Why Fabric Data Models Drift — and Why DAX Can’t Save Them

1
00:00:00,000 --> 00:00:02,480
most teams trust their fabric model as truth.

2
00:00:02,480 --> 00:00:03,480
It is not.

3
00:00:03,480 --> 00:00:04,620
Your DAX looks like analytics,

4
00:00:04,620 --> 00:00:06,780
but architecturally it's a distributed decision

5
00:00:06,780 --> 00:00:08,440
engine running without your intent.

6
00:00:08,440 --> 00:00:09,760
That distinction matters.

7
00:00:09,760 --> 00:00:12,280
Because once human authored logic starts deciding

8
00:00:12,280 --> 00:00:14,320
what's visible, you're no longer enforcing access,

9
00:00:14,320 --> 00:00:16,320
you're inferring it at runtime.

10
00:00:16,320 --> 00:00:18,400
Here's the uncomfortable truth and the fix.

11
00:00:18,400 --> 00:00:20,660
I'll walk through five repeatable failure modes

12
00:00:20,660 --> 00:00:22,080
that make this inevitable,

13
00:00:22,080 --> 00:00:24,640
then show the deterministic controls that stop it.

14
00:00:24,640 --> 00:00:26,600
You'll leave knowing which decisions are illegal

15
00:00:26,600 --> 00:00:27,840
to make in DAX,

16
00:00:27,840 --> 00:00:29,360
and how to enforce your assumptions

17
00:00:29,360 --> 00:00:32,000
that the control plane so your model can't drift.

18
00:00:32,000 --> 00:00:35,840
Case one, RLS bypass via measures when total sleek.

19
00:00:35,840 --> 00:00:37,880
Most organizations celebrate the first time

20
00:00:37,880 --> 00:00:40,000
row level security works in testing.

21
00:00:40,000 --> 00:00:42,040
The right rows disappear, the demo looks safe.

22
00:00:42,040 --> 00:00:44,720
They are wrong, what RLS does is constrain base tables.

23
00:00:44,720 --> 00:00:46,880
What your measures do next is an authorization system

24
00:00:46,880 --> 00:00:48,960
of their own written by analysts,

25
00:00:48,960 --> 00:00:50,280
executed by the engine,

26
00:00:50,280 --> 00:00:51,760
and never reviewed by identity.

27
00:00:51,760 --> 00:00:53,320
This is where total sleek.

28
00:00:53,320 --> 00:00:55,080
You build a perfectly reasonable page,

29
00:00:55,080 --> 00:00:56,920
a summary card for total sales,

30
00:00:56,920 --> 00:00:59,440
a bar chart by region, and a KPI that flag

31
00:00:59,440 --> 00:01:01,080
significant variance.

32
00:01:01,080 --> 00:01:03,920
RLS filters the rows to east as intended,

33
00:01:03,920 --> 00:01:05,560
but the measure isn't just summing a column,

34
00:01:05,560 --> 00:01:07,800
it's iterating, revising filter context,

35
00:01:07,800 --> 00:01:10,240
and sometimes reaching around your security boundary,

36
00:01:10,240 --> 00:01:11,720
via calculate and surmix.

37
00:01:11,720 --> 00:01:14,400
If one branch of logic evaluates a broader scope,

38
00:01:14,400 --> 00:01:16,800
even briefly, you've created a side channel.

39
00:01:16,800 --> 00:01:18,520
No alert fires.

40
00:01:18,520 --> 00:01:20,720
The result looks like analytics.

41
00:01:20,720 --> 00:01:22,680
Auditors later find an inference path

42
00:01:22,680 --> 00:01:25,640
that reconstructs a restricted total by subtraction

43
00:01:25,640 --> 00:01:27,160
or variance across visuals.

44
00:01:27,160 --> 00:01:28,280
The thing most people miss,

45
00:01:28,280 --> 00:01:31,000
sumics and calculate are policy engines in disguise.

