Understanding Data Loss Prevention policies in Power platform admin center

In my recently conducted training on Dynamics 365, I dealt a lot with the Power Platform admin center and could find that while there is great awareness of the CDS and how does flows and apps combine in to form a power platform environment, the concept of Data policies is something majority of the Dynamics population is unware of or may be not interested to learn.

But it’s lurking right there in the Power Platform admin center (https://admin.powerplatform.microsoft.com) and we can’t be ignoring it.


So let’s explore this.

If I click on the Data Policies link, I am taken to Power Apps Admin screen (https://admin.powerapps.com).

From there I create a New policy.


You would be thrown to the below screen. Basically this screen allows you to choose the environment where your Data Policy would be effective.

If you are a tenant administration, you will be able to see all the environments. Otherwise you would be able to see just the environment your are administrator of.


As you can see, I want to apply it to only one environment. I select the environment and then click on “CONTINUE”.

And then this is screen I am thrown to. It’s like an ocean of connectors right there and can get you puzzled. But in-fact its really simple


Basically as you can see from the above screenshot, there are two Groups – 1. Business Data only and 2. No business data allowed.

DLP’s are basically rules which define which combination of connectors you can use. It’s as simple as that. Still confused? Don’t worry I am here to help out.

I use the “Add” button in the Business data only section to add “Dynamics 365” and “Sharepoint” to it.



Now we have couple of connectors in Business data only and remaining in the No business data allowed group. Now when you go and design a flow, you won’t be able to mix the connectors between these groups. The below matrix would help you understand better.


Hope this makes it clear now.

I go ahead and save the policy. Now I create a flow in the same environment with Dynamics 365 connected to Notification trigger.


As you can see from the above screenshot, I can create the flow but the flow is in suspended state since it uses connectors across groups.

Hope this helps!

Debajit Dutta

(Dynamics MVP)

For consultation/ corporate training visit www.xrmforyou.com or reach out to us at info@xrmforyou.com

Our product offerings:

Role based views for Dynamics 365 (http://www.xrmforyou.com/role-based-views.html)

CRM-Sharepoint Attachment uploader and metadata manager (http://www.xrmforyou.com/sharepoint-integrator.html)

Record Cloner for Dynamics 365 (http://www.xrmforyou.com/record-cloner.html)

Multiselect picklist for Dynamics 365 (http://www.xrmforyou.com/multi-select-picklist.html)


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s