Step-by-Step Guide to Creating Power Platform DLP Policy
Power Automate
Nov 4, 2023 4:00 PM

Step-by-Step Guide to Creating Power Platform DLP Policy

by HubSite 365 about Craig White

Talks about #lowcode, #formula1, #powerplatform, #empoweringothers, and #digitaldisruption

Citizen DeveloperPower AutomateLearning Selection

Master Microsofts Power Platform with our step-by-step guide on creating a Data Loss Prevention policy. Optimize your policy today!

Creating a Power Platform DLP (Data Loss Prevention) policy can provide an additional layer of security to your digital workspace. A blog author named Craig White offers an insightful approach on how this can be done. The process is relatively simple, eliminating potential worry or frustration even for those who are not tech-savvy.

The essence of creating this policy involves engagement with Microsoft's Power Automate and its function to prevent sensitive information from being unofficially handled or exposed. According to Craig White, the concept focuses on setting up precise rules that regulate how connectors exchange data between diverse services inside the Power platform.

Working with these connectors requires understanding their classification into two broad categories: Business and Non-Business. Once the classifications are understood, the real work of crafting the DLP policy kicks in. A blend of properly classified connectors and configured rules result in a well-set DLP policy.

For a step-by-step guideline on creating a DLP policy, this link provides a detailed walkthrough. Follow the guidelines and rest assured of a properly configured DLP Policy. Integrate this DLP policy in your workspace to protect your data from potential loss.

Moving forward

In general, crafting a DLP policy is not limited to Power Automate, as data protection has become crucial in the modern digital space. Whether your workspace is tech-heavy or not, data loss prevention policies should feature in your plans. Often, data is one of the most paramount assets to a business, and its protection should always be a priority. Tech masters like Craig White are continuously providing practical guides for maintaining this protection. Remember, it's better to have a secure workspace void of the worries of potential data loss than to experience avoidable data disasters.


Read the full article How To Create a Power Platform DLP Policy

Power Automate - Step-by-Step Guide to Creating Power Platform DLP Policy

Learn about How To Create a Power Platform DLP Policy


In the digital world, regulating and securing data is a foremost priority. Microsoft’s Power Platform has inbuilt safeguards like the Data Loss Prevention (DLP) Policy to help you do just that. This comprehensive article dives into the intricate steps involved in creating a Power Platform Data Loss Prevention digital strategy, focusing on tenant-wide baseline policy. You’ll be guided through each crucial setting, right from setup to outcome.

Create a data loss prevention (DLP) policy - Power Platform
Walkthrough: Create a DLP policy · In Power Platform admin center, select Policies > Data policies > New policy. · Enter a policy name, and then ...


When creating the Power Platform DLP policy, remember to sign in using an account that has access to the Power Platform Admin Centre (PPAC). Ideally, the process begins with conducting a connector review and an impact assessment, formulating a DLP strategy and interacting with users. These preludes can help prevent potential hitches in the creation of the policy.

Policy Initialization

Start this automation journey by navigating to the PPAC, expanding Policies, and choosing Data Policies. Assign a unique name that might fit into a naming convention you plan to implement. The next step involves defining Prebuilt connectors in your tenant-wide baseline policy, classifying them appropriately into business, non-business, or blocked categories. Certain connectors can't be blocked and must be set as business connectors alongside these additional services: Cards for Power Apps, Power Apps for Makers, Power Management, and Microsoft Forms.

Defining Connector Actions

For each blockable connector, revisit the configuration options to allow or block certain actions within the connector. This provides additional granularity to set a connector as a business, non-business, and to block new connector actions altogether. They can be customized as per your organization's internal standards and protocols. In the Prebuilt connectors section of DLP policy building, another handy feature is “Set Default Group”. This setting decides how new connectors added by Microsoft will be utilized and can be configured to suit your organization's needs.

Custom Connectors

Power Platform interacts with APIs that don't have predefined connectors but have an API endpoint. This interaction happens through the HTTP action or via a custom connector. With your tenant-wide baseline policy, you may need to include or exclude API endpoints. Move the HTTP connector to 'blocked' to prevent any risk of data leaks. Allow specific API endpoints for custom connectors in your DLP policy, ensuring any non-approved API endpoints for custom connectors are blocked. Custom connector decisions should be communicated to your makers before the Power Platform DLP policy formation.

Scope Setting

Determining the scope of your policy is another crucial decision. The policy builder helps you to define what environment(s) the policy will apply to. The three options are to Add all environments, Add multiple environments or Exclude certain environments. By understanding the strengths and limitations of each choice, you can exercise control over the policy's reach and flexibility. This prepares you for managing any policies and environments newly added after the policy creation.

Review and Impact

The final step involves reviewing your policy's configuration. The review stage gives you the opportunity to edit accordingly or go ahead with policy creation. The new policy's creation instantly affects any conflicting apps or flows, with different experiences for post-implementation on new or existing apps and flows. It is essential to keep in mind that previously functional flows may need to be switched back on manually if adjusted in the policy. This is especially important if the policy prevents a significant number of flows due to connector conflicts.

Customization and Compatibility

You can also customize the error message content when a connector conflict arises. Although Power Platform DLP has scope within Power Virtual Agents (PVA), some additional configuration steps including user authentication are required to ensure seamless data prevention in PVA chatbots. The customizability of the DLP policy provides room for the policy to be aligned with your organization’s unique needs.

All in all, setting up your Power Platform DLP policy is an admin endeavor that may seem daunting, but is approachable with appropriate understanding, preparation, and communication. Safeguarding your data effectively is a milestone achievement in the journey of digital transformation.


More links on about How To Create a Power Platform DLP Policy



Power Platform DLP Policy, Create DLP Policy, DLP Policy Tutorial, Data Loss Prevention Platform, Power Platform Policy Creation, Microsoft Power Platform DLP, Create Power DLP Policy, Manage DLP Policy, DLP Power Platform Guide, DLP policy configuration Power Platform