DEV Community: Apil Faterpekar

How I Automated Software Access Requests Using Microsoft 365

Apil Faterpekar — Tue, 30 Dec 2025 12:34:30 +0000

Background: The Problem I Needed to Solve Like many IT teams, we initially managed software access requests using emails and Excel sheets. Users would request access over email, managers would approve informally, and tracking licenses—especially temporary ones—was largely manual.
As the sole person handling IT operations, this quickly became unsustainable:
• No clear audit trail
• Missed revocations for temporary access
• Duplicate requests
• Too much dependency on memory and follow-ups
I needed a simple, reliable, and auditable system—without introducing new tools.

Objective: What I Wanted to Achieve
The goal was straightforward:
• Standardize software access requests
• Enforce manager approval
• Track request status end-to-end
• Automatically remind IT about temporary access expiry
• Maintain a clean audit trail
All using Microsoft 365.

Tools Used (Microsoft 365 Stack)
I intentionally kept the solution lightweight:
• Microsoft Forms – User request intake
• SharePoint List – Central system of record
• Power Automate – Workflow orchestration
No custom code. No third-party tools.

Solution Design: How the Automation Works

Software Request Submission Users submit a request via a Microsoft Form with details like: • Software / application name • Access type (Permanent or Temporary) • Business justification The form confirmation clearly tells users that manager approval is required, reducing confusion. ________________________________________
Automatic Request Logging Once submitted, Power Automate: • Captures user details • Identifies the reporting manager • Creates an entry in a SharePoint list • Sets the initial status to Requested This SharePoint list becomes the single source of truth. ________________________________________
Manager Approval Workflow The manager receives an approval request: • Approve or Reject • Optional comments This removes informal approvals via chat or email and creates a clear approval record. ________________________________________
Status Updates & Notifications • Approved requests move to Provisioned • Rejected requests notify the requester immediately • Users receive clear email updates at every stage Everyone knows where the request stands. ________________________________________
Temporary Access Monitoring For temporary access: • Power Automate checks End Dates daily • IT receives reminders for overdue access • Access can be revoked and tracked properly No more forgotten temporary licenses. ________________________________________ Results: What Changed After Automation The impact was noticeable almost immediately: • Reduced manual follow-ups • Clear ownership and accountability • Better license compliance • Faster audits • Less operational overhead Most importantly, the process became predictable and transparent. ________________________________________ Key Lessons Learned A few practical takeaways from building this: • SharePoint internal column names matter • Date handling in Power Automate needs careful design • Clear user communication is just as important as automation • Simple workflows are often the most effective Automation doesn’t have to be complex to be valuable. ________________________________________ Final Thoughts This solution wasn’t built as a large enterprise system—it was built to solve a real operational problem using tools we already had. If you’re still managing software access through Excel and emails, starting with a simple approval-based automation can make a huge difference. ________________________________________ 💬 Open question for readers How are you currently managing software access and approvals in your organization?

Mastering Access Audits and Credential Cleanups: Strengthening Your Security Posture

Apil Faterpekar — Wed, 25 Jun 2025 08:11:01 +0000

In today's cloud-driven world, managing access and credentials is one of the most critical aspects of maintaining a secure IT environment. Yet, it's often overlooked, especially during periods of organizational change, such as client transitions, employee offboarding, or rapid growth. Without a structured approach to access management, organizations expose themselves to security risks, compliance issues, and operational inefficiencies.

The Hidden Risk: Orphaned Accounts and Disorganized Credentials
Many organizations struggle with undocumented credentials, outdated admin accounts, and lingering access for former employees. These lingering access points are more than just an organizational nuisance—they're a real security risk. Unused or undocumented accounts can be exploited by malicious actors, leaving the organization exposed to data breaches and compliance violations. Furthermore, unused licenses incur unnecessary costs.

Building an Effective Access Management Framework
To address these challenges, organizations should adopt a structured, step-by-step approach that emphasizes visibility, organization, and security.