46
00:01:31,000 --> 00:01:34,280
They are not just math, calculate rewrite filter context.

47
00:01:34,280 --> 00:01:35,720
Assume X loops through a table,

48
00:01:35,720 --> 00:01:37,720
changing context row by row,

49
00:01:37,720 --> 00:01:39,600
and invokes other measures inside that loop.

50
00:01:39,600 --> 00:01:41,240
In other words, your aggregation

51
00:01:41,240 --> 00:01:44,480
is a distributed decision program operating after RLS.

52
00:01:44,480 --> 00:01:46,040
You did not disable RLS,

53
00:01:46,040 --> 00:01:48,360
you described an alternate view of the world,

54
00:01:48,360 --> 00:01:50,280
the engine is free to compute.

55
00:01:50,280 --> 00:01:51,840
This clicked for me the first time,

56
00:01:51,840 --> 00:01:54,400
an internal review asked a simple question.

57
00:01:54,400 --> 00:01:57,320
Can a user with access to only East deduce West

58
00:01:57,320 --> 00:02:00,120
if they can see any all up total anywhere?

59
00:02:00,120 --> 00:02:01,480
The answer hinged on one measure,

60
00:02:01,480 --> 00:02:04,760
it used calculate with all to normalize a benchmark.

61
00:02:04,760 --> 00:02:06,640
That normalization effectively invited data

62
00:02:06,640 --> 00:02:08,720
from outside the user's security scope,

63
00:02:08,720 --> 00:02:10,200
producing a number that could be joined

64
00:02:10,200 --> 00:02:12,440
with visible partitions to infer the rest.

65
00:02:12,440 --> 00:02:14,600
The report never displayed West directly.

66
00:02:14,600 --> 00:02:16,560
It didn't need to, the math exposed it.

67
00:02:16,560 --> 00:02:18,200
Here's why this happens architecturally.

68
00:02:18,200 --> 00:02:19,920
RLS is not the boundary.

69
00:02:19,920 --> 00:02:20,960
Measure semantics are,

70
00:02:20,960 --> 00:02:23,720
the tabular engine evaluates measures in filter context,

71
00:02:23,720 --> 00:02:25,880
and your code can alter that context.

72
00:02:25,880 --> 00:02:28,520
All all except remove filters cross filter,

73
00:02:28,520 --> 00:02:31,480
treat us these functions reshape the decision graph.

74
00:02:31,480 --> 00:02:34,480
You can craft a measure that computes across an entire table,

75
00:02:34,480 --> 00:02:36,640
then present only one slice of it visually.

76
00:02:36,640 --> 00:02:39,040
The numbers still carry the weight of the unfiltered scope,

77
00:02:39,040 --> 00:02:40,640
that's conditional chaos.

78
00:02:40,640 --> 00:02:44,080
A security model drifting from deterministic to probabilistic

79
00:02:44,080 --> 00:02:45,640
through innocent looking logic.

80
00:02:45,640 --> 00:02:47,520
Now here's the shortcut nobody teaches.

81
00:02:47,520 --> 00:02:51,240
Treat authorization adjacent DAX as illegal.

82
00:02:51,240 --> 00:02:55,080
If a measure changes visibility, rows, columns, or classification,

83
00:02:55,080 --> 00:02:56,920
it is acting as an access control

84
00:02:56,920 --> 00:02:58,520
that belongs to identity, not DAX.

85
00:02:58,520 --> 00:03:00,520
If you remember nothing else, remember this.

86
00:03:00,520 --> 00:03:04,760
DAX must never decide who can see data identity must.

87
00:03:04,760 --> 00:03:06,960
Let me show you exactly how to recent test a measure.

88
00:03:06,960 --> 00:03:08,160
Ask three questions.

89
00:03:08,160 --> 00:03:11,200
Does any branch of this logic remove or bypass filters

90
00:03:11,200 --> 00:03:12,640
on protected domains?

