Please help me with some advice about the following data security concern:
How do you avoid that the Power-apps users modify the data directly on the SharePoint list if it is your back end data source?
The above taking into account the following:
Please, share your advice about that. Thank you!
Power Automate offers some options to help with this. I've used flows to create backups of SP lists and to interact directly with data sources. The flow is shared, but not the underlying data to which the flow connects.
That's one of the issues with Power Apps, is the implicit data source sharing. You could try doing as much obfuscation as possible on the SharePoint end (e.g. not linking the site/subsite anywhere, hiding Site Contents maybe, etc.) which would be a good start. They'd have a hard time guessing a URL for a site (and lists, libraries, etc.) that they don't know exists. Ensure you have list-level permissions set up appropriately. Ensure your Power App itself has its field-level security set up how you want it.
We have apps that contain confidential information (not social security numbers or anything like that) and knock-on-wood nobody has gotten THAT curious to go digging through SharePoint. If you have someone that malicious, you'd probably want to start with that person, rather than Power Apps. That being said, maybe you can set up your data sources differently to divorce sensitive data in different ways. Maybe set up different security groups. If the security is so impossibly detailed, that should probably be reviewed as well.
Learn how to create your own user groups today!
Please join us on Wednesday, January 19th, at 8a PDT. Come and learn from our amazing speakers!
Check out the new Power Platform Community Connections gallery!