Comprehensive Credential Audit Start by auditing every credential across your environment. This includes: • Validating each account's purpose and access level. • Cross-checking credentials against active users and systems. • Identifying any orphaned or unknown accounts.
Centralized and Secure Storage Use a secure, centralized password management tool to store validated credentials. Organized folders and clear access controls ensure visibility and security, reducing the risk of credential sprawl.
Application and User Access Review • Create an inventory of all third-party applications and internal systems. • Document access status for every user, current and former. • Collaborate with HR, team leads, and IT to cross-check exits and active accounts. • Leverage admin portals and security dashboards to validate and deactivate orphaned accounts. ________________________________________ Best Practices for Ongoing Access Hygiene An effective access management process should be ongoing, not a one-time exercise. Key practices include: • You Can't Secure What You Can't See: Build and maintain an accurate access inventory. • Credential Organization Matters: Secure tools like password managers eliminate the chaos of scattered credentials. • Offboarding Is a Team Effort: IT, HR, and department leads must work together to ensure no lingering accounts slip through the cracks. • Audits Should Be Routine, Not Reactive: Regular access reviews should be part of your organization's security hygiene. ________________________________________ The Business Impact: Security, Efficiency, and Compliance Proactive access audits and credential cleanups reduce security risks, prevent unauthorized access, and save on unnecessary license costs. They also strengthen your organization's compliance posture, particularly in regulated industries. In the end, access management isn't just about cleaning up old accounts—it's about building lasting processes that protect your organization and enable operational readiness. ________________________________________ Final Thought: If your organization hasn't reviewed access in a while—start now. A proactive approach to access management can save significant headaches, reduce risk, and set the foundation for a more secure, organized, and compliant environment.

Zero Trust Security in Microsoft 365: Best Practices for 2025

Apil Faterpekar — Wed, 25 Jun 2025 08:09:20 +0000

Introduction Cyber threats are evolving fast, and relying on old-school perimeter security just doesn’t cut it anymore. That’s where the Zero Trust model comes in. In simple terms, Zero Trust means: never trust, always verify. Even if someone is inside your network, you still check if they’re supposed to be there.
If you’re using Microsoft 365 for work, applying Zero Trust principles can seriously level up your security game. Here’s a breakdown of what Zero Trust looks like in Microsoft 365 and how you can apply it in 2025.

Start with Strong Identity Protection Your users are the first line of defense. Make sure: • Multi-Factor Authentication (MFA) is turned on for everyone. • Use Conditional Access Policies to allow or block access based on user risk, device state, location, etc. • Enable risk-based sign-in detection with Microsoft Entra ID (formerly Azure AD).
Verify Devices Before Granting Access Not all devices should be trusted. Use Microsoft Intune to: • Enroll and manage both company-owned and BYOD devices. • Set compliance rules (OS version, encryption, antivirus status, etc.). • Block access from non-compliant or unknown devices.
Use Least Privilege Access Give users only the permissions they absolutely need: • Set up role-based access control (RBAC) in Microsoft 365. • Use Privileged Identity Management (PIM) to provide just-in-time access for admins. • Regularly review access rights and remove unused roles.
Protect Your Data Everywhere Data isn’t just in your network anymore—it’s in emails, chats, and cloud storage. Protect it with: • Microsoft Purview for data loss prevention (DLP), encryption, and sensitivity labels. • Automatically classify and label sensitive files. • Set rules to prevent data sharing with external users.
Monitor, Detect, and Respond in Real Time Zero Trust isn’t just about blocking threats—it’s about staying alert. • Use Microsoft Defender for Office 365 to catch phishing, malware, and unsafe links. • Enable Microsoft Sentinel (SIEM) for intelligent threat detection and automation. • Set up alerts and dashboards to track suspicious activity. ________________________________________ Final Thoughts Zero Trust isn’t a one-time project—it’s an ongoing journey. Microsoft 365 gives you powerful tools to make it easier. By following these best practices in 2025, you can stay a step ahead of threats and keep your organization’s data safe. Remember: trust no one, verify everything. Stay secure!

