lifecycle review. Shadow apps are not patched, not access-reviewed, and not documented. Permissions drift, secrets get hardcoded, and nobody is accountable for the app’s security posture because officially the app does not exist.

Key-person fragility. The most dangerous shadow app is the one a department now depends on that was built by someone who has left. No documentation, no owner, no way to change it safely, and a business process quietly resting on it.

The wrong response to those risks is to lock everything down, because that just pushes the same work back into spreadsheets and email, or into a backlog IT will never clear, and you lose the productivity that justified the platform. Over-governance fails quietly: it looks like safety and it is actually just shadow IT in a different tool.

Governed enablement is the answer, and it is concrete. Managed environments separate where people can experiment from where production apps live. Data-loss-prevention policies stop the specific bad outcome, regulated data leaving into unsanctioned connectors, without blocking legitimate building. A center of excellence provides templates, standards, and a path to promote a good maker app into a supported one. The point of all of this is not to stop people building; it is to let them build without creating the risks above. Governance, done right, is what makes citizen development safe enough to encourage rather than something to fear.

A federal defense program coordinating 41 subcontracting agencies replaced weeks of manual consolidation with real-time automated compliance and audit reporting, the level of control an ungoverned shadow-IT sprawl cannot match.

When is lighter governance enough. A small organization, outside regulated industries, with a handful of makers and no controlled data, can run with light-touch governance and not pay for a full center of excellence. The calculus changes with regulation and scale: the more regulated your data and the more makers you have, the more the governance investment pays for itself by preventing the findings and the fragility that ungoverned sprawl guarantees.

What governed scale looks like is the proof that this is not theoretical. For a federal defense agency, i3 ran a governed Power Platform supporting roughly 10,000 personnel across about 180 locations, which is citizen development operating at serious scale precisely because it is governed, not despite it. For a state National Guard, the same approach moved dead-end InfoPath forms onto governed Power Apps and Power Automate, turning shadow-prone form-building into a supported, owned capability. In both cases the platform delivered because governance turned maker energy into a managed asset instead of an unmanaged liability.

Key Takeaways

  • The real choice is ungoverned shadow IT versus governed enablement, not freedom versus control; both extremes fail.
  • Shadow IT’s concrete risks: regulated data in unreviewed apps, no security or lifecycle review, and key-person fragility when the maker leaves.
  • Locking the platform down fails too; it pushes work back to spreadsheets and email and wastes the platform’s value.
  • Governed enablement (managed environments, DLP policies, a center of excellence) lets people build inside guardrails.
  • The governance investment scales with regulation and maker count. (i3 runs governed Power Platform for a federal defense agency of ~10,000 personnel.)

Frequently Asked Questions

Is shadow IT really a problem if the apps work?

Yes. Working shadow apps still carry regulated data into unreviewed places, are not security-reviewed or patched, and create key-person fragility when the builder leaves. The risk is in the lack of oversight, not in whether the app runs.

Should we just lock the Power Platform down?

No. Heavy lockdown pushes the same work back into spreadsheets and email or into an IT backlog, and wastes the platform you are paying for. It is shadow IT in a different tool.

What does governed enablement actually include?

Managed environments that separate experimentation from production, data-loss-prevention policies that stop regulated data leaving through unsanctioned connectors, and a center of excellence that provides standards and a path to promote good maker apps into supported ones.

When is light governance enough?

For a small, non-regulated organization with few makers and no controlled data. The need for fuller governance rises with regulation and the number of makers.

Can governed citizen development work at scale?

Yes. i3solutions runs a governed Power Platform for a federal defense agency supporting roughly 10,000 personnel across about 180 locations, which works because it is governed, not despite it.

If you suspect you have shadow IT on the Power Platform, you almost certainly do, and the useful first step is to see where it is and what data it touches. We can assess your current Power Platform estate, surface the ungoverned apps and the regulated data they hold, and lay out a governance model that keeps people building safely rather than driving them back into spreadsheets.

About the Author

Michael Branson, Founder and COO, i3solutions. LinkedIn