Presentation is loading. Please wait.

Presentation is loading. Please wait.

Governance for PowerBI

Published byClaus Siegel Modified over 5 years ago

Similar presentations

Presentation on theme: "Governance for PowerBI"— Presentation transcript:

1 Governance for PowerBI
Yana Berkovich, Vancouver BC Microsoft Data Platform MVP

2 Orga and Main Sponsors You Rock! Sponsor Many thanks to our sponsors, without whom such an event would not be possible.

3 Sponsors (Gold) Many thanks to our sponsors, without whom such an event would not be possible.

4 Sponsors continued Silver: Global: This event is climate neutral: Bronze: Many thanks to our sponsors, without whom such an event would not be possible.

5 About Me https://www.linkedin.com/in/yanaberkovich
BI Analyst & DEV, Data Platform MVP Consultant, Product Manager Currently PHSA – Reporting stream lead Provincial Healthcare Services @Yana_Berkovich

6 Agenda What is Governance? PowerBI in 2 slides… DATA!!! Security - Information Access Sharing, publishing and license types SDL Visual Governance Reporting the reports Enforcing? Best Practices and Lessons Learned

7 A formal framework that provides a structure for organizations to ensure that IT investments support business objectives. ITIL – Information Technology Infrastructure Library GRC – Governance Risk & Compliance ISO 27001

8 We are using PowerBI for:
Connect to Data sources Create Reports/ dashboards/ Applications Collaborate and Share Data Insights

9 What is currently part of PowerBI
8/12/ :08 PM Power BI desktop Power BI Desktop is the report authoring tool - Access data from various data sources and transform them for your reporting needs Power BI Service – Pro/ Premium (Capacity, Licensing and Monitoring) Browser based portal - Share and collaborate with your collogues and wider audience PowerBI Report Server On premise solution for organizational reporting PowerBI Mobile Mobile Application, can be connected to your PowerBI on pemise or the cloud PowerBI Data Gateway Install in your organization, to enablesecure data connection (same as for PowerApps) Embeded Analytics PowerBI in Azure, set powerBI when needed, in the Azure portal Use PowerBI REST API & JS to embed in your applications How to design reports in Power Bi Desktop How to publish to Power BI Service © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

10 It is Self Service BI so why Governance?
Don’t let it be the new white elephant Fast corporate reporting Measure the usability and the impact of your reporting Information security Corporate Culture Regulations Reporting to Stakeholders

11 Where the data goes & where it comes from?
Premium with dedicated storage Reports O365 Apps Publish Server

12 Data Is the King (in the North...)

13 Data Lifecycle Create Store Use Share Archive Delete

14 Where is Governance involved?
Direct Query? Cash/import data? Design Data Integrity Scheduled connections On Prem DB Who can Edit? How and who access Data Source? Templates and custom visuals to use Who can consume? Similar across devices? Special authentication?

15 O365 tools for Data Governance
Data Retention – Labels Policies Sharing – Workspace & Application Archiving – if the data source in o365 Delve – Check the results to find slips in data governance

16 Where my data is? Premium Capacity
Compliance with the local rules (GDPR) Premium capacity location

17 Data Sources – how to connect?
Install data gateway – Why do we need data Gateway? Personal data Gateway – not for organizations, will not work for other users Organizational/on premise– set with organizational user – password expiry and security Configure the gateway in the report refresh, to avoid entering credentials Create Application user Enable organizational access, set the user to access the data source (SQL) Data Refresh Online - Defined on the Data Set not the individual report or dashboard Report Server on premise – Access and permissions are defined on the folder level Gateway has to be online and reachable – is your machine on? Direct Query Access – Online Synchronization Same user that is creating the PowerBI report has to publish it (Application or Admin) A report can have multiple data sources, A report cannot be Direct Query and multiple data source Direct Query report has to have only 1 data base/source to access!

