Top Essential Actions for Governing Power BI - Melissa Coates Coates Data Strategies - Coates Data ...
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Top Essential Actions
for Governing
Power BI
Melissa Coates
Coates Data Strategies
March 25, 2021
Download slides: CoatesDS.com/Presentations
Melissa Coates
Data architect | Technical trainer | Consultant
Specialist in Power BI governance & administration
Microsoft Data Platform MVP
Owner of Coates Data Strategies
@SQLChick | @CoatesDS
Creator of Power BI Deployment & Governance Workshop
Power BI Data Culture & Architecture Security & Adoption &
Governance Center of Excellence Decisions Data Administration
Protection
Top Essential Actions for Governing Power BI
Agenda
Data Governance Top 10 Final
Overview Actions Q&A
Things You Can Do Right Now
Top Essential Actions for Governing Power BI 1. Deeply understand the centralized & decentralized BI approaches in use 2. Focus on data trustworthiness 3. Define your guiding principles 4. Implement short, clear, data policies for the most important items 5. Set accountability expectations with clear roles & responsibilities 6. Invest in a data-centric audit & protection strategy 7. Be transparent about system administration decisions 8. Analyze & act on data for adoption, auditing & training 9. Foster your internal community, support, training & resources 10. Actively cultivate your data culture
Where to Download Materials
Slides:
CoatesDS.com/Presentations
Where Are You At? I’m assuming that… You are using Power BI currently & have experienced some successes You are familiar with the basics of deploying Power BI content You are aware there are areas of improvement with how you oversee Power BI
Data Governance Overview
When Does Data Governance Come In? Source: https://docs.microsoft.com/en-us/power-bi/guidance/powerbi-migration-overview
Two Paths
Building out the
governance groundwork
Handling the most
pressing analytical needs
Focus on continual, iterative, progress on both paths.
What Do We Mean by Data Governance?
Data Data Platform & System
Strategy Architecture Administration
Data Policies, Risk Management
Standards & Processes & Compliance
Data
Master Data Governance Business Process
Management Management
Change Data Internal
Management Quality Audit
Data Data Data Business
Applications Databases
Integration Lakes Warehouse IntelligenceDefining Data Governance
“ A system of decision rights and accountabilities
for information-related processes, executed
according to agreed-upon models which describe
who can take what actions
with what information,
and when,
under what circumstances,
using what methods.
”
Data Governance InstituteData Is Governed When It Is…
Trustworthy Secured
The right data The right people
Managed & Documented &
Audited Understood
The right way The right reason
→More info: CoatesDS.com/blog/what-is-governed-dataWhy Do Users Care About Data Governance?
Is the data I Who owns this
want available? data?
Can I trust this
data that I am
using?
What is the Am I in
system of record compliance for
for this data? what I want to
do?Effective governance can
dramatically improve user experience
–if–
user enablement is a primary objective
(within the requisite guardrails)Tip 1: Deeply understand the centralized & decentralized BI approaches in use
Business Intelligence Approaches
Top- Blended Bottom-
Down Up
Enterprise Managed Business-Led
BI Self-Service BI Self-Service BI
Centralized Decentralized
Data
Central IT/BI/COE Business authors
ownership
:
Report Business authors
Central IT/BI/COE
ownership:Business Intelligence Approaches
Top- Blended Bottom-
Down Up
Enterprise Managed Business-Led
BI Self-Service BI Self-Service BI
Centralized Decentralized
Most organizations have all 3
approaches actively happening,
whether you’re aware of it or notThings Assess your current state: know what’s
you can working & what’s not.
do right
now
Make a specific plan for iterative, continual,
improvement.Things Determine which groups can – and should –
you can manage their own content.
do right
now
What exactly does that look like?Things Decide how to handle co-ownership you can scenarios, when data & reports are owned do right now or managed by multiple teams.
Tip 2: Focus on data trustworthiness
Data Is Governed When It Is…
Trustworthy content is a key pillar of governance:
Trustworthy Secured
The right data The right people
Managed & Documented &
Audited Understood
The right way The right reason
→More info: CoatesDS.com/blog/what-is-governed-dataWhat Do We Mean by Trustworthy Content?
