Examples of how we've helped organisations improve their Power BI governance and security posture and reduce costs.
Tenant Settings Review
A New Zealand government department with an expanding Power BI environment wanted confidence that their tenant was configured correctly, especially with strict privacy and data sovereignty requirements. The environment had 1,200 users, 2,500+ reports across 380 workspaces, and was growing by 75 reports and 20 workspaces per month.
Most development was driven by business users with limited central oversight. A single Power BI developer and part-time governance manager were responsible for the entire platform. The Data Platform Manager was unsure if default tenant settings provided enough protection, unclear about risks from Fabric trials and new features, and lacked visibility into content sharing practices across the organisation.
Microsoft enables many tenant settings by default, including preview features and the ability to create Fabric workloads and trials. Settings were either on or off for the entire organisation, with no use of security groups to restrict access to more risky features. Content and workspaces were proliferating rapidly under a self-service model with limited visibility into who was sharing reports broadly, or if content was being published to the web.
Allowing users to start Fabric trials created new, unmonitored workloads, raising the risk of ungoverned shadow IT outside established controls. These factors combined to create greater governance complexity and a higher risk of breaching data sovereignty or privacy obligations.
We started with a thorough analysis of all 142 tenant settings, mapping the current state of the environment and identifying where configuration had drifted from what a government agency with these privacy and data sovereignty obligations should have in place.
We then ran a workshop with the Data Platform Manager, Governance Manager, and M365 Admin to review our findings in the context of their specific security policies, ways of working, and environment specifics such as the use of Snowflake as the data source of record. That conversation shaped which recommendations were critical, which needed stakeholder management, and which could be deprioritised.
From there, we refined our recommendations into a prioritised remediation plan tailored to the department's context, and worked with their admin team to implement the changes directly, with no downtime or disruption to existing reports.
31 high-impact settings were remediated. We disabled risky features including uncertified visuals, tightened controls for sharing and workspace creation, and implemented an automated script to detect and disable new preview features as they are released, ensuring ongoing compliance and keeping data within the region.
Governance maturity was raised from "Unmanaged" to "Managed controls in place."
Capacity Optimisation
An organisation was spending significantly more than necessary on Fabric capacity. Reports were slow, users were frustrated, and the instinct was to add more capacity. But the problem wasn't a lack of resources. It was how the existing capacity was being used.
We analysed capacity usage patterns, identified performance bottlenecks, and found that a combination of inefficient data models, poorly scheduled refreshes, and unused workspaces were consuming resources without delivering value. We restructured refresh schedules, optimised the largest data models, and consolidated workspaces.
Monthly capacity costs reduced by $18,000 while report performance improved. The changes required no reduction in functionality and no disruption to end users.
If you'd like to discuss how these approaches apply to your organisation, we'd welcome the conversation.
Get in touch