ray malone on 23 Nov 2017 00:52:51
Build an approval process for Gateways before they become Active on a tenant. The approval process would be manged by the Power BI Admin. This approval process could be a feature the Power BI Admin can enable / disable, defaulting to disabled to retrain backward compatibility.
Current reality allows anyone with a Pro License to push any internal data they have access too to the service. With the right permission they can then push this data public without restrictions.
This feature is a must have in an Enterprise concerned about how data is used / managed. Just because some has access to a data source doesn't mean Data Admin wan't this source to become publicly available via Power BI Service.
- Comments (22)
RE: Approval Process for Gateways / Prevent Personal Gateways
A tenant setting should be enabled to get overview of enterprise and personal gateways, and then disable the use of personal gateways in the tenant to avoid Data Breaches or Governance issues by cowboy analysts.
RE: Approval Process for Gateways / Prevent Personal Gateways
A simple admin portal operation that would default with open to all, however if set would grey out the "Manage Gateway" option for anyone not added?
RE: Approval Process for Gateways / Prevent Personal Gateways
This admin control would be helpful, as we are supporting the organization through enterprise gateways, but once we have seen people creating personal gateways causing security and data integrity issues.
RE: Approval Process for Gateways / Prevent Personal Gateways
Lack of this kind of feature is probably going to result in a lot of my clients just blocking the power bi service.
RE: Approval Process for Gateways / Prevent Personal Gateways
'+1. This is a serious security flaw that needs at a minimum, the ability to be turned on and off at the tenant level.
RE: Approval Process for Gateways / Prevent Personal Gateways
This really needs to be resolved.
If admins cannot control this, we are risking security and data integrity issues.
RE: Approval Process for Gateways / Prevent Personal Gateways
This is a major data security issue. I can't believe Microsoft would release a functionality like this without giving Admin's a way to control it. This can lead to potential data leaks all over a company and has me reevaluating our Power BI Subscriptions.
RE: Approval Process for Gateways / Prevent Personal Gateways
This is a big security hole for us. We have an enterprise gateway, which allows us to see what data sources are being accessed and control access (which is great), but this all goes out the window because anybody in the company can install a personal gateway. We don't know what data is flying around the place.
Appreciate the flexibility is great for some organizations, but not ours. We please need a way to disable personal gateways at the organizational level.
RE: Approval Process for Gateways / Prevent Personal Gateways
I am in the same boat as others...while office 365 auditing has kept the wolves at bay, we still need the ability to prevent personal gateways, approve who can do a gateway (or whitelist users), and be able to see settings of all gateways for reporting/auditing purposes.
I know gateways are not 100% a BI resource and is available for use with other PowerApps, should it be spun off to its own team so that concerns like the ones mentioned below can be corrected? I have been waiting almost a year like Ray and no mention of these security issues being addressed.
RE: Approval Process for Gateways / Prevent Personal Gateways
This is a MUST for our org to use Power BI at an enterprise level. Power BI Admin console does not provide enough audit and controls for admins.