Content quality is assured Approved, common
definitions and KPIs are used
Owner, SME, and steward
responsibilities are clear Data provenance &
lineage are clear
Data duplication is
minimized with reuse Data & load processes are
managed & secured
Awareness of content which Clear expectations about
is discoverable & findable responsible data use
→More info: Improving Trustworthiness of Power BI Content at CoatesDS.com/presentationsDecoupling Data & Reports
A shared dataset is intended for reuse across multiple reports
Also known as:
Shared dataset: Sales Data
Golden
dataset & thin
Live Connection Analyze In Excel reports
YTD Sales
Product Channel Hub & spoke
Sales Sales by method
Reports: Revenue
Analysis Product
→More info: CoatesDS.com/blog/5-tips-for-separating-power-bi-datasets-and-reports“Discipline
at the core
&
flexibility
at the edge
”
https://docs.microsoft.com/en-us/power-bi/guidance/center-of-excellence-
microsoft-business-intelligence-transformation#discipline-at-the-coreDecoupling Data Preparation from the Model
Dataflows are intended for reuse of data preparation across datasets
Power Query
Customer Master Dataflow(s) Online
Dataflow:
Customer Sales
Shared Sales Data
History Programs
Datasets:
Channel Product Sales
YTD Sales Customer
Sales Sales Program
Reports: Revenue Retention
Summary Analysis EffectivenessTaking Things Farther with Composite Models
Data
sources
DirectQuery for Power BI dataset
Additional Additional
data sources data sources
Live Connection
→More info: https://powerbi.microsoft.com/en-us/blog/directquery-for-power-bi-datasets-and-
azure-analysis-services-preview/What Can Be Endorsed?
Certified
The author wants to signify the content is trustworthy
Promoted
The author wants to amplify that the content is available
Data: Reports: Set of Reports
Power BI Report & Dashboards:
Dataset
App
Dataflow Paginated Report
→More info: Improving Trustworthiness of Power BI Content at CoatesDS.com/presentations
→More info: https://docs.microsoft.com/en-us/power-bi/collaborate-share/service-endorsement-overviewThings Use shared datasets when data is
you can useful for > 1 analysis to reduce risk
do right of inconsistencies, and lessen
now
compliance concerns.Things Decouple your dataset creation & report
you can creation work.
do right
now Teach content authors new habits for how
to work so they can take advantage of
data reusability.Things Use certified & promoted endorsements.
you can
do right Create a specific review process for
now certified data to ensure that
certification = trustworthiness.Tip 3: Define your guiding principles
What is the Right Balance?
Risk Management
Enablement Compliance
Flexibility Security
Data Sharing Privacy
Standardization
Data IntegrityFinding the Right Governance Focus
Offense strategy Defense strategy
Revenue growth, Risk reduction,
cost reduction, govt & industry regulations,
decision-making data privacy,
improvements compliance laws
Some tolerance for Greater investment
“multiple versions of in “single version of
the truth” the truth”
Some chaos accepted to Stability over chaos
encourage speed & is highly valued
innovationExample guiding principle:
Everyone is a data steward
Responsibility for the governed and
secure delivery of data rests equally among
content owners, subject matter experts,
and COE members.Example guiding principle:
Our most critical data elements are
most actively managed during the
information lifecycle
Not all data has the same value.
Our critical data elements are managed and
monitored to a greater degree.Things Figure out if you are playing offense or
you can defense when it comes to governance
do right decisions.
now
In other words, figure out your why.Things Get consensus on your top few guiding you can principles with your executive sponsor – do right before any data policies are crafted. now
Tip 4: Implement short, clear, data policies for the most important items
Inputs & Outputs of a Data Policy
Organizational Objective High-level strategic vision
Guiding Principle A statement of belief
Policy What needs to be done and why
Support
Process or Controls & details for how
Procedure a policy is implemented Auditing &
Assessments
A measurable level
Standard of attainmentA Simplified Example
Improve decision-making throughout
Organizational Objective the organization
Critical data elements (CDEs) are
Guiding Principle identified, managed, and audited
Datasets containing CDEs have data definitions,
Policy sensitivity labels & are certified
Process or Data certification process
Procedure Data definition procedure
100% of certified datasets have an owner
Standard
85% of certified datasets are reviewed 2x/yrData Certification Process
At a minimum, include:
Data Certification Report Certification
Data source & lineage review Report content review
Data model tech review Slightly lighter data review:
Security review Data source & lineage review
Data model tech review
Data accuracy validation
Security review
Documentation review Data accuracy validation
Documentation reviewThings Determine what existing decisions you
you can should align with & reuse from your data
do right governance board, change management
now board, etc.
What differs for a self-service BI platform
like Power BI?Things Make sure the data policies can be easily
you can searched & referenced by your internal
do right
Power BI users.
now
Use a consistent organizational approach
so users aren’t surprised.Things Pick your most important thing to start with.
you can
Examples:
do right
now • Data certification process
• Data ownership policy
• Data handling policy
(aka data usage & distribution policy)
(aka data classification policy)Tip 5: Set accountability expectations with clear roles & responsibilities
Business Intelligence Approaches
Top- Blended Bottom-
Down Up
Enterprise Managed Business-Led
BI Self-Service BI Self-Service BI
Centralized Decentralized
Your approaches in use, by whom, and how,
will have a big effect how the
roles & responsibilities will be definedDefine Roles & Responsibilities
Does everyone
IT &
Power BI Ancillary understand:
Roles Roles • What are normal
Data
Governance expectations?