91
00:03:12,640 --> 00:03:15,200
Look for all remove filters or filters

92
00:03:15,200 --> 00:03:17,520
that reference sensitive dimensions?

93
00:03:17,520 --> 00:03:19,360
Does the measure compare a scoped value

94
00:03:19,360 --> 00:03:21,040
against an unscoped benchmark?

95
00:03:21,040 --> 00:03:24,160
If yes, you've created a leakage path by subtraction.

96
00:03:24,160 --> 00:03:27,520
Does the measure rely on totals that are not RLS scoped

97
00:03:27,520 --> 00:03:29,040
identically to the visual?

98
00:03:29,040 --> 00:03:30,680
Missmatched scope is an inference engine.

99
00:03:30,680 --> 00:03:32,560
Once you nail that, everything else clicks.

100
00:03:32,560 --> 00:03:34,960
You refactor measures, so benchmarks are computed upstream

101
00:03:34,960 --> 00:03:35,840
and labeled.

102
00:03:35,840 --> 00:03:39,320
You refuse normalization that crosses identity boundaries.

103
00:03:39,320 --> 00:03:41,920
You ensure any global totals are computed

104
00:03:41,920 --> 00:03:45,240
and stored in a domain where identity has already decided

105
00:03:45,240 --> 00:03:46,320
who can query them.

106
00:03:46,320 --> 00:03:47,760
Now here's where most people mess up.

107
00:03:47,760 --> 00:03:49,480
They try to fix this with training.

108
00:03:49,480 --> 00:03:51,040
They create a style guide.

109
00:03:51,040 --> 00:03:52,760
They run a brown bag on safe DAX.

110
00:03:52,760 --> 00:03:54,800
And then the model grows, velocity wins,

111
00:03:54,800 --> 00:03:58,120
and one helpful exception sneaks in to just get the dashboard out.

112
00:03:58,120 --> 00:03:59,640
That exception becomes a pattern.

113
00:03:59,640 --> 00:04:00,680
Entropy accelerates.

114
00:04:00,680 --> 00:04:03,320
You're back where you started with a smarter looking leak.

115
00:04:03,320 --> 00:04:04,920
The deterministic stance is different.

116
00:04:04,920 --> 00:04:06,600
You enforce the boundary outside DAX.

117
00:04:06,600 --> 00:04:08,440
Entra handles authorization.

118
00:04:08,440 --> 00:04:11,480
Per views, sensitivity labels, veto reuse.

119
00:04:11,480 --> 00:04:12,960
They don't annotate it.

120
00:04:12,960 --> 00:04:15,360
Data loss prevention blocks exfiltration parts

121
00:04:15,360 --> 00:04:18,000
at the edges, exports notebooks, composite models,

122
00:04:18,000 --> 00:04:19,240
shared data sets.

123
00:04:19,240 --> 00:04:21,120
Capacity isolates blast radius,

124
00:04:21,120 --> 00:04:24,480
so failures stay local and investigations stay bounded.

125
00:04:24,480 --> 00:04:27,200
Identity compiles intent DAX consumes data.

126
00:04:27,200 --> 00:04:28,800
They are not the same task.

127
00:04:28,800 --> 00:04:30,800
Microstory, last quarter, a team

128
00:04:30,800 --> 00:04:33,480
shipped a revenue view with RLS by region.

129
00:04:33,480 --> 00:04:35,920
A variance to plan measure used remove filters

130
00:04:35,920 --> 00:04:37,800
date to stabilize seasonality.

131
00:04:37,800 --> 00:04:38,960
It looked harmless.

132
00:04:38,960 --> 00:04:41,920
In order to swap the plan table for plan by region,

133
00:04:41,920 --> 00:04:43,720
variance flipped into an inference tool.

134
00:04:43,720 --> 00:04:45,600
Users could derive other regions planned

135
00:04:45,600 --> 00:04:48,520
deltas by comparing my region to the stabilized total.

136
00:04:48,520 --> 00:04:50,560
RLS was working, intent was not.

