The author, Craig White, underlines the importance of defining your Power Platform DLP (Data Loss Prevention) strategy to meet various business scenarios effectively, citing from his own experiences. He suggests that a thorough understanding of what the business demands are essential prior to devising a DLP policy. This not only ensures optimal use but also allows for clear policy structuring. An important note was the interaction between Power Platform DLP strategy and environment strategy; one majorly influences the other. More information
Craig delves into policy construction, with connectors fitting into one of three groups: Business, Non-Business, or Blocked. However, this post largely focuses on the connector patterns typically aligned with the Business category.
He moves on to discuss the application of a 'tenant-wide' policy, highlighting this as the standard for new environments, granting access only to the essential connectors. Craig stresses that this baseline further provides guidelines to users successfully in the Default environment. He highlights connectors like Microsoft Forms, Power Apps for Makers, and Power Automate Management being the typical examples.
White describes a typical 'baseline' DLP policy as keeping the essential elements within the Business scope while switching the extras into the 'blocked' category. However, for connectors undesired by users in the default environment, reassigning them into the Non-Business category was recommended.
He gives an overview of handling Dataverse for Teams, especially when added to the Non-business category, and the impact it has. Craig also elaborates on managing Dynamics 365 tools and how DLP alignment can present challenges depending on circumstances.
The post also shares guidelines for setting up environments to allow connectors in Business and blocking unwanted connectors for Developer or Power Users. The importance of careful consideration for known and licensed data sources is highlighted, with suggestions of having each environment follow one DLP policy to avoid complications.
While the strategy & planning are essential, White advises staying adaptable as things might not always go according to plan, and exceptions may require specific attention. He shared experiences from a DLP deployment where a developer required a distinct DLP policy, offering a controlled environment for innovation within acceptable boundaries.
The key takeaway is finding a fine balance between setting restrictions and encouraging innovation. Additionally, Craig emphasizes the significance of collaboration and communication during a Power Platform DLP strategy deployment, citing the importance of addressing concerns and maintaining business continuity in situations that may affect the operation of apps or flows.
Summarizing, White shares strategies which can guide DLP structure, reminding that complex as it may seem, there's potential in having more than a single policy owing to the different requirements. The mention of a connector review and impact assessments to inform strategy and communication plans brings the discussion full circle.
Defining your Power Platform Data Loss Prevention (DLP) strategy is integral to the success of your business. The process can seem daunting but it can be made simpler by understanding all business requirements first. Different scenarios may necessitate different policies, highlighting the absolute importance of a well-defined strategy.
The development of a Power Platform DLP strategy goes hand in hand with environment strategy. Most of the strategies outlined draw upon past DLP implementations and environment patterns. The primary aim should always be establishing a robust environment strategy for your business which ensures your Power Platform DLP policies bolster effectively.
The construction of an efficient policy takes into consideration that a connector is aligned to one of three categories - Business, Non-Business, or Blocked. This post puts more focus on connector patterns usually associated with the Business category.
Creating and implementing a policy is relatively straightforward. In the previous article of this series, the process of running an impact assessment for a proposed policy was thoroughly explored. This exercise can be replicated multiple times across any number of environments. However, a strategy should go beyond just plugging a few leaks; a comprehensive understanding and evaluation of business needs is vital.
The baseline policy plays a crucial role in granting access only to the core essential connectors for any newly formed environments. It functions as a guide in your Power Platform Default environment which is absolutely vital.
Microsoft Forms, Power Apps for Makers, Power Automate Management and other unblockable connectors solely related to the Microsoft 365 stack form part of our typical baseline. Anything beyond that is moved to the Blocked category. This guideline should help users in classifying various connectors in the Business and Non-Business category in the baseline as per their needs.
On assessing the impact of adding Dataverse to the Non-business category, would we find that it influences Dataverse for Teams too? Maybe. This offering, introduced during the Covid-19 pandemic, allows anyone to craft apps and flows behind a Microsoft Team. It’s important to note that if you intend to use it to concoct solutions that interact with other core platforms like SharePoint or Office 365 Outlook, Dataverse must be categorized in the same way in a DLP policy.
Power Platform DLP Strategy, Define Power Platform, DLP Strategy, Platform DLP, Power Platform Strategy, Define DLP, Power DLP, Define Power DLP, Platform Strategy, Power Platform Definition