Roles
BI &
• What is required?
Business
Developer
User Roles • What is prohibited?
Roles
• Where is flexibility
allowed?Content owners & subject
matter experts in the business
units form the foundation of a
well-governed systemGovernance Checks & Balances
Executive Leadership
Level 3: Audit + Compliance
Internal audit and external audit
Level 2: Data Governance Team + Center of Excellence
Define policies, standards, and procedures
Support business units with questions, issues, and training
Level 1: Business Units + Ancillary Teams
Content authoring, publishing, and security
Data management, data stewardship and validation
The foundation of a well-governed systemThings Get clarity on who your Power BI
you can executive sponsor is, and how much
do right authority this person has for
now implementing policies throughout the
organization.Things Define your relevant roles & responsibilities.
you can
do right Include them within formal HR job
now
descriptions whenever practical.Things Communicate & teach content creators you can what their role is related to safeguarding do right data & the responsible use of data. now
Tip 6: Invest in a data-centric audit & protection strategy
There’s a Lot of Power BI Content Everywhere
Source data in Content published Content exported
databases, apps to the Power BI from the Power BI
& data lakes cloud service cloud service
Datasets PBIX files exported
Files stored in file
servers, OneDrive, Exports to
SharePoint, laptops Dataflows PowerPoint & PDF
Power BI Desktop & Data exports
Paginated Rpt files Reports
E-mail subscription
Excel workbooks images &
Dashboards attachments
Source data files Content
Workbooks embedded in
External tools files
other servicesData-Centric Audit & Protection (DCAP)
DCAP strategy: an approach to information protection that focuses
on protecting the data itself
Know Protect Govern
Identify where data is Define data protection Audit the use of sensitive
located & classify it by policies for how & where data, verify changes to
sensitivity level data is managed to permissions & when user
prevent data loss behavior is not typicalSensitivity Labels A Know > Protect > Govern strategy begins with the classification of content
Sensitivity Labels Drive Policies & Recommendations
Sensitivity Labels
User Data Storage Data Loss Preferred Content
Access Allowed Prevention Distribution
Internal Online Locate App, workspace,
sensitive info sharing
External Offline/download
Conditional Block access Email
Encryption
access Anonymization
Unmanaged
devices
**Many things can be automated; others are educationalData Catalog A Know > Protect > Govern strategy includes a data catalog as a key component. You can’t effectively govern data if you don’t know what you have.
Things Establish a classification taxonomy.
you can
do right Define sensitivity labels in Microsoft 365
now which are:
• Simple & few (4-7 in total)
• Intuitive & can be localized
• Hierarchical
• Generic enough to last a long time
• Broadly applicable across the organizationThings When creating a data handling policy, focus
you can on exactly what you need to prevent for
do right each sensitivity label.
now
Automate what you can with data loss
prevention (DLP) policies in Microsoft Cloud
App Security and/or Microsoft 365
Compliance Center.Things Look into the Azure Purview public preview.
you can
• Self service users: catalog for search, lineage,
do right
now glossary, classification
• Administrators: data map of what data exists,
where, lineage & who uses it
• Compliance: where sensitive data is located & who
uses itTip 7: Be transparent about system administration decisions
Sources of Confusion & Irritation for Users
Why can’t I start
Why can’t I a Pro trial? Why can’t I
create a
export data?
workspace?
Why can’t I
certify a
dataset?
Why can’t I Why can’t I use
share to this custom
Teams? Why can’t I visual?
install a
gateway?Many Settings Affect the User Experience
Tenant Settings
Gateways &
Data Sources
Premium & PPU Settings
Admin Organizational Visuals Licensing &
Portal Free Trials
Azure Connections
Workspaces
Software
Featured Content Installations
→More info: What You Need to Know to Administer Power BI at CoatesDS.com/presentationsWhat we want to avoid is a Power BI administrator deciding *solely on their own* what should & shouldn’t be allowed
Things Review each tenant setting to ensure it is
you can purposeful for:
do right • Behaviors you want to encourage
now
• What you need to denyThings Document settings for the broader internal
you can Power BI community, including which group
do right applies to each setting.
now
This documentation should be easily located
in your internal Power BI community “hub.”Things Review who is a Power BI administrator.
you can Reduce the number of permanent
do right administrators if you have more than a few.
now
If there are people who legitimately need
access occasionally, implement that with
Azure Active Directory PIM (Privileged
Access Management).Tip 8: Analyze & act on data for adoption, auditing & training
Why Activity Analysis is Critical Critical content What content is most frequently used? Is it adequately supported? Change tracking What changes occur, when, and by whom? Internal and external auditing Are you able to satisfy requests from auditors?
