Securing Power BI Access and Monitoring Audit Events
Following my recent post on preview of Azure AD Conditional Access Policies for devices, the Power BI team yesterday announced Azure AD Conditional Access for Power BI. Effectively what this means is that you can now secure your Power BI access through Multi-Factor Authentication and location based access rules. Please note that Conditional Access requires all users to have Azure Active Directory Premium Licenses.
In addition to securing Power BI access, you can also audit events which is available in preview as well but only for US based Office 365 tenants.
Some of the key events that can be audited are:
- Auditing is a feature of Power BI Pro and user-level auditing events is only available for Pro users
- Search audit logs by user and date
- CreateGroup -This activity is fired every time a group is created.
- AddGroupMembers – This activity is logged every time a member is added to a Power BI group workspace.
- CreateDashboard – This activity is logged every time a new dashboard is created.
- EditDashboard – This activity is logged every time a dashboard is renamed.
- DeleteDashboard – This activity is logged every time a dashboard is deleted.
- ShareDashboard – This activity is logged every time a dashboard is shared, including email addresses of any external recipients.
- DeleteReport – This activity is logged every time a report is deleted.
- CreateOrgApp – This activity is logged every time an organizational content pack is created.