Our users have installed Issue reporting APP from Microsoft on Teams.
They received the following error after installation which points to our DLP policy.
On digging, We found that it is related to the CDS (common data service) which is now known as Data Verse is not part of default DLP policy.
Our Default policy does not have CDS and many other things enabled for business group because we do not want our general user population to utilize them.
For CDS we have separate environment and Separate DLP policy for developers, this environment is excluded from the Default DLP policy.
Issue now is that whenever these apps from Microsoft are installed, they create a sperate environment, so our default DLP policy gets applied.
Only solution that comes into mind is excluding these from default DLP policy and add them to their own DLP policy.
This seems to be cumbersome if done manually, with automation as well it will break as there might be limit for exclusions as we have seen in the past for office 365 DLP setup from Microsoft.
We have a case logged with Microsoft and this has also been escalated to Engineering team.
As of now we can only do workaround for few teams for which this is essential till Microsoft provides some solution.
There is a partial solution which Microsoft Support person has provided which can run on daily basis and can ADD all the teams to the Teams DLP policy (which you can create)
Microsoft now offers a solution that applies a data loss prevention policy (DLP) to all Teams environments within a tenant, allowing you to better control your organization’s data without hindering your ability to create low-code and no-code solutions within Teams.
The part that will be left is excluding all these environments from the Default DLP policy else default DLP policy will always cause the issue.
As soon as we get some robust solution around it from Microsoft or from our own development, we will share with the community.
Thanks for reading….