How secure is Row-Level Security in Power Bi?

0
votes

I am wanting to know how secure Row-Level Security is.

We are currently working on creating a dashboard that would be shared with 500 users within our organisation. All of these users are managers and we would be using dynamic row-level security so that each user would only be able to view information in the dashboard related to their own team.

I have tested RLS and it worked fine, but I have had another Power Bi user tell me that RLS is not completely secure as my base data is coming from excel. My base data is in excel, but I convert it into a pbix file in Power Bi desktop before creating the role, then publishing to power bi service, where I assign users to the role and give read only access.

I am wondering once I have shared the dashboard with these users is there any way for them to get around the RLS and access the base data?

Thanks in advance, Amy

1
powerbi

1 Answers

0
votes

There are a number of factors to consider for imported data.

If the user can download the report, they could remove the role and access all the data. I would recommend turning this off in the Power BI Admin protal for selected users, or an AD group.

They could connect to the dataset via Excel or another report and get the data that way without the role level filter being used. Having them as read only is one way of stopping them altering the report. I would suggest deploying the report as an app, then they can only access the surfaced report not the underlying dataset.