Power Platform admin center – Advanced connector policies
🚨 The Signal: Power Platform now offers Advanced Connector Policies (ACP), a default-deny allowlist for certified connectors and actions. This enhances data loss prevention by blocking unapproved connections and governing AI tool access, improving security posture.
The Impact
Power Platform admins and makers are affected, reducing the risk of unauthorised data access and exfiltration via Power Platform.
- Power Platform Admins: Must configure new policies to allow necessary connectors, preventing service disruption.
- Power Platform Makers: Will be blocked from using unapproved connectors/actions, requiring policy adherence.
- Security Teams: Gain granular control over data flow, reducing data exfiltration risks.
- Organisations: Enhanced data loss prevention and AI governance capabilities.
The Action
- Review existing Power Platform DLP policies and identify certified connectors in use.
- Plan the transition from classic DLP to Advanced Connector Policies (ACP) for certified connectors.
- Activate ACP in the Power Platform admin center for relevant environments.
- Define and implement allowlist policies for certified connectors and specific actions.
- Communicate new policy enforcement to Power Platform makers and provide guidance.
Domain: Purview · Impact: high · Workload: Microsoft Purview · Essential Eight: Application Control · ISM: ISM-0843, ISM-1490, ISM-1544, ISM-1582, ISM-1656, ISM-1657, ISM-1658, ISM-1659, ISM-1660, ISM-1870, ISM-1871