cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
ElisaT
Advocate I
Advocate I

Row level security security issues

Hello everyone, 
I have a problem that drives me creasy. I want to use RLS on my models but the cloud security team of the headquarter of my customer block me because they consider it insecure. 
They don't provide me any evidence of insecureness. 
Do any ones know potential security issues on RLS? 
My customer has a Premium license.

 

Thanks for your time

1 ACCEPTED SOLUTION
v-diye-msft
Community Support
Community Support

Hi @ElisaT 

 

Based on the elaboration of @Seth_C_Bauer , Row-Level Security (RLS) simplifies the design and coding of security in your application. RLS helps you implement restrictions on data row access. and the access restriction logic is located in the database tier rather than away from the data in another application tier. The database system applies the access restrictions every time that data access is attempted from any tier. This makes your security system more reliable and robust by reducing the surface area of your security system.

Implement RLS by using the CREATE SECURITY POLICYTransact-SQL statement, and predicates created as inline table-valued functions.

 

Community Support Team _ Dina Ye
If this post helps, then please consider Accept it as the solution to help the other members find it more
quickly.

View solution in original post

3 REPLIES 3
v-diye-msft
Community Support
Community Support

Hi @ElisaT 

 

Based on the elaboration of @Seth_C_Bauer , Row-Level Security (RLS) simplifies the design and coding of security in your application. RLS helps you implement restrictions on data row access. and the access restriction logic is located in the database tier rather than away from the data in another application tier. The database system applies the access restrictions every time that data access is attempted from any tier. This makes your security system more reliable and robust by reducing the surface area of your security system.

Implement RLS by using the CREATE SECURITY POLICYTransact-SQL statement, and predicates created as inline table-valued functions.

 

Community Support Team _ Dina Ye
If this post helps, then please consider Accept it as the solution to help the other members find it more
quickly.

View solution in original post

Thank you @v-diye-msft 

@ElisaT The issue is probably related to the fact that data security is dependent on the Reporting team and the model which takes the control of that access and puts it in another place. Depending on level of security of the data... they're either over reacting, or you have extremely tight controls on the data and only certain teams have the appropriate permission allow access to it.

I've never encountered issues with the security itself, its largely the configuration in the model that is most prone to error. That has to be set up the right way to ensure access is granted appropriately.

Ironically... is that team fully controlling all data access and shutting down Excel? For as much as certain teams love controlling things, I'm always astounded how up in arms they get about certain things while the entire business passes around Excel files of data in and out of the company with no monitoring.


Looking for more Power BI tips, tricks & tools? Check out PowerBI.tips the site I co-own with Mike Carlo. Also, if you are near SE WI? Join our PUG Milwaukee Brew City PUG

Helpful resources

Announcements
PBI User Groups

Welcome to the User Group Public Preview

Check out new user group experience and if you are a leader please create your group!

MBAS on Demand

Microsoft Business Applications Summit sessions

On-demand access to all the great content presented by the product teams and community members! #MSBizAppsSummit #CommunityRocks

MBAS Attendee Badge

Claim Your Badge & Digital Swag!

Check out how to claim yours today!