250 likes | 640 Vues
Power BI Compliance. Michael Askins. Agenda. Compliance Challenges Power BI Certifications Power BI On Premises Power BI in the Cloud Geo Specific Deployments Integrations with FLOW and PowerApps Privacy and Compliance Next Level. Compliance Challenges.
E N D
Power BI Compliance Michael Askins
Agenda Compliance Challenges Power BI Certifications Power BI On Premises Power BI in the Cloud Geo Specific Deployments Integrations with FLOW and PowerApps Privacy and Compliance Next Level
Power BI On Prem – Power BI Report Server • Enabling Power BI Pro users to publish to an on premises report server to deliver reports org wide on premises or in the cloud Power BI Report Server Create reports with Power BI Desktop • Canvas style report building with modern visualizations Publish to Power BI Report Server • Manage Access and Report accordingly Distribute • Share reports to your organization Your organizations on premises data center compliance policies and procedures apply Governance or Compliance rules that may affect your organization may require a specific need to satisfy a vendor or customer
Power BI On Prem – Gateways Keep your dashboards and reports up-to-date with your on-premises data sources • Connecting to your on-premises data sources without needing to move the data • Query large datasets and benefit from your existing investments
Power BI in the Cloud - Architecture Business application platform services are deployed in datacenters around the world, and each deployment consists of two clusters: • WFE Cluster • Back-End Cluster Users directly interact only with the Gateway role and Azure API Management which are accessible through the internet: • Authentication • Authorization • Distributed denial-of-service (DDoS) protection • Bandwidth throttling • Load balancing • Routing • Other security, performance, and availability functions There is a distinct boundary between the roles that users can access and the roles that are accessible only by the system.
Power BI in the Cloud – Threat Management Threat Management • The Azure multi-pronged threat management approach: • Intrusion Detection • DDoS attack Prevention • Penetration Testing • Data Analytics • Machine Learning
Power BI in the Cloud – Physical Security Datacenters are protected by layers of defense-in-depth security: • Access Request - An individual only has access to the discrete area, based on the Microsoft-approved business justification • Facility’s Perimeter – Tall steel fences with cameras encompass the perimeter. A security team constantly monitors videos • Building Entrance – Professional security officers routinely patrol the datacenter • Inside the Building – You must pass two-factor authentication with biometrics to move through the datacenter • Datacenter Floor – Full-body metal detection on entrance and exit. Only approved devices allowed. Video cameras monitor the front and back of every server rack
Integrations - Flow and PowerApps • PowerApps and Flow connect to external services on behalf of users • Only authorized users can access your data with authorization decisions based on the user’s identity • Users must provide their own credentials to create their connection to the data sources. • Administrators can manage the flows and apps in an organization as well as which services they have access to, through the Flow or PowerApps Admin centers. • Administrators can configure Data Loss Prevention policies to block data from being sent to non-compliant systems even if the user would have manual access
Privacy and Compliance Privacy Levels
Review in Security and Compliance Center • Review privacy level activities • What is being access • Review access to services and solutions • Which services are being access from where • Always expanding capabilities
Next Level: Leverage Power BI as a Compliance Dashboard • Create a rich reporting tool that can deliver IT compliance data to security and compliance teams • Eliminates the need to maintain additional RBAC groups for each solution • Aggregate compliance metrics from different systems and solutions into a tool that can create actionable outcomes • Increase confidence in your data stewardship by providing a holistic view to your employees, customers and vendors
Need Help – Managed Services and Consulting Challenge • Knowing who has access to what datasets • Widespread dataset duplication across the enterprise • Understand what reports have personal / HIPPA data in them Solution • Initial audit is done to inventory and categorize datasets & reports • Reporting is built on who has access to data sets and to identify dataset duplication. • *Reporting on reports and data sets with PII information and who has access to them
Please feel free to reach out for any additional information!! Sources for this presentation: pragmaticworks.com, microsoft.com, dataonwheels.com