Why Activity Analysis is Critical Monitoring adoption efforts Can we analyze not only usage stats, but that the system is being used consistently and optimally/as it was intended? Data trustworthiness levels How many certified vs. non-certified datasets? How many datasets support > 1 report? License usage Who is (and is not) using Power BI, at what frequency?
Why Activity Analysis is Critical Understanding usage patterns How are users *really* using Power BI? Finding training opportunities Is training actively made available to new users, or to encourage specific behaviors? Suspicious usage patterns Are any concerning activities occurring?
End-To-End Power BI Auditing Solution
M365 Power BI MSFT Graph Gateway
Audit Log REST APIs REST APIs Servers
Power BI Workspace Gateways Apps, User Info & Group Power BI Power BI Gateway
Activity Inventory & & Data Capacities Service Prin Membership Licenses Admins Logs
Events Security Sources etc.
PowerShell Scripts
Optional:
Accessed
Data Lake, Power BI Analytical by users
NoSQL, or Auditing Datasets (RLS)
File System Database & Reports
Original raw data Historical transactions & Prepared data for adoption,
JSON files point-in-time snapshots security & auditing
Accessed only by →More info: What You Can Learn from the Power BI Activity Log and
auditors & REST APIs at CoatesDS.com/presentations
administratorsThings Begin retrieving all of the raw data from
you can the Power BI Activity Log if you haven’t
do right already.
now
Augment it with data from the various
Power BI APIs.Things Start learning from the Activity Log data
you can how Power BI is *really* being used by
do right the user population, and take action
now
accordingly.Tip 9: Foster your internal community support, training & resources
Internal Power BI Community
One of the biggest success factors is nurturing the internal
Power BI community with:
Support & Mentoring Knowledge Sharing
Resources Training
Documentation CommunicationOne of the best ways to decrease risk is to increase knowledge
Things Set up an internal Power BI “hub” for
you can documentation, links, resources, training
do right info & announcements.
now
Choose a convenient location where
users frequently work.Things Update the tenant settings so that the you can help menus in the Power BI Service direct do right users to your Power BI “hub.” now
Tip 10: Actively cultivate your data culture
“ A data culture
promotes and encourages
data-driven decisions
by more stakeholders
in more parts
of the organization
”
Matthew Roche – Data Culture Series on SSBIPolar.comGoals of a Data Culture
Increased:
1. Active and consistent reliance on data for decision-making
2. Effective use of data by more stakeholders
Reduced:
1. Reliance on tribal knowledge
2. Hunches & gut decisions from the HIPPO (Highest Paid Person’s Opinion)Do You Need a Center of Excellence? Who will nurture the internal Power BI community and advance the data culture on an ongoing basis? Who will mentor & build your network of Power BI champions & experts? Who will define & manage the governance model? Who will have a cross-departmental view into what’s happening across the organization?
Things Decide who will nurture the internal
you can Power BI community.
do right
now
Make sure they have time, focus,
resources, funding & motivation.Things Create & actively promote guidelines &
you can policies which encourage a balance of
do right
control & empowerment.
nowThings Define specific, measurable, goals for the
you can Power BI community to monitor progress
do right
& retain support for it.
nowWrap-Up, Q&A, Links to More Info
Top Essential Actions for Governing Power BI 1. Deeply understand the centralized & decentralized BI approaches in use 2. Focus on data trustworthiness 3. Define your guiding principles 4. Implement short, clear, data policies for the most important items 5. Set accountability expectations with clear roles & responsibilities 6. Invest in a data-centric audit & protection strategy 7. Be transparent about system administration decisions 8. Analyze & act on data for adoption, auditing & training 9. Foster your internal community, support, training & resources 10. Actively cultivate your data culture
Top Essential Actions for Governing Power BI
Two paths: Building out the
governance groundwork
Handling the most
pressing analytical needs
Focus on continual, iterative, progress on both paths.Q&A
More Resources from Melissa Slides: Diagrams: CoatesDS.com/Presentations CoatesDS.com/Diagrams YouTube: Blog: YouTube.com/CoatesDataStrategies CoatesDS.com/Blog-Posts Power BI Governance Training: Twitter: CoatesDS.com/Workshop @SQLChick | @CoatesDS
Additional Resources Power BI Whitepapers https://docs.microsoft.com/en-us/power-bi/whitepapers Matthew Roche’s Data Culture Series https://ssbipolar.com/building-a-data-culture/ Power BI Adoption Framework https://github.com/pbiaf/powerbiadoption Power Platform Adoption Framework https://github.com/PowerPlatformAF/PowerPlatformAF
You can also read
