PowerBI Portal
  • Overview
    • PowerBI Portal
  • Getting Started
    • PowerBI Portal 101
    • Features
    • Licenses
      • Trial
      • Types and Pricing
      • How to Buy
      • Support
  • Technical
    • Architecture
    • Power BI Requirements
    • Configuration Guide
      • Power BI Portal - Automatic Configuration
      • Power BI Portal - Manual Configuration
        • Step 1 - Create your own Azure AD Application
        • Step 2 - Create an Azure Group for PowerBI Portal and add the App Registration as a member
        • Step 3 - Add PowerBI Portal group to a specific security group in Power BI
        • Step 4 – Give PowerBI Portal Workspace Permission
        • Step 5 - Add PowerBI Portal as a capacity administrator in Power BI Embedded / Fabric
      • Configure Export Power BI report to file
      • Integration with Analysis Services
      • Embedded Front Office
      • Capacity List
    • Privacy
    • Security
    • Changelog
  • Guides
    • How to Use
      • Adding a New User
      • Adding a New Report
      • Associating a Report to a User
      • Accessing Front Office
      • Managing Files
      • Managing Playlists
      • Leveraging Power BI Portal API
      • Accessing History
      • Conducting Audit
      • Advanced use: Tokens and RLS
    • Power BI Portal Settings
      • Power BI Access Settings
      • Power BI Embedded/Fabric Settings
      • Appearance Settings
      • Notification Settings
    • Articles
Powered by GitBook
On this page
  • Access and Authentication
  • Maintenance
  • Data Protection and Backup
  • Vulnerability and Threat Management
  • Encryption and Secure Communications
  • Compliance and Certification
  • Audit
  • Policy Enforcement and Monitoring
  • Incident Handling and Recovery
  • Third-Party Integrations
  • Continuous Improvement
  1. Technical

Security

PowerBI Portal implements robust security measures to ensure the confidentiality, integrity, and availability of user data. Below is a detailed breakdown of the implemented protocols and compliance measures:

Access and Authentication

  • Multi-Factor Authentication (MFA): Can be enforced for all users to enhance login security.

  • Role-Based Access Control (RBAC): Permissions are granted based on user roles and limited to necessity.

  • Secure Authentication Methods: PowerBI Portal supports Microsoft and Google logins, ensuring compliance with secure authentication practices.

Maintenance

The application is fully cloud-based on Microsoft Azure, which ensures:

  • Security updates: Automatic security updates, including OS patches and antivirus definitions.

  • High Availability: Ensures the solution is always accessible to users.

  • Scalability: Dynamically adjusts resources to handle varying workloads.

  • Security Compliance: Aligns with industry standards, benefiting from Azure’s advanced security features, including DDoS protection and built-in encryption.

Data Protection and Backup

  • Sensitive Data Management:

    • Sensitive data is encrypted using Azure SQL Database.

    • Masking and encryption ensure secure storage and transit of data.

  • Data Backup and Restoration:

    • Regular backups, including point-in-time snapshots, are automatically performed.

    • Periodic restoration tests verify data integrity and recovery procedures.

Vulnerability and Threat Management

  • Regular Assessments:

    • Static code analysis (e.g., SonarQube) and periodic penetration testing are conducted.

  • Anti-DDoS and Web Application Firewall:

    • Microsoft Azure provides built-in DDoS protection and a Web Application Firewall (WAF).

  • Reduced Attack Surface:

    • Minimization of unnecessary services and regular patching ensure reduced vulnerabilities.

Encryption and Secure Communications

  • Data Encryption Standards:

    • AES-256 encryption for sensitive data.

    • TLS 1.2 or higher for secure communications.

  • Certificate Management:

    • Certificates issued by reputable CAs with secure configurations (e.g., >2048-bit RSA keys).

Compliance and Certification

  • Frameworks and Standards:

    • Compliance with GDPR, ISO 9001, and Microsoft Cloud Adoption Framework (CAF).

  • Data Ownership and Management:

    • Customers retain ownership of report data, and only minimal user information (e.g., email) is stored securely.

Audit

  • Logging and Monitoring:

    • All user activities and integration transactions are logged for audit purposes.

    • Logs are protected from tampering and regularly monitored for anomalies.

Policy Enforcement and Monitoring

  • Organizational Measures:

    • Staff undergo continuous training via resources like Microsoft Learn, Pluralsight, and Viva Learning.

    • Corporate devices are managed through Microsoft Intune and Defender.

  • Access Rights Validation:

    • Regular audits ensure alignment between technical permissions and documented access rights.

Incident Handling and Recovery

  • Response Process:

    • In case of breaches, incidents are documented, root causes identified, and mitigation steps implemented.

  • Data Deletion and Disposal:

    • Data is securely wiped or deleted upon user request or contract termination.

Third-Party Integrations

  • No sensitive user data (e.g., Power BI Reports data) is stored on PowerBI Portal servers.

  • Access tokens are stored locally on the client’s browser and follow Microsoft's OAuth guidelines for Power BI API access.

Continuous Improvement

  • PowerBI Portal adopts an agile development approach, incorporating user feedback and evolving to address new threats.

  • Regular updates and compliance audits ensure the platform stays aligned with the latest security and data protection standards.

PreviousPrivacyNextChangelog

Last updated 5 months ago

This documentation highlights PowerBI Portal's commitment to delivering a secure, compliant, and user-focused environment for sharing business intelligence insights. For detailed technical specifications, refer to .

Microsoft Azure Security