Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Get Fabric Certified for FREE during Fabric Data Days. Don't miss your chance! Request now

Reply
GopyJS
Regular Visitor

Handling on-premises data with strict data protection policy in Power BI

‎07-04-2023 10:47 PM

Hello, PowerBI community,

 

I am a Power BI developer based in India, and I am going to work with a client in the Republic of Congo, Western Africa. The client has a strict data protection policy that prohibits the sharing of data outside the country due to regulatory requirements. However, the data needed for the Power BI report is stored on-premises, posing a challenge for me.

I would like to seek your guidance on how to handle this situation effectively. Are there any recommended approaches or best practices for working with on-premises data in Power BI while complying with strict data protection policies? Additionally, if there are any specific considerations or constraints, I should be aware of, please let me know.

Thank you in advance for your assistance.

Labels:
Message 1 of 6
608 Views
0
2 ACCEPTED SOLUTIONS
TomMartens
Super User
Super User

‎07-04-2023 11:00 PM

Hey @GopyJS ,

 

because of the requirements regarding the data residency, it is a must that your client provides you with a virtual machine located in the environment of your client. You can not use your local machine (located in India) because data will travel to your local machine as soon as you use Power BI Desktop to connect to the data.

You have to clarify with the your client if this is sufficient, because it's simply not possible to prevent you from taking a picture of the using an external camera.

 

Regards,

Tom



Did I answer your question? Mark my post as a solution, this will help others!

Proud to be a Super User!
I accept Kudos 😉
Hamburg, Germany

View solution in original post

Message 2 of 6
586 Views
TomMartens
Super User
Super User
In response to GopyJS

‎07-05-2023 12:38 PM

Hey @GopyJS ,

 

assuming data source is SQL Server, then it's absolutely sufficient to add a database role that "determines" the artifacts the developer needs to READ. Then adding you to the role.

 

Developing a Power BI Solution (dataset and visualizations) does not require WRITE permission on the data source.

 

Please be aware that there is this saying:
"Data should be transformed as far upstream as possible, and as far downstream as necessary."
This phrase was coined by Matthew Roche, one of the members of the Power BI CAT team (https://ssbipolar.com/2021/05/31/roches-maxim/).
This measns, if you need a new column, ask the database team, if they can add this column in the database.

 

By no means, you should have write permissions to the source data, no matter if the data source is a SQL Server or a folder in a SharePoint Library.

 

Hopefully, this answers your question.



Did I answer your question? Mark my post as a solution, this will help others!

Proud to be a Super User!
I accept Kudos 😉
Hamburg, Germany

View solution in original post

Message 6 of 6
551 Views
5 REPLIES 5
GopyJS
Regular Visitor

‎07-04-2023 11:31 PM

"Hello @TomMartens,

Thank you for your valuable insights regarding the handling of on-premises data with strict data protection policies in Power BI. Your expertise has been extremely helpful in guiding our approach.

In the context of sensitive bank data, our client in the Republic of Congo has expressed concerns about providing access to their data. They are worried about the possibility of accidental or intentional data deletion by the developer. Considering these concerns, is there a way to grant read-only access to the Power BI developer while ensuring the integrity and security of the data?

We want to ensure that the developer can effectively work with the data for report development purposes but without the ability to make any changes or delete any data within the system. Any insights or recommendations you can provide on granting read-only access to the Power BI developer would be greatly appreciated.

Thank you once again for your time and expertise.

Message 5 of 6
572 Views
0
TomMartens
Super User
Super User
In response to GopyJS

‎07-05-2023 12:38 PM

Hey @GopyJS ,

 

assuming data source is SQL Server, then it's absolutely sufficient to add a database role that "determines" the artifacts the developer needs to READ. Then adding you to the role.

 

Developing a Power BI Solution (dataset and visualizations) does not require WRITE permission on the data source.

 

Please be aware that there is this saying:
"Data should be transformed as far upstream as possible, and as far downstream as necessary."
This phrase was coined by Matthew Roche, one of the members of the Power BI CAT team (https://ssbipolar.com/2021/05/31/roches-maxim/).
This measns, if you need a new column, ask the database team, if they can add this column in the database.

 

By no means, you should have write permissions to the source data, no matter if the data source is a SQL Server or a folder in a SharePoint Library.

 

Hopefully, this answers your question.



Did I answer your question? Mark my post as a solution, this will help others!

Proud to be a Super User!
I accept Kudos 😉
Hamburg, Germany
Message 6 of 6
552 Views
TomMartens
Super User
Super User

‎07-04-2023 11:00 PM

Hey @GopyJS ,

 

because of the requirements regarding the data residency, it is a must that your client provides you with a virtual machine located in the environment of your client. You can not use your local machine (located in India) because data will travel to your local machine as soon as you use Power BI Desktop to connect to the data.

You have to clarify with the your client if this is sufficient, because it's simply not possible to prevent you from taking a picture of the using an external camera.

 

Regards,

Tom



Did I answer your question? Mark my post as a solution, this will help others!

Proud to be a Super User!
I accept Kudos 😉
Hamburg, Germany
Message 2 of 6
587 Views
GopyJS
Regular Visitor
In response to TomMartens

‎07-04-2023 11:16 PM

@TomMartens 
Thank you so much for your valuable advice regarding the handling of on-premises data with strict data protection policies in Power BI. Your insights have provided me with a clear direction on how to address this challenge.

I truly appreciate your expertise and guidance. I will promptly convey your answer to our client in the Republic of Congo and discuss the best way to proceed based on your recommendations. Your input will undoubtedly be instrumental in finding an effective solution that aligns with their data protection requirements.

Once again, thank you for your time and support. Your contribution to the Microsoft community is greatly valued.

Message 3 of 6
576 Views
0
TomMartens
Super User
Super User
In response to GopyJS

‎07-05-2023 12:28 PM

My pleasure!



Did I answer your question? Mark my post as a solution, this will help others!

Proud to be a Super User!
I accept Kudos 😉
Hamburg, Germany
Message 4 of 6
551 Views

Helpful resources

Announcements
November Power BI Update Carousel

Power BI Monthly Update - November 2025

Check out the November 2025 Power BI update to learn about new features.

Fabric Data Days Carousel

Fabric Data Days

Advance your Data & AI career with 50 days of live learning, contests, hands-on challenges, study groups & certifications and more!

FabCon Atlanta 2026 carousel

FabCon Atlanta 2026

Join us at FabCon Atlanta, March 16-20, for the ultimate Fabric, Power BI, AI and SQL community-led event. Save $200 with code FABCOMM.

View All
Top Solution Authors
View All
Top Kudoed Authors
View All