DLP policy

A Data Loss Prevention (DLP) policy in the Power Platform classifies connectors into groups — typically Business, Non-Business, Blocked — and prevents Power Automate flows and Power Apps from combining connectors across groups in ways that could leak sensitive data. The canonical example: a flow that reads Dataverse (Business) and writes to a personal Dropbox (Non-Business) would be blocked by a DLP policy that puts Dataverse in Business and Dropbox in Non-Business. DLP policies apply per environment or tenant-wide; multiple policies can layer with priority. Configured in the Power Platform admin centre. Essential governance — without DLP, the Power Platform's hundreds of connectors create unconstrained data-flow paths. Start with a tenant-baseline policy; refine per environment.