Ensure enabling of external data sharing is restricted
Why This Matters
Unrestricted external data sharing in Power BI can expose sensitive organizational data to guest users from other tenants without proper oversight. By controlling who can enable external sharing, you reduce the risk of data leakage and maintain adherence to the principle of least privilege through role-based access control. This also helps manage compliance risks and improve accountability across user activities.
What Aether365 Checks
Aether365 verifies that the Power BI tenant setting “Allow specific users to turn on external data sharing” is configured to either Disabled or Enabled only for a specific security group. This check appears in the Aether365 dashboard under microsoft 365 checks.