18 Security Access Control & Who is Dave?

19 Let’s start with the most celebrated topic… (Credits: @geek_king)

20 Security Dave against the information security – the human error
When sharing publicly - I can tweet it and everybody in the world can see! It is just a link Sending the reports as a .pbix file– no encryption, no permissions, anyone can download desktop version and access Well print screens… Watch the groups! Who is in your group/Workspace? Does she still work here? Is the report shared with all the group members? What are the specific roles assigned to group members? How is it different from O365? It is! Create alerts for access/changes in groups Create group review schedule Premium capacity – dedicated access report

21 Data Security – Who can Access my data??
Pro – only other Pro users can view Premium gives view access to entire org B2B/ Embedded gives external share Access Management can be done through groups to the groups Workspace The Access management through groups can be done directly in O365 – People or through PowerShell External Business Users with O365 B2B Premium capacity - External users including token based authentication

22 The “New Way” Add the permission directly to your workspace No O365 groups are involved Internal Azure AD users B2B users that are trusted Permissions types: Member Admin Contributor

23 The “Old Workspace” How to add people to your Group?
Use Groups to manage peoples access to your PowerBI Workspaces Similar to Outlook distribution lists Permissions types: Owners Guests Blog- link Vignesh's SharePoint Thoughts

24 Directory Management – Groups
Policy in azure ad allows admin to restrict group creation only on outlook and all group applications Multi domain support Working on policy for group expiry Hidden membership Separate groups by corporate policy type – will follow other organizational content Usage guidelines Multi domain and creating groups in specific domain Usage reporting Hybrid – support for groups solution for Hybrid scenario Remember Dave! Check who is in your group and set policies

25 The B2B challenge /opportunity
Trust on the Azure AD level can be established between organizations The users from one company can be added to another, recently with EDIT permissions Scenarios: Consultants & support don’t need another license Clients and partners can share reports Manage additional security layer More data bridges and “Dave” problems

26 PowerShell helps bringing security governance to life
Connect to Azure AD – the place where the access is managed List of roles in tenant Command: Add the user to the role: See what Dave is up to in his roles

27 Access control Granular access control on who can view the data RLS- data is presented based on permissions user has The general rule still applies: Premium gives view access to entire org Pro – only other Pro users can view so no we cannot assign roles to people outside the group and expect them to see

28 Row Level Security inside the report
Roles are assigned in the PowerBI top menu, designed to customize which information can be viewed based on DAX query filters on the dataset level

29 Access control – Overview
Workspace – grant access to all reports and their data sets so they can be edited Application – Publish some of the reports and allow users to view without editing Embed report – add report to application and use its authentication Inside the report – RLS users to see their data according to their internal permission Additional capabilities: Limit download Limit access to data set Allow/deny users to publish

30 Reporting and tracking Access & Usability
Enabling the data collection for usage metrics for each repot. To view and collect for the entire organization all reports – O365 admin portal

31 Sharing, Publishing and your license

32 Who is Important Enough??
Pro & Premium: who gets the pro? Editor in each org? each group? IT controlled only? Cost efficiency analysis when users number reaches x What is the process to request a user? Who is making the decision? Each group gets a pro user in Premium? Free Pro License Premium License Report Server (SQL 2017 or PowerBI Reporting) Azure on demand For more information check PowerBI.com Or great webinar by Ted Pattison – MVP, who starts with all the licensing options Link He is also speaking here 

33

34 Publishing vs Sharing Using PowerBI App – Allows permissions, push to group, selective publishing of content, “production” environment Publish content pack Publish to Web – an addiction of many Embed in Azure Publish in the Report Server Using Share Report by option, allows sending a report to users with the cashed data. If user has connection through Data Gateway and direct query the data will refresh adding more access requests Download as Excel Download as PPTX Share dashboards and reports in other apps – “Embedding” in SharePoint Publish to the web Share in One drive in your group

35 Report Server security and publishing
Edit permissions from AD groups not O365 groups Publish report by folder Define refresh policies

36 Publishing and Sharing & the end of content packs
How are apps different from content packs? Apps are an evolution and simplification of content packs Which helps enabling governance policy? APPS Content Packs Governance Maintain Grouping and Identity loses its grouped identity: it's just a list of dashboards and reports Apps – Identity and data access 1:1 Workspace to App (to group…) Multiple content packs from workspace CP – Different content vs. continue based on group Allows selective publishing Both Push notification when created to users, link the app Send the content pack, link report or dashboard Apps – linkable, single source of truth The way to publish your content Will be deprecated Why didn’t I just start here???

