UPDATED 11:00 EST / FEBRUARY 17 2021


Microsoft enhances data security in Power BI business intelligence apps

Microsoft Corp. is beefing up the security capabilities of its Power BI business intelligence tools with new network isolation and data protection features that help to ensure customer’s information will never be compromised.

Data is, of course, at the core of Microsoft Power BI, which is the collective name for a suite of cloud-based apps and services that enterprises can use to collate, manage and analyze information from a wide range of sources to obtain more business insights from it.

Power BI is used by workers to transform raw data such as sales figures into graphical visualizations that present a clearer picture of what’s happening inside their business. The service can tap into data from numerous sources such as simple Excel spreadsheets, Oracle databases and various cloud-based and on-premises applications.

That data needs to be kept secure, and in today’s announcement, Arun Ulagaratchagan, corporate vice president of Business Intelligence Platform at Microsoft, detailed the newest capabilities in Power BI that are designed to ensure this.

Top of the list are the new network isolation features in Power BI to ensure that only specific clients and computers, based on a list of allowed IP addresses, can connect to a particular endpoint. The new features include “service tags” that can be used to achieve network isolation and restrict a network from the general internet while accessing Power BI through a public application programming interface. In addition, Microsoft is announcing new private links that enable Power BI to provide secure access through private endpoints in the Azure cloud.

“With Private Microsoft Confidential Link and private endpoints, data traffic is sent privately using Microsoft’s backbone network infrastructure, and thus the data does not traverse the Internet,” Ulagaratchagan said.

The company also announced a preview of a new connectivity feature called “VNet” that enables secure outbound connections to from Power BI to any data source within a virtual network. “VNet gateways will eliminate the overhead of installing and monitoring on-premises data gateways for connecting to data sources associated with a VNet,” Ulagaratchagan explained. “They would, however, still follow the familiar process of managing security and data sources as with an on-premises data gateway.”

On the data protection side, Ulagaratchagan said sensitivity labels in Power BI Desktop are now generally available for all users. The sensitivity labels were first announced in public preview in December, giving users an easy way to classify critical data in Power BI without impacting on productivity or the ability to collaborate on that data.

“Sensitivity labels can be applied on datasets, reports, dashboards, and dataflows, and those labels are persisted along with relevant protection when data is exported from Power BI to Excel, PowerPoint, or PDF files,” Ulagaratchagan explained. “This way, your sensitive data remains protected no matter where it is.”

In a future update planned for August 2021, Microsoft will add support for label inheritance too. That means any Power BI datasets that connect to classified data in source systems such as SQL or Excel will inherit those sensitivity labels.

That in turn will ensure the data remains classified and secure when it’s brought into Power BI and then used in connected artifacts such as dashboards or reports that Power BI users generate. The idea is to help to ensure secure, end-to-end inheritance and protection of business data from its source to the point of consumption, Ulagaratchagan said.

Image: Microsoft

A message from John Furrier, co-founder of SiliconANGLE:

Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes Amazon Web Services and Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.

Join Our Community 

Click here to join the free and open Startup Showcase event.

“TheCUBE is part of re:Invent, you know, you guys really are a part of the event and we really appreciate your coming here and I know people appreciate the content you create as well” – Andy Jassy

We really want to hear from you, and we’re looking forward to seeing you at the event and in theCUBE Club.

Click here to join the free and open Startup Showcase event.