What is DLP and Why do we need DLP ?
Data loss prevention is a security solution that identifies and helps prevent unsafe or inappropriate sharing, transfer, or use of sensitive data.
Essentially, the purpose of DLP in Power Platform is to help prevent users from unintentionally exposing organizational data.
They affect Power Platform Canvas apps and Power Automate flows.
Since Power Platform in general, and Power Automate / Canvas Apps in particular rely heavily on the concept of data connectors, those connectors are meant to be combined in the same Power Automate flows/canvas applications.
When two or more connectors are combined that way, sensitive data available through one connector might be unintentionally exposed through the other connector.
DLP Policy Scope
DLP policies can be scoped at:
- Environment level
- Tenant level
-
- All environments
- Selected environments
- All environments except ones you specifically exclude
Permission Required:
- Environment
-
- Environment Admin / System Administrator
- Tenant Level
-
- Microsoft Power Platform admin permissions
- Microsoft 365 Global admin permissions
DLP policy connector classifications
DLP policies enforce rules for which connectors can be used together by classifying connectors to three classifications:
- Business
Connectors that host business-use data
- Non-Business
Connectors that host personal-use data
- Blocked
Any connectors that you want to keep from being used (Connectors driving core Microsoft Power Platform functionality can’t be blocked)
Connectors can reside in only one data group at a time.
Connectors in the Non-business data group won’t be allowed to establish connections with Business connectors, and vice versa.
Connector request
You can request additional connectors to be used in your environment by submitting the request in our help page.