37 „The Circle of Life“ PowerBI & SDL

38 Software Development Lifecycle in PowerBI The “New Way” Azure Dev Ops
Stage 2 Use pipeline to deploy the report in the portal (multiple authentication not supported yet) Stage 1 Create repository of .pbix files Use Git commands to commit the report

39 Release Management Release management for application in the workspace
“Product Release” option for PowerBI Application

40 The “Old Way” – Governance Policy
Selective Publishing Prod – Entire organization Application Group Workspace Prod Workspace - Dev Workspace Test Dashboards Dashboards Dashboards PowerBI App Reports Reports Reports Site SharePoint/ Web Dataset Dataset Dataset PowerApp Can Directly connect through API

41 Visual Governance – Visual Guidance Policy

42 Self Service BI…We can make it so pretty….
From: ADOBE Blog Show reports and see if people get what they are about The fish report Vs Performance report for tickets

43 Recommendations for Successful UI
Place users in control of the interface Easy Navigation Be predictable - consistency Be acknowledging Clear concise fonts, titles etc. Avoid clutter – clean design Be intuitive

44 Layout How to divide your canvas? Once decided, Consistency between reports Alignment (LTR unless middle East) , order, and proximity

45 Branding Templates - Reports colors, Color scheme, fonts, frame sizes… Corporate Layouts – in report server Corporate backgrounds and guides Corporate Theme can be added

46 Theme (Release link Sep) Colors Fonts Text Size
Data Labels control (not for the custom visuals) Report Theme Generator for the UI Designers LINK Theme creation for the color match challenged LINK (Thank you Charles Sterling!!!) (Release link Sep)

47 Data Visualization Recommended Best practices (Rules)
Do not use pie Charts (Storytelling with data) Use the 9 gestalt principles Add Tooltip Add Data Labels Avoid not necessary lines / colors One glance

48 Data Visualization

49 What are the custom visuals and where can we find them?
Custom visual gallery Azure functions How do we use them? Can be added as a file Can be added from the store Can be created What can go wrong? The visual is not added as a default – new report? Upload visuals from scratch Filters -Not always filtering and reversing correctly Usually Themes are not effective Code might not be updated Maps support different coordinates Mobile display R Scrip installation Dashboard crashing…

50 Alternative visuals to bar charts
Picture Name Functionality Usage Brickchart vs Treemap Colors area according to percentage value, Similar to Treemap just colors instead of rectangle size. To emphasize each part of total – sales of product, stock revenue from total PyramisChartCollabion Displays percentage from the total value of each layer Scan population, describe many layers of different sample or metric size Table Heatmap Display several measures for each category, to compare the results in table Compare sales of different products, colors to view which brand has most sales

51 Comparing Pies Sales Report
Ring Chart Display 2 Measures – primary & Secondary Great for filtering and drilling down for complex hierarchy Product breakdown Sun Burst Display 1 measure for grouped values Manufacture calendar, performance per day track Drill Down Donut Chart Display time hierarchy Any time filtering needs Preferably Never…

52 Visuals about visuals Currently there are 106 visuals in the visual gallery 2 Dashboards in the data Story Gallery describe and classify them

53 Reports about the Reports

54 Which Enforcing tools have we got?
Templates and Visual Guides – can be overridden Publishing methods are restricted (Premium vs Pro) Monitor the views and reports – log view/Embeded Create alerts and policies for suspicious activity – Using other tools – Embedded Applications across devices – Where the application can be viewed – more control

55 Enabling the Governance
Export and Sharing Can people publish to the web? Can data be exported? PowerPoint is still in Preview, should we use that and risk complains? Print settings (Dave still got print screen )

56 Premium Capacity Advanced Governance Portal
Users Access Capacity Data – Datasets, refresh, measures efficiency, visuals usage Premium Capacity Metrics (All pictures from Microsoft site PowerBI.com not customer data)

57 Embedded Embed the Analytics in the PowerBI app Use the Azure to add the analytics to your app and analyze its usage us/services/power-bi-embedded/ Decision making regarding the app usability, control and publishing

58 Content Pack and App Settings

59 Who published what when and is it still active?
The full list of all your embed reports Who published them and where can they be found Usage and other metrics in premium or the PowerBI Imbedded on Azure

60 Mobile App – Microsoft InTune Software publisher
Configuring publishing and other app policies for PowerBI mobile applications on iphone Adding Conditional Access Features PowerBI Application in your organization Corporate device enrollment Adding the App URL into the Intune software

61 Reporting the Reports Audit Logs – O365 Admin
Audit Logs – Gives the log list starting mid November for usability Can be exported and report can be created

62 Audit Logs through Embedded and Azure
provides reporting on the entire PowerBI usage in the organization No of users Users Accesses Access by date Data Refresh – scheduled and performed Gateway Lifecycle – active and used Pro Trial status (preview feature) Usability reports for each App Usability reports for dashboards User Access reports

63 Access Reports about the Reports
O365 Admin portal PowerBI Preview - AdminPortal in your PowerBI console online Embeded via Azure PowerBI Premium – control over performance and scale – Organization wide control for access and queries Enables Performance review – which reports and apps are the most used?