Zero Trust Security in Microsoft 365: Best Practices for 2025

Apil Faterpekar — Mon, 31 Mar 2025 09:15:39 +0000

Start with Strong Identity Protection Your users are the first line of defense. Make sure: • Multi-Factor Authentication (MFA) is turned on for everyone. • Use Conditional Access Policies to allow or block access based on user risk, device state, location, etc. • Enable risk-based sign-in detection with Microsoft Entra ID (formerly Azure AD).
Verify Devices Before Granting Access Not all devices should be trusted. Use Microsoft Intune to: • Enroll and manage both company-owned and BYOD devices. • Set compliance rules (OS version, encryption, antivirus status, etc.). • Block access from non-compliant or unknown devices.
Use Least Privilege Access Give users only the permissions they absolutely need: • Set up role-based access control (RBAC) in Microsoft 365. • Use Privileged Identity Management (PIM) to provide just-in-time access for admins. • Regularly review access rights and remove unused roles.
Protect Your Data Everywhere Data isn’t just in your network anymore—it’s in emails, chats, and cloud storage. Protect it with: • Microsoft Purview for data loss prevention (DLP), encryption, and sensitivity labels. • Automatically classify and label sensitive files. • Set rules to prevent data sharing with external users.
Monitor, Detect, and Respond in Real Time Zero Trust isn’t just about blocking threats—it’s about staying alert. • Use Microsoft Defender for Office 365 to catch phishing, malware, and unsafe links. • Enable Microsoft Sentinel (SIEM) for intelligent threat detection and automation. • Set up alerts and dashboards to track suspicious activity. ________________________________________ Final Thoughts Zero Trust isn’t a one-time project—it’s an ongoing journey. Microsoft 365 gives you powerful tools to make it easier. By following these best practices in 2025, you can stay a step ahead of threats and keep your organization’s data safe. Remember: trust no one, verify everything. Stay secure!

Cybersecurity Best Practices for Small Businesses

Apil Faterpekar — Tue, 24 Dec 2024 07:26:11 +0000

When it comes to running a small business, cybersecurity might not always be at the top of your priority list. After all, you're juggling a lot—managing operations, keeping customers happy, and staying ahead of the competition. But here’s the hard truth: cybercriminals don’t care about the size of your business. In fact, they often target small businesses because they assume we’re not prepared to defend ourselves.
I’ve learned that cybersecurity doesn’t have to be overwhelming or expensive. With a few practical steps, you can protect your business from some of the most common cyber threats out there. Let’s break it down.

The Threats Small Businesses Face
Cyberattacks come in many forms, but here are a few that I think every small business owner should know about:

Phishing Emails: These are fake emails that look real and try to trick you into sharing sensitive information like passwords or credit card details.
Ransomware: This type of malware locks your files until you pay a ransom to get them back. Scary, right?
Weak Passwords: Many of us are guilty of reusing passwords or using ones that are too simple. Cybercriminals can crack these in no time.
Unsecured Networks: If you or your employees are working on public Wi-Fi, you’re putting your data at risk.

Practical Tips to Strengthen Your Cybersecurity
The good news is, you don’t need a huge budget or a tech team to implement solid cybersecurity practices. Here’s what works:

Use Strong, Unique Passwords I can’t stress this enough: don’t use “123456” or “password.” Create long passwords with a mix of letters, numbers, and symbols. Better yet, use a password manager to keep track of them all.
Enable Multi-Factor Authentication (MFA) MFA adds an extra layer of protection. Even if someone gets your password, they’ll need a second code—usually sent to your phone—to access your account.
Train Your Team Your employees are your first line of defence. Take some time to train them on spotting phishing emails and practicing safe online habits.
Keep Software Updated Cybercriminals often exploit outdated software to break into systems. Make it a habit to update your operating systems, apps, and security software regularly.
Back Up Your Data Imagine losing all your files in a ransomware attack. Regularly back up your data to a secure cloud service or an external hard drive to avoid this nightmare.
Invest in Basic Security Tools Firewalls, antivirus software, and secure Wi-Fi networks are affordable yet effective ways to add a layer of protection.

Affordable Solutions for Small Businesses
I get it—small businesses often have tight budgets, so it’s all about finding cost-effective solutions. Look for tools that offer a good balance of security and affordability. For example:
• Use free resources like Google’s phishing quiz to train your team.
• Explore security software that’s tailored to small businesses, like Bitdefender or Avast.
• If you use cloud services like Microsoft 365 or Google Workspace, take advantage of their built-in security features.
And don’t underestimate the value of working with a trusted IT consultant, even if it’s just for a one-time audit of your systems. Sometimes an outside perspective can reveal vulnerabilities you didn’t know existed.