137
00:04:50,560 --> 00:04:53,120
We removed the measure, pushed plan aggregation upstream,

138
00:04:53,120 --> 00:04:55,160
and enforced a label that blocked any model

139
00:04:55,160 --> 00:04:57,120
from introducing a cross-region benchmark

140
00:04:57,120 --> 00:04:59,000
without a control plane approval.

141
00:04:59,000 --> 00:05:00,920
The game changer nobody talks about is this.

142
00:05:00,920 --> 00:05:03,280
Once you declare certain DAX patterns illegal,

143
00:05:03,280 --> 00:05:05,680
you simplify the entire review surface.

144
00:05:05,680 --> 00:05:09,120
You move from probabilistic assurance, looks fine in dev,

145
00:05:09,120 --> 00:05:12,760
to deterministic enforceable rules, cannot exist in prod.

146
00:05:12,760 --> 00:05:14,400
And boom, look at that result.

147
00:05:14,400 --> 00:05:16,880
Total stop leaking, not because people got better at DAX,

148
00:05:16,880 --> 00:05:18,480
but because DAX stopped being allowed

149
00:05:18,480 --> 00:05:20,640
to act like an authorization engine.

150
00:05:20,640 --> 00:05:23,080
Now that RLS works, calculated tables will still

151
00:05:23,080 --> 00:05:24,600
fork your truth next quarter.

152
00:05:24,600 --> 00:05:26,240
That's the next failure mode.

153
00:05:26,240 --> 00:05:30,000
Case two, semantic model drift via calculated tables.

154
00:05:30,000 --> 00:05:32,280
The second place organizations congratulate themselves

155
00:05:32,280 --> 00:05:34,040
is when the source system is clean

156
00:05:34,040 --> 00:05:36,320
and the star schema is approved.

157
00:05:36,320 --> 00:05:37,840
They believe the model is anchored.

158
00:05:37,840 --> 00:05:38,680
It is not.

159
00:05:38,680 --> 00:05:41,440
The moment a calculated table lands in the semantic model,

160
00:05:41,440 --> 00:05:42,920
you've created a parallel rulebook

161
00:05:42,920 --> 00:05:45,840
that nobody upstream can see, govern or retire.

162
00:05:45,840 --> 00:05:48,240
That distinction matters.

163
00:05:48,240 --> 00:05:49,400
Here's the failure pattern.

164
00:05:49,400 --> 00:05:51,520
A team needs a quick products and market slice

165
00:05:51,520 --> 00:05:54,400
that joins today's catalog to last quarter's launch window

166
00:05:54,400 --> 00:05:56,680
and a marketing eligibility flag.

167
00:05:56,680 --> 00:05:58,120
Instead of asking the data platform

168
00:05:58,120 --> 00:06:00,960
to publish a govern dimension, they write a calculated table

169
00:06:00,960 --> 00:06:01,600
in the model.

170
00:06:01,600 --> 00:06:04,480
Select columns, add columns, a filter here, a union there.

171
00:06:04,480 --> 00:06:05,560
It loads instantly.

172
00:06:05,560 --> 00:06:07,160
Visuals light up, velocity wins.

173
00:06:07,160 --> 00:06:08,360
You now have a shadow dimension

174
00:06:08,360 --> 00:06:10,360
that encodes business logic outside lineage

175
00:06:10,360 --> 00:06:11,720
and outside labels.

176
00:06:11,720 --> 00:06:13,080
That table becomes a joint partner

177
00:06:13,080 --> 00:06:14,640
and quietly redefines reality.

178
00:06:14,640 --> 00:06:16,840
What most teams miss is simple.

179
00:06:16,840 --> 00:06:19,440
Calculated artifacts are entropy generators.

180
00:06:19,440 --> 00:06:21,280
They duplicate structure in bed decisions

181
00:06:21,280 --> 00:06:22,800
and break inheritance.

