are you familiar with the “Publish to Web” feature in your Power BI service?
Are you the Power BI Admin in your organization?
Ok, than let’s talk immediately!
If you arn’t familliar with this function here some hard facts:
If you publish a report to the web your data is on the web!
May be this messages are looking famillar to you:
Now let’s be honest do you read this messages or a better question would you read this messages If you look at them? I suppose not! And why could this be? I think it’s easy to aswer because it look like every other message. There’s nothing there that makes me think I’m doing something that could be bad. And that’s exactly the point. Ruth recently published a very good video
In this video Ruth descirbes why you shouldn’t enable this feature for the whole organization. The most important sentence was ” A simple google search will reveal 25,500 public Power BI reports and not all of them should be public. ”
My blog post will shortly explain “How a admin can be informed immediately if someone in his organization use this function?” If you have the approach of a managed self service and you’re organization want to leave this feature on you can use this instruction very easy to set up a notification alert.
In generell I would rather recommend to create a security group for this feature and only allow people which are aware of this powerful function. You can configure this feature in the Power BI Service Admin Portal.
- You must have activated the autit logs in the Power BI Admin Portal and set up a activity notifications in the protection center (https://protection.office.com/managealerts)
Audit Logs in Power BI Admin Portal can be activated here:
You have to be assigned the View-Only Audit Logs or Audit Logs role in Exchange Online to search the audit log .
Activity Notification can be found in the protection center (https://protection.office.com/managealerts
If you are in the Auditlog Role will be enough to set up the notification alert.
- And you need Power Automate (https://emea.flow.microsoft.com) for this as well
The result you get after you set up the whole thing you will get this:
Also you will get this too:
What do you think? Would you use it in your own organization?
Let me know what you think and have fun with the instruction, If you have any question please let me know.