I work for a government agency. We have a manager at our state central office who claims that PowerApps can’t be trusted given our organizational policies. As a government agency, we have to adhere to having a public record of things, like our emails. She seems to think one could use PowerApps to automate forwarding emails to their personal email box and that it isn’t tracked. Her quote is pasted below in quotes.
I know I can use an Office 365 Outlook connector to send out emails, sure… but those emails are tracked because I see them in my out box. Even if I create a Power Automate flow to forward all my emails, I see a record of the forward, again, in my “Sent” email box. Is there any validity to her claim? Does anyone have or have heard of examples where PowerApps was used to circumvent common policies or do things that are a little sketchy (do things that an IT security team would really frown on)? Currently we are unable to use PowerApps widely in our organization because of her objection(s). I'm trying to find examples of where what she claims is actually true. It is hard to prove a negative.
“With this product, a user can do things such as set up forwarding of their emails to an external address - which goes against state policies, and is NOT something we can track.”