Register now to learn Fabric in free live sessions led by the best Microsoft experts. From Apr 16 to May 9, in English and Spanish.
Hello everyone,
I have a problem that drives me creasy. I want to use RLS on my models but the cloud security team of the headquarter of my customer block me because they consider it insecure.
They don't provide me any evidence of insecureness.
Do any ones know potential security issues on RLS?
My customer has a Premium license.
Thanks for your time
Solved! Go to Solution.
Hi @ElisaT
Based on the elaboration of @Seth_C_Bauer , Row-Level Security (RLS) simplifies the design and coding of security in your application. RLS helps you implement restrictions on data row access. and the access restriction logic is located in the database tier rather than away from the data in another application tier. The database system applies the access restrictions every time that data access is attempted from any tier. This makes your security system more reliable and robust by reducing the surface area of your security system.
Implement RLS by using the CREATE SECURITY POLICYTransact-SQL statement, and predicates created as inline table-valued functions.
Hi @ElisaT
Based on the elaboration of @Seth_C_Bauer , Row-Level Security (RLS) simplifies the design and coding of security in your application. RLS helps you implement restrictions on data row access. and the access restriction logic is located in the database tier rather than away from the data in another application tier. The database system applies the access restrictions every time that data access is attempted from any tier. This makes your security system more reliable and robust by reducing the surface area of your security system.
Implement RLS by using the CREATE SECURITY POLICYTransact-SQL statement, and predicates created as inline table-valued functions.
@ElisaT The issue is probably related to the fact that data security is dependent on the Reporting team and the model which takes the control of that access and puts it in another place. Depending on level of security of the data... they're either over reacting, or you have extremely tight controls on the data and only certain teams have the appropriate permission allow access to it.
I've never encountered issues with the security itself, its largely the configuration in the model that is most prone to error. That has to be set up the right way to ensure access is granted appropriately.
Ironically... is that team fully controlling all data access and shutting down Excel? For as much as certain teams love controlling things, I'm always astounded how up in arms they get about certain things while the entire business passes around Excel files of data in and out of the company with no monitoring.
Covering the world! 9:00-10:30 AM Sydney, 4:00-5:30 PM CET (Paris/Berlin), 7:00-8:30 PM Mexico City
Check out the April 2024 Power BI update to learn about new features.