182
00:06:22,800 --> 00:06:24,280
Sensitivity labels from purview

183
00:06:24,280 --> 00:06:26,080
don't propagate into the calculated result

184
00:06:26,080 --> 00:06:27,320
the way you assume.

185
00:06:27,320 --> 00:06:29,400
Lineage shows a tidy arrow by its theater.

186
00:06:29,400 --> 00:06:31,320
Lineage is evidence, not assurance.

187
00:06:31,320 --> 00:06:32,920
It tells you where the data moved,

188
00:06:32,920 --> 00:06:36,000
not whether your new definition state compliant with policy.

189
00:06:36,000 --> 00:06:39,480
Over time, these tables accumulate canonical reference catalogs,

190
00:06:39,480 --> 00:06:42,520
state helpers eligibility bridges, each one slightly different,

191
00:06:42,520 --> 00:06:44,600
each one disagreeing by one edge case.

192
00:06:44,600 --> 00:06:46,080
Drift stops being accidental.

193
00:06:46,080 --> 00:06:48,240
It becomes structural.

194
00:06:48,240 --> 00:06:51,200
This clicked for me when a model review surfaced

195
00:06:51,200 --> 00:06:53,560
two numbers for eligible customers.

196
00:06:53,560 --> 00:06:56,800
One came from the warehouse view, label, confidential.

197
00:06:56,800 --> 00:06:58,560
The other came from a calculated table

198
00:06:58,560 --> 00:07:00,840
that tweaked eligibility for a campaign.

199
00:07:00,840 --> 00:07:02,520
Both were right for their authors.

200
00:07:02,520 --> 00:07:04,240
Now there could be safely deleted.

201
00:07:04,240 --> 00:07:06,280
The calculated one had bled into measures

202
00:07:06,280 --> 00:07:09,800
in visuals across five workspaces through shared data set reuse.

203
00:07:09,800 --> 00:07:11,920
We could not audit who could see what,

204
00:07:11,920 --> 00:07:14,280
when, without replaying human intent,

205
00:07:14,280 --> 00:07:16,840
spread across dozens of DAX expressions.

206
00:07:16,840 --> 00:07:18,960
That is security that created by convenience.

207
00:07:18,960 --> 00:07:20,520
Now here's where most people mess up.

208
00:07:20,520 --> 00:07:23,560
They treat calculated tables as just in time modeling.

209
00:07:23,560 --> 00:07:24,840
It's faster to build here.

210
00:07:24,840 --> 00:07:25,840
It is faster.

211
00:07:25,840 --> 00:07:27,640
It is also governance bypass.

212
00:07:27,640 --> 00:07:29,600
The model becomes an authoring surface

213
00:07:29,600 --> 00:07:31,880
for business rules that should have lived upstream,

214
00:07:31,880 --> 00:07:35,400
where identity, labeling, and DLP can be to them.

215
00:07:35,400 --> 00:07:37,560
When you compute the rule in the semantic layer,

216
00:07:37,560 --> 00:07:41,120
you grant analysts the power to redefine classifications,

217
00:07:41,120 --> 00:07:43,120
rewrite keys, or stitch domains

218
00:07:43,120 --> 00:07:45,000
without the control plane ever seeing it.

219
00:07:45,000 --> 00:07:46,760
You are not misconfiguring fabric.

220
00:07:46,760 --> 00:07:48,080
You are omitting design.

221
00:07:48,080 --> 00:07:50,520
Architecturally, this is why drift is inevitable.

222
00:07:50,520 --> 00:07:52,160
The semantic model is a consumer.

223
00:07:52,160 --> 00:07:54,080
It should bind to governed definitions.

224
00:07:54,080 --> 00:07:56,320
When it produces definitions, it forks the truth.

225
00:07:56,320 --> 00:07:58,080
Every fork dilutes enforcement.

226
00:07:58,080 --> 00:08:00,400
Labels don't propagate deterministically across a table

227
00:08:00,400 --> 00:08:03,400
synthesized from multiple inputs with mixed classifications.

