From Microsoft Corporation
From QuixTec, LLC: about Microsoft Technical Bulletins: The information contained in these technical bulletins are provided ‘unaltered’ from the Microsoft 365 Message center. As an authorized Microsoft Partner, QuixTec’s’ Custom SharePoint Development and Office 365 expertise takes Microsoft notifications into full account throughout initiatives. We tailor your solution according to your corporate style and business requirements and make recommendations based upon our knowledgebase of Microsoft Technologies and technical bulletins. QuixTec’s Microsoft SharePoint development services delivers user-friendly, feature-rich applications. For example: using SharePoint’s flexibility, the solutions we create for you will be intuitive and welcome your users to collaborate and capture crucial information necessary to efficiently complete tasks. (425) 367-9025
Effective December, 2020, data loss prevention (DLP) policies’ Powershell cmdlet Add-CustomConnectorToPolicy will no longer support the addition of custom connectors to tenant level policies. Additionally, custom connectors added to tenant level policies will not be shown on the data loss prevention page (DLP UI) in the Power Platform admin center.
What are data loss prevention policies?
Your organization’s data is likely one of the most important assets you are responsible for safeguarding as an administrator. Power Apps and Power Automate allow the rapid build and rollout of high value applications that allow users to measure and act on the data in real time. Users often have good intentions but might overlook the potential for exposure from data leakage to services and audiences that shouldn’t have access to the data. Data loss prevention (DLP) policies enforce rules of what connectors can be used together by classifying connectors as either Business Data only or No Business Data allowed. Simply, if you put a connector in the business data only group, it can only be used with other connectors from that group in the same app. Please see this article for further information on DLP.
What specifically is changing?
Effective December, 2020, the Powershell cmdlet Add-CustomConnectorToPolicy will no longer support the addition of custom connectors to tenant level policies.
Legacy policies that were created with this feature will continue to function, however custom connectors added from the PowerShell cmdlet will not appear show on the Power Platform admin center user interface for tenant level policies. This cmdlet will be deprecated in Q1 2021, and environment admins should begin migrating to the data loss prevention cmdlets New-DlpPolicy, Get-DlpPolicy, Set-DlpPolicy and Remove-DlpPolicy to create and manage DLP policies with all types of connectors including custom connectors.
How can you manage custom connectors after this change?
If you were leveraging this gap as a by-design method to manage the DLP policies, then you can switch to using environment level DLP policies to manage custom connectors. We recommend keeping tenant level policies in place and copy these settings to environment level policies, then add custom connector classification as an add-on setting using the same PowerShell cmdlet along with the environment name as a parameter.
QuixTec, LLC is a U.S. certified Veteran Owned, modern DevOps organization that specializes in Microsoft SharePoint, Office 365 & HTML5 technologies for small to enterprise-sized organizations. Richard has 30 years of experience working with several notable companies that include World Vision, Expedia, Microsoft, Levi Strauss, NASA, Boeing Aerospace, Los Alamos National Laboratory and the U.S. Air Force, to name a few. QuixTec is located in the Seattle area. Phone today for a free consultation and project estimate: (425) 367-9025