Example:   To prevent SharePoint data being leaked through Gmail, I can currently configure my DLP policy in a way where the SharePoint connector is in the "business data" group, and the "Gmail" connector in the "no business data allowed" group.   However, I can circumvent this DLP policy by instead creating a custom connector that pulls information from SharePoint.   I therefore suggest getting rid of the DLP group concept all together and simply allow for switching connectors on / off. ... View more

When a flow is created with connections both to on-premise systems and cloud based systems there is a risk of data leakage. For example let's say that a flow gets data from a SharePoint site and exports it to a SQL Server database in the cloud. Let's suppose that this flow runs everytime a file is uploaded on a SharePoint library. If the flow is assigned to several owners and one of them leaves the company this guy will loose access to the on-prem SharePoint but not to the database that is in the cloud. The flow can continue running and copy data to the external database without no one being aware. To prevent that from happening I suggest that a special permission is given to the SQL Server connector : allow connection to cloud base databases or not. This permission would be manage by company administrators at the same level than Data Loss Policies. ... View more

Greetings!   Presently when a service is restricted from access by a Data Loss Prevention Policies users still see the options available to them and only learn that the service is blocked when they attempt to save the new Flow. This experience is not very user friendly and could lead to lost time by users trying to create complicated flows without knowning that it will be denied and disabled.     I would like to propose that this behavior be changed to indicate to the user at the time of selection that a service is disallowed, allow them to filter out disallowed services, or just hide disallowed services all together to end users.   Thanks for the consideration! ... View more

A re any plans to provide Office 365 Data Loss Prevention Policies the ability to monitor Power Apps and Flow?    if a PowerApp developer creates an app that collects personal data (financial, medical, etc), there does not appear to be any way to identify these apps or to audit the data. This is a potential route for significant data loss. There needs to be some way to evaluate the existence of Sensitive Data Types in PowerApps and Flows. Office 365 DLP policies evaluate data from several different services (Exchange, SharePoint, OneDrive), they need to cover ALL services available through O365 licenses. ... View more

Add the ability to customize DLP restriction notification. Please add the ability to alter/customize the default message when a user creates or uses a flow that has DLP restrictions.  Admins would like more customizability for the error message their users are getting.    ... View more

I'm trying to build a Flow to run daily/weekly and review all the service connectors available listed here, https://flow.microsoft.com/en-us/services.  As of now each week I open the site and try to review the All Connectors section manually.  I've been trying to use HTTP Get to jquery the HTML and find all apiDisplayName and store them in a text file to run a compare against.  I did find a Flow api but when I try to connect to it I get an Unauthorized message, https://us.api.flow.microsoft.com/providers/Microsoft.ProcessSimple.  What is the best way to pull this list so I can run the compare? ... View more