Skip to main content
cancel
Showing results for 
Search instead for 
Did you mean: 

Earn the coveted Fabric Analytics Engineer certification. 100% off your exam for a limited time only!

Reply
Alanoudfahad
Frequent Visitor

Best practice when accessing production DB

Hello Community!

 

I have recently faced a challange and I'm hoping someone in this amazing community has a work around for it.

My organization just adopted a new security rule where you can't access production data from PowerBI desktop. You'll have to access the database using a jump server and do everything there then upload your report to powerbi report server. Obviously this is very complicated.

 

Is this common practice? This is the first time I'm facing such problem and I can't get my head around it.

 

Facts: 

- the account I use has a read-only authorization

- the database is hosted on prem. not cloud.

- we use PowerBI report server desktop application for modeling and design then upload it to the server.

 

is there any work around that I can propose to the security team?

 

Any ideas are very much appreciated!

1 REPLY 1
FarhanAhmed
Community Champion
Community Champion

I think having a jump server to publish reports on Cloud and refresh your dataset over the cloud should be fine as you need to install PBI Gateway on the Jump server that will access the data for you and push it on the cloud.

 

But in the case of Power BI Report Server, since PBIRS is internally connected to all your database (single domain) that means when you refresh your dataset you don't need any PBI Gateway and hence PBIRS server can refresh data whether you are on Jump Server or not. If they are creating a policy to limit data access from jump server only that means it will hit your schedule refreshes or probably you need to move your PBIRS to jump server in order to overcome this problem.

 

if your organization is very concerned with data you can.

- Implement Microsoft intune in your organization

- register device on intune so that only authenticated and authorized people can access the data.

- Create a policy to allow open PBIRS only on authenticated devices.

 

Or 

 

Implement Row Level Security to allow authorized people to view permitted data.

 

 

 







Did I answer your question? Mark my post as a solution! Appreciate your Kudos!!

Proud to be a Super User!




Helpful resources

Announcements
April AMA free

Microsoft Fabric AMA Livestream

Join us Tuesday, April 09, 9:00 – 10:00 AM PST for a live, expert-led Q&A session on all things Microsoft Fabric!

March Fabric Community Update

Fabric Community Update - March 2024

Find out what's new and trending in the Fabric Community.