Microsoft Power BI - SCuBA 1.4.0 Checklist Details (Checklist Revisions)
Supporting Resources:
-
Download Prose - Microsoft Power BI
- Cybersecurity and Infrastructure Security Agency (CISA)
-
Download Machine-Readable Format - Microsoft Power BI GitHub Mark down
- Cybersecurity and Infrastructure Security Agency (CISA)
Target:
Target | CPE Name |
---|---|
Microsoft Power Apps | cpe:/a:microsoft:power_apps:- (View CVEs) |
Checklist Highlights
- Checklist Name:
- Microsoft Power BI - SCuBA
- Checklist ID:
- 1086
- Version:
- 1.4.0
- Type:
- Compliance
- Review Status:
- Final
- Authority:
- Governmental Authority: Cybersecurity and Infrastructure Security Agency (CISA)
- Original Publication Date:
- 02/02/2024
Checklist Summary:
Microsoft 365 (M365) Power BI is a cloud-based product that facilitates self-service business intelligence dashboards, reports, datasets, and visualizations. Power BI can connect to multiple different data sources, combine and shape data from those connections, then create reports and dashboards to share with others. This Secure Configuration Baseline (SCB) provides specific policies to strengthen Power BI security.
Checklist Role:
- Client / Server
- Office Software
Known Issues:
Not Provided
Target Audience:
The Secure Cloud Business Applications (SCuBA) project run by the Cybersecurity and Infrastructure Security Agency (CISA) provides guidance and capabilities to secure federal civilian executive branch (FCEB) agencies’ cloud business application environments and protect federal information that is created, accessed, shared, and stored in those environments.
Target Operational Environment:
- Managed
- Standalone
Testing Information:
Not Provided
Regulatory Compliance:
Not Provided
Comments/Warnings/Miscellaneous:
Not Provided
Disclaimer:
The information in this document is being provided “as is” for INFORMATIONAL PURPOSES ONLY. CISA does not endorse any commercial product or service, including any subjects of analysis. Any reference to specific commercial entities or commercial products, processes, or services by service mark, trademark, manufacturer, or otherwise, does not constitute or imply endorsement, recommendation, or favoritism by CISA. This document does not address, ensure compliance with, or supersede any law, regulation, or other authority. Entities are responsible for complying with any recordkeeping, privacy, and other laws that may apply to the use of technology. This document is not intended to, and does not, create any right or benefit for anyone against the United States, its departments, agencies, or entities, its officers, employees, or agents, or any other person.
Product Support:
CyberSharedServices@cisa.dhs.gov
Point of Contact:
CyberSharedServices@cisa.dhs.gov
Sponsor:
Not Provided
Licensing:
Portions of this document are adapted from documents in Microsoft’s M365 and Azure GitHub repositories. The respective documents are subject to copyright and are adapted under the terms of the Creative Commons Attribution 4.0 International license. Sources are linked throughout this document. The United States government has adapted selections of these documents to develop innovative and scalable configuration standards to strengthen the security of widely used cloud-based software services. Microsoft Purview Information Protection Premium P1 or Premium P2 license is required to apply or view Microsoft Information Protection sensitivity labels in Power BI. Azure Information Protection can be purchased either standalone or through one of the Microsoft licensing suites. See Microsoft Purview Information Protection service description for details. Microsoft Purview Information Protection sensitivity labels need to be migrated to the Microsoft Information Protection Unified Labeling platform to be used in Power BI. To apply labels to Power BI content and files, a user must have a Power BI Pro or Premium Per User (PPU) license, in addition to one of the previously mentioned Azure Information Protection licenses. Before enabling sensitivity labels on the agency's tenant, ensure sensitivity labels have been defined and published for relevant users and groups. See Create and configure sensitivity labels and their policies for detail.
Change History:
checklist approved - 2/12/2024 updated to final - 3/11/2024 Updated References - 08/30/2024 Changes Approved - 11/29/2024
Dependency/Requirements:
URL | Description |
---|
References:
Reference URL | Description |
---|---|
https://learn.microsoft.com/en-us/power-bi/enterprise/service-security-data-protection-overview | Data protection in Power BI |
https://learn.microsoft.com/en-us/power-bi/enterprise/service-security-enable-data-sensitivity-labels | n order for sensitivity labels from Microsoft Purview Information Protection to be used in Fabric, they must be enabled on the tenant. |
https://learn.microsoft.com/en-us/purview/dlp-powerbi-get-started | Get started with Data loss prevention policies for Fabric and Power BI |