228
00:08:03,400 --> 00:08:06,960
Joins materialized in DAX don't inherit the same identity

229
00:08:06,960 --> 00:08:09,520
boundaries that entra enforces at the source.

230
00:08:09,520 --> 00:08:13,400
And because calculated tables feel harmless, just DAX, just data,

231
00:08:13,400 --> 00:08:14,760
they slip past review.

232
00:08:14,760 --> 00:08:16,920
These pathways accumulate.

233
00:08:16,920 --> 00:08:19,080
The deterministic stance is ruthless.

234
00:08:19,080 --> 00:08:20,680
Business definitions live upstream.

235
00:08:20,680 --> 00:08:23,040
The model consumes never redefines.

236
00:08:23,040 --> 00:08:25,800
If the warehouse lacks the construct, you added there.

237
00:08:25,800 --> 00:08:28,120
If the domain team won't own it, you do not ship it.

238
00:08:28,120 --> 00:08:29,040
That is not dogma.

239
00:08:29,040 --> 00:08:30,880
It is boundary enforcement.

240
00:08:30,880 --> 00:08:34,280
Upstream is where identity compiles intent, purview labels,

241
00:08:34,280 --> 00:08:36,520
veto unsafe compositions, and DLP policies

242
00:08:36,520 --> 00:08:38,000
can block downstream reuse.

243
00:08:38,000 --> 00:08:40,240
If a control cannot stop a model from existing,

244
00:08:40,240 --> 00:08:41,560
it is not governance.

245
00:08:41,560 --> 00:08:43,560
Let me show you exactly how to test for drift.

246
00:08:43,560 --> 00:08:45,520
Ask three questions.

247
00:08:45,520 --> 00:08:47,960
Does this calculate a table encode a business definition

248
00:08:47,960 --> 00:08:50,640
that exists or should exist upstream?

249
00:08:50,640 --> 00:08:52,640
If yes, it's illegal and model logic.

250
00:08:52,640 --> 00:08:54,600
Does a join or union across domains

251
00:08:54,600 --> 00:08:56,200
with different sensitivity labels?

252
00:08:56,200 --> 00:08:57,720
If yes, you've created a classification

253
00:08:57,720 --> 00:08:59,960
override the label system can't see.

254
00:08:59,960 --> 00:09:02,000
Does any downstream measure rely on this artifact

255
00:09:02,000 --> 00:09:03,160
to scope visibility?

256
00:09:03,160 --> 00:09:05,160
If yes, you've mixed authorization semantics

257
00:09:05,160 --> 00:09:06,320
with analytics again.

258
00:09:06,320 --> 00:09:08,240
Once you see that, everything else clicks.

259
00:09:08,240 --> 00:09:11,600
You refactor, disallow calculated tables for domain logic,

260
00:09:11,600 --> 00:09:13,960
restrict them to harmless scaffolding only under controlled

261
00:09:13,960 --> 00:09:15,800
review or ban them entirely.

262
00:09:15,800 --> 00:09:17,960
You root requests to data engineering

263
00:09:17,960 --> 00:09:20,400
where labels, lineage, and identity live.

264
00:09:20,400 --> 00:09:22,800
You codify this in publishing policy.

265
00:09:22,800 --> 00:09:25,800
No publication when calculated artifacts of prohibited

266
00:09:25,800 --> 00:09:27,120
categories exist.

267
00:09:27,120 --> 00:09:29,280
Block at build replaces fix in review,

268
00:09:29,280 --> 00:09:32,000
a micro story, a finance team needed active agreements

269
00:09:32,000 --> 00:09:34,240
with a retailer-specific carve out.

270
00:09:34,240 --> 00:09:37,200
They built a calculated table to filter out dormant SKUs

271
00:09:37,200 --> 00:09:39,480
and applied a geographic exception for one chain.

272
00:09:39,480 --> 00:09:40,080
It worked.

