SoftwareOne case study

How to maximise compliance and data security in a financial services organisation

A close up of a credit card.

In an innovative approach, a regulated industry institution used Microsoft Power BI to strengthen data protection and standardise application onboarding for better compliance and streamlined access.

Organisations today are eager to adopt data analytics and business intelligence tools to improve decision making and enhance performance. But how do they ensure that their use of these technologies complies with industry regulations and that sensitive data is protected from potential threats?

This client provides financial services throughout Northern Europe and is responsible for securing large amounts of data. Dealing with highly sensitive information on a daily basis, they need to ensure compliance with the strict regulations of their industry.

Because compliance and data security are critical to organisations in this sector, the company is committed to implementing strong security measures to protect its reputation and avoid data leaks or other incidents that could compromise its customers’ information.

Client
Financial institution
Industry
Finance
Services
Application Services: Data & Analytics

Protecting access to customer data

The organisation wanted to create a central IT unit responsible for managing and deploying Microsoft Power BI reports and protecting against unauthorised access and potential data breaches.

The application also needed to comply with all industry regulations and be user-friendly for end users who would use the reports to analyse the company’s performance and manage customer finances.

The client had previously been using Microsoft Power BI Report Server but felt that its capabilities were insufficient for their needs and their desire to operate fully in the cloud.

As a result, they decided to switch to Microsoft’s Power BI Service, which offers a wider range of features, and to develop a unified service architecture, strategy, and service delivery model for use across the company.

Setting up governance around the Power BI service would allow them to:

  • identify data sources for end-users
  • manage how users can access and utilise the reports
  • decide which type of authentication will be allowed
  • integrate on-premises data
  • monitor and manage solution performance
  • maintain consistent standards for data access across the organisation

The central IT department would then be able to onboard BI applications from other business units ,with the confidence that all prerequisites, best practices, service scopes and constraints are met within the platform.

Despite their experience with the technology, the client’s teams anticipated that the upcoming project would be challenging due to strict security compliance requirements and high business expectations.

They turned to SoftwareOne to help them with the project and to ensure that all regulations and security measures were taken into account.

Building a new approach to utilising Power BI reports

Designing the new architecture and capabilities required a deep understanding of the challenges and the teams’ previous operations, leading to a model that included 4 elements:

  1. Making the service compliant
  2. Setting security and functionality baselines
  3. Enabling connectivity to data sources
  4. Establishing the application onboarding process

Compliance

Due to regulatory issues, SoftwareOne had to customise some features available in the Power BI Service by default.

For example, the use of My Workspace to create and share reports needed to be blocked. My Workspace was problematic for the organisation because of the potential risk of sharing data with an inappropriate audience which would be difficult to manage centrally.

In addition, sensitive data at rest that is stored in the cloud must be encrypted with a key managed by the bank. In Power BI, however, it is usually the cloud service provider that generates and manages the key. To address this, the Bring Your Own Key (BYOK) security method has been enabled to make the data unreadable to the service provider.

Security

With security a priority in a regulated industry, SoftwareOne had to approach identity and access management with the utmost care.

To reduce the risk of uncontrolled and ad-hoc access granting and sharing, the Workspaces, Roles & Permissions reference model was developed as a best practice configuration. This model helps to propagate security and maintenance standards to departments that onboard their solutions to the Power BI service.

Connectivity

By establishing a data gateway, connections to on-premises sources were enabled, providing access to data that is not stored in the cloud. Also, data gateway-related roles were included in the Workspaces, Roles & Permissions reference model.

Application onboarding

The final part was to design an onboarding process for business units and application owners who wanted to host BI solutions in the Power BI online service.

The model developed by SoftwareOne guides them through the organisational requirements, collects the necessary documentation, and provides a reference structure for setting up the reports.

Can we do this for you?

Get in touch with our experts now.

Can we do this for you?

Get in touch with our experts now.

Working towards a unified approach across all business units

By introducing the Power BI service model, the company obtained a platform organised according to best practices and policies and developed a clear application onboarding process with one approved structure. Whereas the previous solution did not ensure full compliance, the encryption methods used in the current cloud solution can successfully address concerns over meeting industry regulations.

The ultimate goal is to make it easier for different teams to collaborate and share information securely, so the company is determined to drive adoption across all business units. If evangelised properly, users will know what to expect when requesting a new report and what is expected of them, resulting in a more efficient and user-friendly experience.

Ideally, the process will then lead to the creation of a single source of truth, ensuring the trustworthiness of data for business analyses and promoting good data sources.

Having a single platform will ultimately reduce costs for the business, as without it, each business unit would have to spend money on separate solutions.

Finally, the governance model will help the company with access and identity management, leading to a clear understanding of who can process sensitive information and who is allowed to use the reports, minimising the risk of unauthorised changes.

By implementing a new governance model for Power BI reports, the company has taken an important step in protecting sensitive information and addressing compliance concerns. As long as the company follows the established policies and procedures, all business units will soon be able to successfully use the new capabilities and rely on a trusted and reliable source of knowledge.

A person walking down a hallway with a rainbow colored wall.

Connect with our experts

Share a few details about your business challenge, and we’ll get right back to you.

Connect with our experts

Share a few details about your business challenge, and we’ll get right back to you.