Staying Proactive Is Key
Cybersecurity isn’t something you can set and forget. It’s about being proactive and consistent. Even small steps, when done regularly, can make a big difference in protecting your business.
So, where should you start? Pick one tip from this list and implement it today. Once you’ve got that down, move on to the next. Over time, these small actions will add up to a much safer and more secure business.
Remember, staying ahead of cybercriminals is a journey, not a one-time fix. Let’s commit to making our businesses safer, one step at a time.

The Impact of Artificial Intelligence on Everyday Life

Apil Faterpekar — Tue, 24 Dec 2024 07:21:16 +0000

When you think of artificial intelligence (AI), what comes to mind? For some, it’s futuristic robots or self-driving cars. For others, it might feel like something only tech giants use. But here’s the truth: AI is already a big part of our daily lives, often in ways we don’t even notice.
As someone who’s been curious about technology, I’ve started paying more attention to how AI shapes the world around us. It’s fascinating—and sometimes a little overwhelming—to see just how much it’s changing the way we live, work, and interact.

AI in Our Everyday Routines
Let’s start with the basics. Whether you realize it or not, you’re likely interacting with AI every single day. Here are some examples:

Smartphones and Virtual Assistants Think about Siri, Alexa, or Google Assistant. These AI-powered tools help us set reminders, play music, or even control smart home devices with just our voices. They’ve become our personal assistants, making life more convenient.
Personalized Recommendations Ever noticed how Netflix seems to know what you’d like to watch next or how Spotify creates playlists tailored to your mood? That’s AI at work. By analyzing your habits, AI delivers recommendations that feel almost spot-on.
Online Shopping Shopping online? AI is the reason why you see product recommendations or discounts on items you’ve been browsing. It’s also behind chatbots that answer your questions instantly.
Navigation and Travel Apps like Google Maps use AI to suggest the fastest route, predict traffic patterns, or even recommend nearby restaurants. If you’ve taken an Uber, AI helps match you with drivers and calculates fares.
Health and Fitness Wearable devices like Fitbit or Apple Watch use AI to track your steps, heart rate, and sleep patterns. They even provide insights to help you improve your health.

Transforming Work and Communication
AI isn’t just helping us at home—it’s transforming the way we work and communicate too.
• Customer Support: AI-powered chatbots handle queries 24/7, making it easier for businesses to assist customers.
• Email Management: Tools like Gmail’s smart reply feature save time by suggesting responses.
• **Remote Work: **AI improves video calls by enhancing audio, reducing background noise, and even generating meeting notes.
And let’s not forget translation apps like Google Translate, which use AI to break down language barriers. It’s incredible how these tools make global communication so much easier.

The Pros and Cons of AI in Everyday Life
Of course, no conversation about AI is complete without discussing its pros and cons.
The Benefits:
• Convenience: AI makes tasks faster and easier, from managing calendars to navigating cities.
• Personalization: It creates experiences tailored to our preferences, whether it’s a playlist or a shopping cart.
• Efficiency: In industries like healthcare, AI helps doctors analyse data and make quicker diagnoses.
The Concerns:
• Privacy: AI relies on data, and that raises questions about how much of our personal information is being collected.
• Bias: AI systems can sometimes reinforce existing biases if they’re trained on flawed data.
• Job Displacement: While AI creates new opportunities, it also threatens to replace some jobs, especially in repetitive or manual tasks.

How to Embrace AI Responsibly
As AI becomes more integrated into our lives, it’s important to use it wisely. Here are a few tips:

Stay Informed: Learn how AI works and how it’s being used in the tools you rely on. Knowledge is power.
Protect Your Privacy: Be mindful of the apps and services you use, and check what data they collect.
Balance Tech and Human Touch: While AI is amazing, it’s no substitute for real human connections. Use it to enhance your life, not replace it.

Looking Ahead
AI is here to stay, and its impact will only grow in the years to come. From helping us solve everyday problems to tackling global challenges like climate change, the potential of AI is immense.
But as we embrace this technology, we need to ask ourselves: How can we ensure AI serves humanity in the best way possible? For me, it’s all about balance—using AI to make life better while staying grounded in what makes us human.
What about you? How do you see AI shaping your life?