What is Power Platform security and governance
Power Platform data privacy and accessibility
Organizations want to know that their data isn’t going to be compromised. For example, you don’t want to accidentally pass through sensitive information in an application. The Microsoft Online Services Terms and the Microsoft Enterprise Privacy Statement govern the Power Platform service. For the location of data processing, refer to the Microsoft Online Services Terms and the Data Protection Addendum.
The Microsoft Trust Center is the primary resource for Power Platform compliance information. Learn more at Microsoft Compliance Offerings.
The Power Platform service follows the Security Development Lifecycle (SDL). SDL is a set of strict practices that support security assurance and compliance requirements. Learn more at https://www.microsoft.com/securityengineering/sdl/practices.
Data loss prevention policies
Your organization’s data is likely one of the most important assets you’re responsible for safeguarding as an administrator. The ability to build apps and automation to use that data is a large part of your company’s success. You can use Power Apps and Power Automate for rapid build and rollout of these high-value apps so that users can measure and act on the data in real time. Apps and automation are becoming increasingly connected across multiple data sources and multiple services. Some of these apps might be external, third-party services and might even include some social networks. Users generally have good intentions. However, they can easily overlook the potential for exposure from data leakage to services and audiences that shouldn’t have access to the data.
Data loss prevention (DLP) policies act as guardrails to help prevent users from unintentionally exposing organizational data. DLP policies can be defined at the environment or tenant level, offering flexibility to craft sensible policies that strike the right balance between protection and productivity. Connectors can be classified as follows:
- Business: Connectors that host business -use data.
- Non-Business: Connectors that host personal-use data.
- Blocked: Connectors that you want to restrict usage across one or more environments.
When a new policy is created, all connectors are defaulted to the non-Business group. From there, they can be moved to Business or Blocked based on your preference. You can manage connectors when you create or modify the properties of a DLP policy from the Microsoft Power Platform admin center. These affect Microsoft Power Platform canvas apps and Power Automate flows.