273
00:09:40,080 --> 00:09:42,400
A month later, an audit flagged inconsistent counts

274
00:09:42,400 --> 00:09:43,440
across regions.

275
00:09:43,440 --> 00:09:45,160
The calculated artifact had been copied

276
00:09:45,160 --> 00:09:48,440
into a gold workspace and shared as a golden data set.

277
00:09:48,440 --> 00:09:51,080
Two truths existed, both certified.

278
00:09:51,080 --> 00:09:52,600
We killed the table, pushed the definition

279
00:09:52,600 --> 00:09:55,080
into the warehouse attached a highly confidential label

280
00:09:55,080 --> 00:09:56,880
that prevented cross-tenant reuse

281
00:09:56,880 --> 00:09:59,120
and added a DLP rule preventing export

282
00:09:59,120 --> 00:10:01,200
for any model referencing that label.

283
00:10:01,200 --> 00:10:03,680
The count stabilized, the blast radius stayed local

284
00:10:03,680 --> 00:10:06,120
because capacity isolation kept finance models

285
00:10:06,120 --> 00:10:07,360
off shared capacities.

286
00:10:07,360 --> 00:10:09,600
The game changer nobody talks about is this.

287
00:10:09,600 --> 00:10:12,320
Once you prohibit entire categories of calculated artifacts,

288
00:10:12,320 --> 00:10:14,840
the model surface area shrinks to analytics.

289
00:10:14,840 --> 00:10:16,400
Exceptions stop compounding.

290
00:10:16,400 --> 00:10:18,840
Upstream definitions become the only pathway.

291
00:10:18,840 --> 00:10:21,800
You gain something rare in BI, delete safety.

292
00:10:21,800 --> 00:10:23,480
You can retire logic in one place

293
00:10:23,480 --> 00:10:27,040
and know you didn't leave an undead copy in a thousand PBX files.

294
00:10:27,040 --> 00:10:29,560
Even with perfect sources and no calculated tables,

295
00:10:29,560 --> 00:10:32,320
teams will still point to lineage when decisions drift.

296
00:10:32,320 --> 00:10:34,760
That's the next failure mode, lineage theater,

297
00:10:34,760 --> 00:10:36,960
because arrows do not enforce policy.

298
00:10:36,960 --> 00:10:39,520
Enforcement does case three, lineage theater,

299
00:10:39,520 --> 00:10:41,280
pretty graphs, no guarantees.

300
00:10:41,280 --> 00:10:43,240
After you ban calculated artifacts,

301
00:10:43,240 --> 00:10:45,360
someone will hold up Fabric's lineage view

302
00:10:45,360 --> 00:10:46,520
as proof you're safe.

303
00:10:46,520 --> 00:10:47,920
The arrows look authoritative.

304
00:10:47,920 --> 00:10:50,480
Sources flow to transformations, to lake houses,

305
00:10:50,480 --> 00:10:52,320
to semantic models, to reports.

306
00:10:52,320 --> 00:10:53,240
Confidence returns.

307
00:10:53,240 --> 00:10:54,080
It should not.

308
00:10:54,080 --> 00:10:55,240
Lineage is a narrative.

309
00:10:55,240 --> 00:10:56,640
Enforcement is a control.

310
00:10:56,640 --> 00:10:57,680
Those are not the same thing.

311
00:10:57,680 --> 00:10:58,880
Here's the failure pattern.

312
00:10:58,880 --> 00:11:00,600
A regulated data set enters one lake

313
00:11:00,600 --> 00:11:01,880
with a confidential label.

314
00:11:01,880 --> 00:11:03,200
A data flow refines it.

315
00:11:03,200 --> 00:11:05,200
A warehouse table feeds a semantic model.

316
00:11:05,200 --> 00:11:06,800
The lineage graph shows a clean path

317
00:11:06,800 --> 00:11:08,360
from origin to consumption.

