In order to deploy and adopt data classification and sensitivity labels in Power BI, let us look at the process step by step, particularly on securing sensitive information within reports:
1. Sensitivity Labels must first be configured and deployed within the Microsoft 365 Compliance Center
For Applying sensitivity labels in Power BI, first, you must make those available in the Microsoft 365 Compliance Center:
Launch the Microsoft 365 Compliance Center, and navigate to the Information Protection section.
From Labels, either Create or Edit the appropriate sensitivity labels needed for your organization. Labels can also be designed to help control sensitive information shared outside the organization, depending on the level of sensitivity, such as personal data, confidential or very confidential.
You may also set up some of the actions associated with the labels, such as encrypting or watermarking the documents.
2. Power BI Enable Sensitivity Labels
Once the administration and management of the sensitivity labels are done from the Microsoft 365 Compliance Center, the next step will be in Power BI enabling sensitivity labels:
Start Power BI Admin Portal.
Go to the Tenant settings and check the Sensitivity labels toggle is on.
This will facilitate the inclusion of the labels in Power BI during report publishing and viewing.
Appropriately label reports and databases with sensitivity labels here.
Within the Power BI service, a sensibility Japanese label can be assigned to reports when created or edited.
3. Go to the Power BI workspace and locate the report or dataset.
In settings, you will be able to apply a sensitivity label.
Use the appropriate label according to the nature of the data embedded in the report (e.g., "Confidential," "Public," "Highly Confidential," etc.).
The label is applied to the report based on the report level and does not explicitly set a label on the dataset that the report inherits.
4. Data Classification in Power BI Data classification is the process of preparing certain datasets to work properly with sensitive data.
How do you classify fields in Power BI using data classifications?
In the model view, you will find data classifications under which you can classify various fields in Power BI. These classifications give out metadata concerning data in the form of its treatment, for example, 'Personal,' 'Financial,' 'Confidential,' etc.
This improves governance practices in organizations, as it is practical to monitor and apply compliance with classification standards.
Adhere to the guidelines regarding the application of sensitivity labels.
Apply Sensitivity Labels Early: Do not wait until reports or datasets have been published to apply sensitivity labels; where applicable, always apply where new reports or datasets are being created. This eliminates the chances of protected or unprotected information being shared by accident.
Automate Labeling: Utilize Microsoft Purview (previously known as Azure Purview) or any other suitable machinery to enable the classification of data based on certain rules and or learning models.
Consistent Training: Confirm that the Power BI users know how to apply the sensitivity labels and what they mean. Regular training is important in ensuring compliance with the data governance policies.
Monitor Label Usage: Employ Power BI's audit logs or the Microsoft 365 compliance systems to monitor and report on the usage of sensitivity labels. This will allow you to pinpoint problems quickly and identify areas needing work regarding data governance.
When sensitivity labels are enabled and managed in the Power BI applications, an extra layer of security is added to the information whose sensitivity is labeled, ensuring that it is appropriately labeled, protected, and only distributed to the right people.
