Consider this use-case: You built a sales dashboard for hundreds of sellers in your organization. The dashboard provides them current statuses and KPIs and links to hundreds useful resources by product including sales collateral and demos. Would it be great if you could analyze the popularity of your products and sales collateral by the amount of times your sellers select the products in the dashboard?
Now, consider a different scenario where you’ve implemented complex Row-Level-Security (RLS) in your Power BI Semantic Model used across multiple production reports. Over a weekend, an external customer complains about seeing data belonging to other customers. After a thorough investigation, you identify and fix a data quality issue in the pipeline feeding the RLS logic. However, your organization now requires an impact assessment for all customers. By reviewing report views, you compile a list of external users who accessed the impacted reports—but you need to provide a detailed damage control report. Can you pinpoint exactly what specific data received attention from unauthorized users? For example, which products of Customer X were reviewed attentively by other customers, and by whom? Our Data Auditing feature makes this level of analysis not only possible but straightforward.
I am happy to share the Data Auditing feature that we just released this week in BI Pixie. With enhanced auditing capabilities, you can now gain deeper insights into how your end-users interact with your Power BI reports—ensuring better understanding of user behavior, greater security and compliance.
Ever wanted to know what data your end-users select in your Power BI reports? What is the most popular product your sales team click on? The Data Auditing page allows you to analyze what data users select in your Power BI reports and analyze their interests.
Install BI Pixie Dashboard here to explore how the Data Auditing works with our demo data. Contact us here to start a trial.
In the Decomposition Tree, you can analyze the views and clicks by Filtered Table, Filtered Column, and Filtered Values. These three fields are also available as slicers on the right side of the page. You can search for specific table names, column names, and filtered values in these slicers.
How to differentiate between clicks and views using the Distinct Count slicer:
In this page, you cannot completely differentiate between the data users view and the data that they click on. However, by setting the Distinct Count slicer to be in the range of 1 to 1, you will filter out most of the default viewed tables, columns, and values. This way, you can analyze single-click data selections. If users perform a multi-selection of values (e.g., in a slicer or using the CTRL key in visuals) then the 1 to 1 setup will miss those data selections. To work around this issue, you can set the Distinct Count slicer to 1 to 2 or 1 to 3 to see multi selections of two or three values in addition to the single selections. However, by doing so, you may see viewed data in visuals that include only two or three distinct values by default.
Advanced Auditing Scenarios
Auditing Role-Level Security (RLS) Data Access:
In environments where RLS is implemented to restrict data access, auditing becomes an essential tool to verify that users are not inadvertently or maliciously accessing rows outside their authorization. By tracking the tables, columns, and specific data values that end-users view or click on, you can quickly identify instances where sensitive information might have slipped through due to misconfigured RLS rules. This detailed audit trail not only helps in validating the effectiveness of your security measures but also provides a historical record for compliance and remediation efforts, ensuring that any deviations from intended access policies are promptly addressed.
Detecting Anomalous User Behaviors:
Beyond verifying data access permissions, the auditing capabilities in BI Pixie enable you to detect unusual patterns in how users interact with your dashboards. For example, if a user consistently selects data elements that seem irrelevant to their role or if multiple users exhibit similar patterns of excessive clicking on certain visuals, it might indicate an abuse of power or an attempt to extract more information than they should be accessing. By correlating user actions with their roles and expected behavior, you can set up alerts or trigger further investigations into these anomalous activities, thereby strengthening your overall data governance strategy.
Post-Breach Auditing and Targeted User Analysis:
In the unfortunate event of a data breach or a suspected unauthorized access incident, these auditing features become invaluable. You can quickly pinpoint which users engaged with sensitive data and reconstruct the sessions and their level of engagement to understand the extent of the exposure. This is particularly critical in scenarios where partners or external users might have accessed data beyond their permitted scope, such as viewing details of competitors or other partners. Detailed audit logs allow you to assess the potential impact of the breach, determine the root cause, and implement corrective measures to prevent future occurrences.
Want to learn more? Contact me for a demo.
