Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Earn a 50% discount on the DP-600 certification exam by completing the Fabric 30 Days to Learn It challenge.

Reply
manoj_0911
Advocate II
Advocate II

Deployment via Client BI Team: Security Concerns

‎03-20-2024 05:14 PM

Hello Power BI Community,

 

I'm seeking advice on deploying Power BI reports for a client. We propose building reports and connecting to their SQL Server on AWS via VPN. Our initial approach was to share the .pbix file for their BI team to manage publishing, scheduling, and RLS.

 

However, I have security concerns, particularly regarding control over Row-Level Security (RLS). Without managing publishing, ensuring proper RLS implementation becomes a challenge.

 

Question:

 

* What are the security risks associated with deploying reports through a client's BI team?
* How can we achieve a collaborative approach that balances client involvement with robust security controls?

 

We're open to exploring a hybrid model where we provide initial setup and train their team on basic management tasks.

 

Thank you for your insights!

 

Best regards,
Manoj Prabhakar

Message 1 of 2
168 Views
0
1 ACCEPTED SOLUTION
v-yangliu-msft
Community Support
Community Support

‎03-22-2024 03:05 AM

Hi  @manoj_0911 ,

 

Data protection capabilities in Power BI build on Microsoft's strengths in security and enable customers to empower every user with Power BI and better protect their data no matter how or where it is accessed.

Power BI was built to provide industry-leading complete and hermetic protection for data. The product has earned the highest security classifications available in the industry, and today many national security agencies, financial institutions, and health care providers entrust it with their most sensitive information.

Power BI security white paper - Power BI | Microsoft Learn

Data protection in Power BI - Power BI | Microsoft Learn

Power BI Security - Power BI | Microsoft Learn

 

Question1:

When sharing reports externally, if permission settings are improperly configured, it can lead to unauthorized access, posing a risk of unintentional leakage of sensitive data. Ensure that access controls are clearly defined.

Integrating with third-party tools may introduce vulnerabilities.

 

Question2:

Use the correct sharing method, define the permissions required for each role, and restrict data access based on user roles.

Roles in workspaces in Power BI - Power BI | Microsoft Learn

Semantic models in the Power BI service - Power BI | Microsoft Learn

Implement Single Sign-On (SSO) for seamless authentication.

Overview of single sign-on for on-premises data gateways - Power BI | Microsoft Learn

Test single sign-on (SSO) configuration - Power BI | Microsoft Learn

Encrypt both static and transmitted data.

When integrating with third-party tools, strengthen management, conduct regular security assessments, track audits and logs, and retain detailed logs of report access, modifications, and user activities. Address any issues promptly.

Troubleshoot the on-premises data gateway | Microsoft Learn

Monitor report performance in Power BI - Power BI | Microsoft Learn

 

Best Regards,

Liu Yang

If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

View solution in original post

Message 2 of 2
121 Views
1 REPLY 1
v-yangliu-msft
Community Support
Community Support

‎03-22-2024 03:05 AM

Hi  @manoj_0911 ,

 

Data protection capabilities in Power BI build on Microsoft's strengths in security and enable customers to empower every user with Power BI and better protect their data no matter how or where it is accessed.

Power BI was built to provide industry-leading complete and hermetic protection for data. The product has earned the highest security classifications available in the industry, and today many national security agencies, financial institutions, and health care providers entrust it with their most sensitive information.

Power BI security white paper - Power BI | Microsoft Learn

Data protection in Power BI - Power BI | Microsoft Learn

Power BI Security - Power BI | Microsoft Learn

 

Question1:

When sharing reports externally, if permission settings are improperly configured, it can lead to unauthorized access, posing a risk of unintentional leakage of sensitive data. Ensure that access controls are clearly defined.

Integrating with third-party tools may introduce vulnerabilities.

 

Question2:

Use the correct sharing method, define the permissions required for each role, and restrict data access based on user roles.

Roles in workspaces in Power BI - Power BI | Microsoft Learn

Semantic models in the Power BI service - Power BI | Microsoft Learn

Implement Single Sign-On (SSO) for seamless authentication.

Overview of single sign-on for on-premises data gateways - Power BI | Microsoft Learn

Test single sign-on (SSO) configuration - Power BI | Microsoft Learn

Encrypt both static and transmitted data.

When integrating with third-party tools, strengthen management, conduct regular security assessments, track audits and logs, and retain detailed logs of report access, modifications, and user activities. Address any issues promptly.

Troubleshoot the on-premises data gateway | Microsoft Learn

Monitor report performance in Power BI - Power BI | Microsoft Learn

 

Best Regards,

Liu Yang

If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

Message 2 of 2
122 Views

Helpful resources

Announcements
LearnSurvey

Fabric certifications survey

Certification feedback opportunity for the community.

PBI_APRIL_CAROUSEL1

Power BI Monthly Update - April 2024

Check out the April 2024 Power BI update to learn about new features.

April Fabric Community Update

Fabric Community Update - April 2024

Find out what's new and trending in the Fabric Community.

View All