Hi, I am trying to figure how to manage DLPs across my organisation, can someone please tell me:
Goal: Limit data sharing/access by default, but allow in certain teams [environments] where required
Current setup: Tenant admin has created DLP#1 that applies to all environments and has the ~10 or so standard O365 apps in allowed group (“business data only”) and all other apps are in “no access” group). Salesforce team want to connect SharePoint to Salesforce, and so created an environment (‘Salesforce Team’), and created DLP #2 which allows Salesforce and SharePoint.
Current situation: ‘Salesforce Team’ environment has DLP#1 and DLP#2 applied to it... However even though DLP#2 includes SharePoint and Salesforce in allowed group, my Salesforce->SharePoint Flow will not run as it “conflicts with my organisation policy” (presumably DLP#1?)
Questions:
I found below documentation very helpful:
https://flow.microsoft.com/en-us/guided-learning/learning-data-loss-prevention/
https://powerapps.microsoft.com/eu-es/tutorials/prevent-data-loss/
Not sure if this could help, but something is better than nothing?