Local governments receive a significant amount of sensitive data from multiple sources every day including public health data and crime information. During the COVID-19 pandemic, these municipalities also started receiving information about citizen COVID-19 exposure, infections, vaccinations, and so on. In the interest of public health and safety, it has been essential for local governments to be transparent and open about these numbers, and government organizations around the world have embraced Microsoft’s Power BI dashboards as the conduit for how to relay this essential information to their populations.
The data sources for these dashboards contain sensitive Personal Identifiable Information (PII). A major obstacle facing state and local governments has been the potential of sensitive citizen and employee data leaking through poorly protected Power BI dashboards. The key is to make sure that the data source is unusable to any outside entities.
In this blog, I will discuss how masking data with Power BI dataflows and automating data orchestration with Power Automate will help prevent accidental exposure, allowing government organizations to provide vital information without risking citizen safety or personal information.
Get Started with Power Platform
Apex Digital Solutions is a Microsoft Gold Partner and can help thoroughly assess your needs and decide on the best course of action for your business.
What are Power BI dataflows?
Power BI Dataflows, the data transformation component in Power BI, are Power Query processes that run in the cloud and use the same set of data reparation functionalities, connectors, gateways, and transformations. They standardize access to source data, allowing you to easily create reusable data integration pipelines to be used in one or more Power BI reports.
What is data masking in Power BI dataflows?
Data masking is a custom function in Power BI dataflows that allows the creator of the dashboard to hide or remove confidential information in Power BI data models. For example, this allows you to take a piece of data in a dataflow such as a “birthdate” and turn it into an “age”, obscuring and protecting the specific information.
Additionally, you can change other fields like “name” and “address” into masked fields that are unique but scrambled and unreadable to any outside entities. For example, the address “1000 Town Center” will appear as a random string of numbers, but will always be the same, so the information can be distributed accurately while keeping the personal information protected.
How does automating data orchestration reduce potential exposure?
Another way that agencies and organizations are preventing exposure of their sensitive data is by automating the workflow for data orchestration with Power Automate. Data orchestration is the coordinated automation of a series of tasks designed to work together in a streamlined process or workflow. Automating the process ensures that there are the least possible points of access for malicious actors to access that data source.
Here is a real-world example: Say you have a Power BI dashboard for web analytics. One part of gathering the data for this dashboard involves exporting your monthly results out of Google Analytics. Now the spreadsheet with all this raw data exists in your local ‘downloads’ folder, your OneDrive, your Microsoft Teams SharePoint site, etc. This file is now available to anyone who might have access to those locations. Maybe there is an employee or a guest in your Teams group that shouldn’t have access to that file, or your computer gets stolen. The manual orchestration of this data increased the possibility for exposure.
If you automate orchestration of the data, it gets moved and manipulated in a space that users only have access to if they have access to the data flow.
How are governments using Power BI data masking and Power Automate data orchestration?
There are any number of important pieces of data that local governments collect every day. Whether it be COVID-19 vaccine information, crime statistics, or census data, it is essential to the public safety of their citizens that they keep this information masked.
For example, a local Police Department may have a file they send over to City Hall that includes information on the previous year’s crime statistics. This information includes not only the nature of the crime, but also the names, addresses, and birth dates of the crime perpetrators and victims. This file then ends up in a SharePoint site and gets transformed into a visualization but is not masked. There are now several locations where this file lives that could result in data leaks.
By automating the gathering process and then masking the data, the government agencies do not expose that data for malicious actors to then use. As a rule of thumb: the less hands that manually touch the data, the better.
Conclusion
Make sure that the data source is unusable to any outside entities. By combining data masking with automated data orchestration, you can reduce the risk of accidental exposure, allowing your organization or government agency to provide vital information without risking citizen safety or personal information.
Let’s discuss how we can help better protect your organization’s Personal Identifiable Information with Power BI dataflows and Power Automate. Use the form below to schedule a discovery session with one of our Power Platform experts.
Schedule a Discovery Session Today: