Data Loss Prevention (DLP) within Microsoft Power Platform


This article helps clarify the baseline data loss prevention (DLP) applied to the Microsoft Power Platform at SFU.


What is a Data Loss Prevention Policy (DLP)?

A data loss prevention (DLP) policy is a security boundary for data. In the context of the Microsoft Power Platform, a DLP policy is a set of technical guidelines for how data can flow between different apps via connectors.


What are connectors?

Connectors are no-code/low-code components that provide a way for the Microsoft Power Platform to communicate with other apps and services. When you set up a connector in a Power Automate workflow (also called "flows") or a Power Automate app, you are authorizing one service to talk to another.

For example, you could have an automated flow that starts an approval process when a file is uploaded to SharePoint by using the SharePoint Online and MS Approvals connectors. In this case, each connector would be authorized to broker (or "talk") to each service so the flow can act on your behalf.

Connectors are an empowering feature to enable personal productivity within Microsoft 365. If you are just getting started with connectors and want to learn more, explore the Get Started with Power Automate online resources from Microsoft.


Why has SFU restricted some connectors?

Access to data within the SFU community is diverse. In combination with our community's data responsibility guidelines, a baseline Data Loss Prevention (DLP) policy is an automatic way of helping our community safely navigate connections between data using vetted (reviewed and approved) connectors, while avoiding the complications and risks that can lead to data abuse. 

In general, the baseline DLP policy for the Microsoft Power Platform will restrict any connector that:

  • Hasn't undergone a privacy and security review (this includes new connectors).
  • Requires a premium license to use.



Article ID: 5835
Thu 6/1/23 1:30 PM
Mon 11/6/23 12:13 PM