Scenario

A Federal Government body had decided to roll out Power BI as an Enterprise reporting tool. The aim was to enable self-service reporting and empower users to create and manage their own content without relying on a central IT resource. The data holds a mix of sensitive and non-sensitive information. Our client needed to ensure that appropriate tools, policies, and protections were in place so that the data is properly protected while meeting the needs of end users.

Solution

We worked with our client to determine the use cases for self-service and the security model that was needed to protect their data. From this, we derived a governance framework that would enable users to operate with autonomy to self-serve while being mindful of their responsibilities to ensure data was treated appropriately.  Then, we validated the configuration of their environment to ensure that Рwhere practical Рtechnical constraints were put in place to enforce the policy.

To demonstrate how these recommendations could be used in a practical example we also delivered a pilot project. The client had existing data sources and wanted to be able to look at these in a different light. Using SQL Server Analysis Services we built a cube that allowed business users to interpret the source data without having to query the underlying data warehouse. Using an On-Premise Data Gateway allowed the PowerBI cloud service to query that cube directly. This solution allowed secure access to the on-premise data from the cloud service.

The client now has a clear set of Power BI guidelines for increasing their capabilities in reporting without compromising security. They also have a practical working example of how the technology can be used while still leveraging their existing data assets.

Technology

The solution was implemented using a mix of on-premise and cloud technologies: