cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
martinzima
Level: Powered On

Understanding / managing multiple DLPs applying to an environment

Hi, I am trying to figure how to manage DLPs across my organisation, can someone please tell me:

  1. Best practice for creating/applying DLPs to across an organisation (see goal below)
  2. How multiple DLPs applied in the same environment resolve

 Goal: Limit data sharing/access by default, but allow in certain teams [environments] where required

 

Current setup: Tenant admin has created DLP#1 that applies to all environments and has the ~10 or so standard O365 apps in allowed group (“business data only”) and all other apps are in “no access” group). Salesforce team want to connect SharePoint to Salesforce, and so created an environment (‘Salesforce Team’), and created DLP #2 which allows Salesforce and SharePoint.

 

Current situation: ‘Salesforce Team’ environment has DLP#1 and DLP#2 applied to it... However even though DLP#2 includes SharePoint and Salesforce in allowed group, my Salesforce->SharePoint Flow will not run as it “conflicts with my organisation policy” (presumably DLP#1?)

 

Questions:

  1. How should we manage the above (i.e. create an environment and DLP that allows Salesforce and SharePoint?
  2. Do DLPs effectively take the minimum allowed set (i.e. has to be allowed is all applied groups to work)?
  3. … If so, when our organisation matures and we say have 20 allowed apps and 20 environments, if team X comes along and wants to connect with app the 21st app, does this mean we essentially have to create a bespoke DLP for that (and every) environment, i.e. manually add the allowed 20 apps and then the 21st app to a new DLP and apply this DLP to the environment?.. So create from scratch from every time / no templates or organisation rules to inherit? – This seems a bit poor
1 REPLY 1
Leo09
Level 8

Re: Understanding / managing multiple DLPs applying to an environment

I found below documentation very helpful:

https://flow.microsoft.com/en-us/guided-learning/learning-data-loss-prevention/

https://powerapps.microsoft.com/eu-es/tutorials/prevent-data-loss/

 

Not sure if this could help, but something is better than nothing?

Helpful resources

Announcements
firstImage

New Ranks and Rank Icons in April

Read the announcement for more information!

firstImage

Better Together Contest Finalists Announced!

Congrats to the finalists of our ‘Better Together’-themed T-shirt design contest! Click for the top entries.

firstImage

New & Improved Power Automate Community Cookbook

We've updated and improved the layout and uploading format of the Power Automate Cookbook!

thirdimage

Power Automate Community User Group Member Badge

Fill out a quick form to claim your user group badge now!

sixthImage

Community Summit North America

The top training and networking event across the globe for Microsoft Business Applications

Users online (9,644)