234
Build an approval process for Gateways before they become Active on a tenant. The approval process would be manged by the Power BI Admin. This approval process could be a feature the Power BI Admin can enable / disable, defaulting to disabled to retrain backward compatibility.

Current reality allows anyone with a Pro License to push any internal data they have access too to the service. With the right permission they can then push this data public without restrictions.

This feature is a must have in an Enterprise concerned about how data is used / managed. Just because some has access to a data source doesn't mean Data Admin wan't this source to become publicly available via Power BI Service.
STATUS DETAILS
Completed

This is available now:

https://docs.microsoft.com/en-us/power-platform/admin/onpremises-data-gateway-management#manage-gateway-installers

Comments

r

I am in the same boat as others...while office 365 auditing has kept the wolves at bay, we still need the ability to prevent personal gateways, approve who can do a gateway (or whitelist users), and be able to see settings of all gateways for reporting/auditing purposes.

I know gateways are not 100% a BI resource and is available for use with other PowerApps, should it be spun off to its own team so that concerns like the ones mentioned below can be corrected? I have been waiting almost a year like Ray and no mention of these security issues being addressed.

r

This is a MUST for our org to use Power BI at an enterprise level. Power BI Admin console does not provide enough audit and controls for admins.

r

I like Casey's idea of a simple tenant setting that will enable/disable personal gateways. The individual approval process requested by Ray sounds great but I would imagine Casey's idea is faster for the Power BI team to implement.

r

There are a large number of governance and data security issues which need to be addressed.

This was one we had not considered but is quite valid and concerning.