cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
martinzima
Regular Visitor

Understanding / managing multiple DLPs applying to an environment

Hi, I am trying to figure how to manage DLPs across my organisation, can someone please tell me:

  1. Best practice for creating/applying DLPs to across an organisation (see goal below)
  2. How multiple DLPs applied in the same environment resolve

 Goal: Limit data sharing/access by default, but allow in certain teams [environments] where required

 

Current setup: Tenant admin has created DLP#1 that applies to all environments and has the ~10 or so standard O365 apps in allowed group (“business data only”) and all other apps are in “no access” group). Salesforce team want to connect SharePoint to Salesforce, and so created an environment (‘Salesforce Team’), and created DLP #2 which allows Salesforce and SharePoint.

 

Current situation: ‘Salesforce Team’ environment has DLP#1 and DLP#2 applied to it... However even though DLP#2 includes SharePoint and Salesforce in allowed group, my Salesforce->SharePoint Flow will not run as it “conflicts with my organisation policy” (presumably DLP#1?)

 

Questions:

  1. How should we manage the above (i.e. create an environment and DLP that allows Salesforce and SharePoint?
  2. Do DLPs effectively take the minimum allowed set (i.e. has to be allowed is all applied groups to work)?
  3. … If so, when our organisation matures and we say have 20 allowed apps and 20 environments, if team X comes along and wants to connect with app the 21st app, does this mean we essentially have to create a bespoke DLP for that (and every) environment, i.e. manually add the allowed 20 apps and then the 21st app to a new DLP and apply this DLP to the environment?.. So create from scratch from every time / no templates or organisation rules to inherit? – This seems a bit poor
1 REPLY 1
Leo09
Helper V
Helper V

I found below documentation very helpful:

https://flow.microsoft.com/en-us/guided-learning/learning-data-loss-prevention/

https://powerapps.microsoft.com/eu-es/tutorials/prevent-data-loss/

 

Not sure if this could help, but something is better than nothing?

Helpful resources

Announcements
Power Automate News & Announcements

Power Automate News & Announcements

Keep up to date with current events and community announcements in the Power Automate community.

Power Automate Community Blog

Power Automate Community Blog

Check out the latest Community Blog from the community!

Top Solution Authors
Users online (5,667)