Microsoft enhances data security in Power BI business intelligence apps
Microsoft Corp. is beefing up the security capabilities of its Power BI business intelligence tools with new network isolation and data protection features that help to ensure customer’s information will never be compromised.
Data is, of course, at the core of Microsoft Power BI, which is the collective name for a suite of cloud-based apps and services that enterprises can use to collate, manage and analyze information from a wide range of sources to obtain more business insights from it.
Power BI is used by workers to transform raw data such as sales figures into graphical visualizations that present a clearer picture of what’s happening inside their business. The service can tap into data from numerous sources such as simple Excel spreadsheets, Oracle databases and various cloud-based and on-premises applications.
That data needs to be kept secure, and in today’s announcement, Arun Ulagaratchagan, corporate vice president of Business Intelligence Platform at Microsoft, detailed the newest capabilities in Power BI that are designed to ensure this.
Top of the list are the new network isolation features in Power BI to ensure that only specific clients and computers, based on a list of allowed IP addresses, can connect to a particular endpoint. The new features include “service tags” that can be used to achieve network isolation and restrict a network from the general internet while accessing Power BI through a public application programming interface. In addition, Microsoft is announcing new private links that enable Power BI to provide secure access through private endpoints in the Azure cloud.
“With Private Microsoft Confidential Link and private endpoints, data traffic is sent privately using Microsoft’s backbone network infrastructure, and thus the data does not traverse the Internet,” Ulagaratchagan said.
The company also announced a preview of a new connectivity feature called “VNet” that enables secure outbound connections to from Power BI to any data source within a virtual network. “VNet gateways will eliminate the overhead of installing and monitoring on-premises data gateways for connecting to data sources associated with a VNet,” Ulagaratchagan explained. “They would, however, still follow the familiar process of managing security and data sources as with an on-premises data gateway.”
On the data protection side, Ulagaratchagan said sensitivity labels in Power BI Desktop are now generally available for all users. The sensitivity labels were first announced in public preview in December, giving users an easy way to classify critical data in Power BI without impacting on productivity or the ability to collaborate on that data.
“Sensitivity labels can be applied on datasets, reports, dashboards, and dataflows, and those labels are persisted along with relevant protection when data is exported from Power BI to Excel, PowerPoint, or PDF files,” Ulagaratchagan explained. “This way, your sensitive data remains protected no matter where it is.”
In a future update planned for August 2021, Microsoft will add support for label inheritance too. That means any Power BI datasets that connect to classified data in source systems such as SQL or Excel will inherit those sensitivity labels.
That in turn will ensure the data remains classified and secure when it’s brought into Power BI and then used in connected artifacts such as dashboards or reports that Power BI users generate. The idea is to help to ensure secure, end-to-end inheritance and protection of business data from its source to the point of consumption, Ulagaratchagan said.
Since you’re here …
Show your support for our mission with our one-click subscription to our YouTube channel (below). The more subscribers we have, the more YouTube will suggest relevant enterprise and emerging technology content to you. Thanks!
Support our mission: >>>>>> SUBSCRIBE NOW >>>>>> to our YouTube channel.
… We’d also like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.