64 How fast is our dashboard?
Performance Inspector Helps optimizing the performance

65 Lessons Learned and Summary

66 Lessons Learned Design your governance policy ahead of starting – Framework Data Security Data Integrity Access Visual Monitoring Licensing decisions Design your KPI’s around PowerBI – Where are you going and why? Build the process automate it

67 Summary not just for the Governance
8/12/ :08 PM What Business Question does the visualization help us solve? What data driven decision will it help making? Who is going to see the data visualization? Where is the data coming from? © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

68 Governance Summary Policies Rules and regulations Frequent reports Check where does Dave belong and create processes around adding and terminating employees and partners

69 Thank You!!! Q&A??

70 SQLSaturday #880 - Munich

71 PASS Deutschland e.V. For further information about future events, visit our PASS Deutschland e.V. booth in the exhibitor area.

72 Orga and Main Sponsors You Rock! Sponsor Many thanks to our sponsors, without whom such an event would not be possible.

73 Sponsors (Gold) Many thanks to our sponsors, without whom such an event would not be possible.

74 Sponsors continued Silver: Global: This event is climate neutral: Bronze: Many thanks to our sponsors, without whom such an event would not be possible.

75 Data Sources: PowerBI.com – community, blog, site Guy in the Cube ignite 2017 Governance in PowerBI Brett Powell MVP Frontline Analytics presentation-from-ignite-2017/ Mastering Microsoft PowerBI Power-Brett- Powell/dp/ /ref=sr_1_1?s=books&ie=UTF8&qid= &sr=1- 1&keywords=mastering+power+bi PowerBI Data Governance White paper- us/power-bi/service-admin-governance

Download ppt "Governance for PowerBI"

Similar presentations

Power BI Sites and Mobile BI. What You Will Learn Sharing and Collaboration Introducing Power BI Exploring Power BI Features and Services Partner Opportunities.

Power BI Sites and Mobile BI. What You Will Learn Sharing and Collaboration Introducing Power BI Exploring Power BI Features and Services Partner Opportunities.
OM. Brad Gall Senior Consultant

OM. Brad Gall Senior Consultant
Intro to Datazen.

Intro to Datazen.
#SQLSAT454 Using Power BI in Enterprise Andrea

#SQLSAT454 Using Power BI in Enterprise Andrea
Welcome! Power BI User Group (PUG)

Welcome! Power BI User Group (PUG)
Give more power to the users! - Decision Support Using Power BI

Give more power to the users! - Decision Support Using Power BI
SharePoint 101 – An Overview of SharePoint 2010, 2013 and Office 365

SharePoint 101 – An Overview of SharePoint 2010, 2013 and Office 365
Tools and Tips for Administering Office 365

Tools and Tips for Administering Office 365
Power BI for the Enterprise

Power BI for the Enterprise
Data Platform and Analytics Foundational Training

Data Platform and Analytics Foundational Training
Mile Hi Power BI User Group

Mile Hi Power BI User Group
Power BI for the Enterprise

Power BI for the Enterprise
9/12/2018 6:21 PM BRK2203 Protect and control your sensitive emails with new Office 365 Message Encryption capabilities Praveen Vijayaraghavan Principal.

9/12/2018 6:21 PM BRK2203 Protect and control your sensitive s with new Office 365 Message Encryption capabilities Praveen Vijayaraghavan Principal.
Leveraging the Business Intelligence Features in SharePoint 2010

Leveraging the Business Intelligence Features in SharePoint 2010
Make Power BI Your Own with the Power BI APIs

Make Power BI Your Own with the Power BI APIs
5/22/2018 1:39 AM BRK2156 Power BI Report Server: Self-service BI and enterprise reporting on-premises Christopher Finlan Senior Program Manager © Microsoft.

5/22/2018 1:39 AM BRK2156 Power BI Report Server: Self-service BI and enterprise reporting on-premises Christopher Finlan Senior Program Manager © Microsoft.
Creating Enterprise Grade BI Models with Azure Analysis Services

Creating Enterprise Grade BI Models with Azure Analysis Services
Welcome! Power BI User Group (PUG)

Welcome! Power BI User Group (PUG)
Get to know SQL Manager SQL Server administration done right 

Get to know SQL Manager SQL Server administration done right 
What’s new with Power BI /guyinacube.

What’s new with Power BI /guyinacube.

Similar presentations

Ads by Google