Data loss prevention example - Block event triggers in agents
Agent makers in your organization can add event triggers to agents. Event triggers allow your agents to react to external events without human prompting. However, you may want to restrict their use to, for example, prevent data exfiltration or unwanted consumption or quota usage.
You can use the Microsoft Copilot Studio connector in Power Platform admin center data loss prevention (DLP) policies to stop agent makers from adding event triggers to their agent.
For more information about DLP-related connectors, see Configure data loss prevention policies for agents.
Configure DLP to block event triggers in the Power Platform admin center
Select or create a policy
In the Power Platform admin center, under Policies, select Data policies.
Create a new policy, or choose an existing policy to edit:
If you want to create a new policy, select New policy.
If you want to choose an existing policy to edit, select the policy and select Edit policy.
Enter a name for the policy then select Next. You can change the name later.
Choose an environment
Choose one or more environments to add to your policy.
Select + Add to policy.
Select Next.
Add the connector
Use the search box to find the Microsoft Copilot Studio connector.
Select the connector's More actions icon (⋮), and then select Block.
Select Next.
Review your policy, then select Update policy to apply the DLP changes.
Confirm policy enforcement in Copilot Studio
You can confirm that this connector is being used in the DLP policy from Copilot Studio.
Open your agent from the environment where the DLP policy is applied, and try to add a trigger to the agent.
If the policy is enforced, the Add a trigger panel reports an error and suggests you contact an admin to add event triggers to the allowlist.