Master How YOU Organize Measures and Columns! A Power BI Tutorial
In this video, Nick Lee from Pragmatic Works outlines the top five Power BI admin settings that should be disabled to enhance security and control within your Power BI tenant. Whether you’re an admin or a user, understanding these settings can help safeguard your organization’s data and prevent unintentional access or sharing.
1. Users Can Invite Guest Users
This setting allows users to invite external guest users to access your Power BI tenant by sharing reports or data. While this can be helpful for contractors or vendors, Nick recommends disabling it for the entire organization and enabling it only for specific security groups, such as admins. This ensures better control over who can share reports externally.
2. Allow Sharable Links to Grant Access to Everyone in the Organization
This setting lets users share a Power BI report link, which can then be forwarded to anyone in the organization, effectively bypassing permissions. Nick suggests disabling this feature to prevent widespread sharing of sensitive reports and data. If needed, this can be enabled for select security groups.
3. Users Can Work with Semantic Models in Excel
This feature enables users to connect Excel to Power BI's underlying semantic model, creating pivot tables. While useful, it can expose sensitive data not intended for general users, especially when specific visuals or data limitations are needed. Nick advises disabling this feature unless explicitly required for certain user groups.
4. Allow Users to Download Reports
Downloading Power BI reports as PBIX files can be risky, especially when row-level security (RLS) is in place. Once a user downloads a report, RLS is no longer enforced, which can expose all data in the dataset. Nick recommends disabling this for most users to ensure sensitive data remains protected.
5. Publish to Web
This setting is enabled by default and allows users to publicly publish Power BI reports to the web, making them accessible to anyone. This is extremely risky as it bypasses all security measures. Nick strongly urges admins to disable this setting and only enable it for specific cases, such as public reports from government or healthcare organizations.
Conclusion
Disabling these five Power BI admin settings helps to secure your data, prevent unauthorized access, and maintain better control over report sharing within your organization.
Don't forget to check out the Pragmatic Works' on-demand learning platform for more insightful content and training sessions on Power BI and other Microsoft applications. Be sure to subscribe to the Pragmatic Works YouTube channel to stay up-to-date on the latest tips and tricks.
Sign-up now and get instant access

ABOUT THE AUTHOR
Nick has been a dedicated trainer and consultant since 2018, leveraging his extensive experience working with major companies, including Fortune 200 corporations, professional sports organizations, government entities, and leading firms in the finance and healthcare sectors. With a specialized focus on Power BI and data engineering, Nick has consistently demonstrated his ability to drive data-driven decision-making and optimize business processes. His commitment to excellence and his in-depth technical expertise have made him a trusted advisor and sought-after expert in the industry.
Free Trial
On-demand learning
Most Recent
private training
Leave a comment