Power Automate and PowerApps

This page will list security settings and configurations that is advisable to implement in your environment.
Each environment is different where I believe the below settings are easy to setup and provides a way to get to a more mature security level.

  1. Power Automate and PowerApps DLP

Power Automate and PowerApps DLP

Power Automate and PowerApps both have a data loss/leak prevention functionality which can be implemented when you have Flow or PowerApps Plan 2. You can use connectors in these products to connect to Office 365, Gmail or other third-party connectors. Users can create workflows which sends an email to Gmail after being received in Outlook which are uncontrollable.

An administrator can define “business data only” and “no business data allowed” to prevent users from creating flows and apps that combine connectors from these data groups.

How will this impact my users?

Users are unable to use for example the Outlook connector with the Gmail connector or with any third-party connector.

 

Using the user interface

You can navigate to https://admin.flow.microsoft.com/ and https://admin.powerplatform.microsoft.com/ where you can navigate to the data policies

Select the connectors you would like to only use business data.

Using PowerShell

There is currently no PowerShell command to set this policy

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.