Data governance with Microsoft Fabric

It is no longer hard to see that Microsoft Fabric is coming to stay in the analytics world. A solution that aggregates a vast set of Microsoft data tools and capabilities, Fabric is undoubtedly a big help for those who constantly work with data and need to govern it sensibly. And this is why today we’re talking about how governance works on Fabric. This is an important subject to the world of data because without it an entire data structure can crumble. But what is governance?

Data governance is the process of ensuring that data is safe, private, precise, accessible and usable.

Within this definition, Microsoft Fabric offers many capabilities. Let’s try to group them and speak of them in a way that helps you understand their value.

There is a structure on Fabric to help you manage your data estate, but the main resources, such as the capacity, are defined on Azure Portal, where you add resources to a specific tenant. You also have an admin portal inside Fabric where administrators can control the overall settings, like domains and workspace settings, capacities and how users interact with Fabric. By speaking on domains and workspaces with them, you can control and define who has access to certain items and information.

This is a kind of data mesh approach where we have one tenant for an organisation and inside that, we can set up multiple workspaces. And where are the domains?

Well, as a Fabric admin, you can configure the different domains via the admin portal. These are basically a logical grouping of workspaces under a topic, department name or any other grouping you prefer. Imagine that your company has Hub departments and non-Hub departments. You will create workspaces for those departments and domains for Hub and non-Hub and assign the respective departments (workspaces) to each domain. Permissions and roles can be given to each type of user in each layer.

Besides this, there is another great capability called metadata scanning, which helps you connect to external cataloging tools using scanner APIs. These APIs extract metadata from your Fabric items so you can catalogue and report on them.

One of the good things about Fabric that helps you discover data is the OneLake data hub, which makes it easier to explore and interact with your data items. It gives information on each item and has filtering options to help you search for the relevant data you want to use.

Another thing is its ability to endorse content. This is a way of certifying data items so you can promote them to users and when they search for them, they find trustworthy, high-quality items.

Following the same logic, we have data lineage and impact analysis. This is a Fabric capability that lets you understand the flow of your data visually from the data source to its destination and its relations. Besides this, for every item in the lineage view, you can see what items will be affected if you make any changes to it and warn other users that a change might affect their working items. For instance, if you change a column in a semantic data model, then you can send an alert to Power BI users informing them of the change in the item they are working with.

Maintaining data security and privacy is sometimes complex but Fabric has a lot of features for this. Besides, it scales well with Microsoft Purview, even having some capabilities of Purview within Fabric.

One of its attributes is labelling data to ensure data security and data privacy requirements. You can use built-in Fabric capabilities, or you can use sensitive labels from Purview Information Protection to tag your data automatically or manually. With Purview you can maintain this labelling even if you export data from Fabric using supported export paths.

Another thing is controlling user activity such as accesses, logins or actions in different tools like Power BI, Spark, Data Factory, etc. This can be done internally with Fabric by enabling Azure Log Analytics and having an Audit Log role to access the logs or using another feature of Purview called Purview Audit.

For sure, there are a bunch of things that can be done in Fabric to prevent security issues, and one of them is to organise workspaces and roles well. Fabric lets you give permissions for workspaces as for their items specifically. Besides that, there are ways and features to create RLS (row-level security) in which each user can see only data applicable to that specific user or group of users. It is simply a matter of deciding what user and group structures your company will need and taking advantage of all these features.

Knowing what’s happening and how Fabric is performing is important. The valuable information that you can extract from monitoring features can help you to manage your tenant efficiently and reduce unnecessary costs.

One of those features is the Monitoring Hub, where users such as engineers and developers can see Fabric activities in a centralised manner and, if wanted, historically. By using such, you can monitor things like workloads, data pipelines, data flows, lakehouses, notebooks and more. Above this is Admin Monitoring, a feature especially for admins, where you can perform tasks like audits and usage tests.
A complementary feature is the Capacity Metrics App, which you can use to evaluate how Fabric is performing in terms of usage and resources consumption. Normally this feature is for administrator roles.
Lastly, there is the Purview Hub. It is basically a page on Fabric that shows administrators reports containing insights on their items, specifically with reference to sensitive data and endorsements. It is also a way to connect to more advanced capabilities like those we covered in other topics.

Why use Purview when Fabric has its own capabilities?

Because Purview has some additional features and capabilities, using it together with Fabric to govern data, would leverage the way you catalog, lineage, label, endorse and secure data.

As time passes, leveraging data governance is increasingly becoming a hot topic. Data solutions are becoming solid and real, and consequently data structures are getting bigger and more complex. A data solution can exponentiate its size in the blink of an eye, and governing data is still the best way to prevent security or data quality issues. While Fabric is gaining its spot in the world it is important to consider its capacity to deal with data and complex needs.

Here at Xpand IT, we see Microsoft Fabric as a robust tool that can help any company on its way to an excellent data-driven culture. Fabric permits a full solution not only for analytics workloads but also as a complete package with data governance tools. We’re familiarising ourselves with its many great features and capabilities so that we can help all our clients on their data journey.