MC973179 – Microsoft is updating how Microsoft enforce Data Loss Prevention (DLP) policies in Copilot Studio. Currently, enforcing DLP policies is a two-step process. A DLP policy must first be created in the Power Platform admin center (PPAC) for your tenant and then you must opt-in to enforce the DLP policy to copilots in your tenant using PowerShell commands, which allows three different enforcement levels:
How does this affect me?
Microsoft will be transitioning the default enforcement level from Disabled to Enabled in a two-stage process.
Beginning in January 2025, the default mode for all tenants will be changed to Soft-Enabled. Following this change, published bots will continue to run and DLP checks will be enforced when publishing updates to bots. Microsoft will also be removing the option to change the enforcement mode back to Disabled in PowerShell.
Finally, in February 2025, the default mode for all tenants will be changed to Enabled. Following this change, all published bots and any updates made to existing bots will be subject to DLP policies as defined within your tenant. Microsoft will also be removing the PowerShell commands to change the enforcement level.
What do I need to do to prepare?
Microsoft recommends updating your DLP policy enforcement level to Enabled prior to the planned updates outlined above. If you need additional time to make these updates beyond the planned enforcement change in February 2025, please contact Microsoft Support to apply for a temporary exception to these changes.
Previous Power Platform Changelog Messages
Whether it’s Security or Cloud Computing, we have the know-how for you. Sign up for our newsletters here.