318
00:11:08,360 --> 00:11:11,200
Meanwhile, an analyst connects a notebook to the model,

319
00:11:11,200 --> 00:11:14,320
materializes a helper parkay for a side analysis

320
00:11:14,320 --> 00:11:17,800
and re-imports it into a different workspace as benchmark.

321
00:11:17,800 --> 00:11:19,320
The arrows don't render that detour

322
00:11:19,320 --> 00:11:20,960
with the same weight or timing.

323
00:11:20,960 --> 00:11:22,720
Sensitive data has cross boundaries

324
00:11:22,720 --> 00:11:24,160
and the map still looks pretty.

325
00:11:24,160 --> 00:11:26,000
The thing most teams miss is simple.

326
00:11:26,000 --> 00:11:27,720
Lineage is evidence, not assurance.

327
00:11:27,720 --> 00:11:29,400
It's post facto storytelling.

328
00:11:29,400 --> 00:11:30,720
It can tell you where data moved.

329
00:11:30,720 --> 00:11:32,840
It cannot tell you whether your policies were enforced

330
00:11:32,840 --> 00:11:35,120
when it moved, whether labels persisted intact

331
00:11:35,120 --> 00:11:36,760
or whether identity boundaries held

332
00:11:36,760 --> 00:11:38,560
when logic fused domains.

333
00:11:38,560 --> 00:11:40,400
If enforcement is optional, theater grows.

334
00:11:40,400 --> 00:11:41,520
The graph gets denser.

335
00:11:41,520 --> 00:11:43,040
Risk becomes decorative.

336
00:11:43,040 --> 00:11:44,880
This clicked for me in a privacy review

337
00:11:44,880 --> 00:11:46,400
where every box was green.

338
00:11:46,400 --> 00:11:48,280
The lineage showed customer data sourced

339
00:11:48,280 --> 00:11:49,520
from a governed lake house,

340
00:11:49,520 --> 00:11:51,600
transformed by a certified data flow,

341
00:11:51,600 --> 00:11:53,720
landing in a certified semantic model.

342
00:11:53,720 --> 00:11:54,520
Perfect.

343
00:11:54,520 --> 00:11:56,960
Except a top accounts table existed in the model,

344
00:11:56,960 --> 00:11:59,200
created by importing a CSV exported

345
00:11:59,200 --> 00:12:01,080
from a prior version of the same model.

346
00:12:01,080 --> 00:12:02,680
The lineage omitted the export import

347
00:12:02,680 --> 00:12:04,280
because it occurred through a user device

348
00:12:04,280 --> 00:12:05,920
and a temporary workspace.

349
00:12:05,920 --> 00:12:07,400
The arrow missed the policy violation.

350
00:12:07,400 --> 00:12:08,360
The report did not.

351
00:12:08,360 --> 00:12:09,960
Now here's where most people mess up.

352
00:12:09,960 --> 00:12:11,600
They treat lineage as a guardrail.

353
00:12:11,600 --> 00:12:12,440
It is not.

354
00:12:12,440 --> 00:12:13,200
It is a dashboard.

355
00:12:13,200 --> 00:12:15,760
You cannot prevent a car crash with a speedometer.

356
00:12:15,760 --> 00:12:18,640
You can only measure the speed after you've chosen it.

357
00:12:18,640 --> 00:12:20,680
The governance stance has to invert.

358
00:12:20,680 --> 00:12:24,040
Labels and DLP veto unsafe flows in real time.

359
00:12:24,040 --> 00:12:26,000
Lineage explains what happened later.

360
00:12:26,000 --> 00:12:28,200
If a label can't stop a model from being published,

361
00:12:28,200 --> 00:12:29,600
that label is decorative.

362
00:12:29,600 --> 00:12:31,240
If DLP can't block a notebook

363
00:12:31,240 --> 00:12:33,840
from writing a sensitive join to an ungoverned folder,

364
00:12:33,840 --> 00:12:35,320
your edges are ornamental.

365
00:12:35,320 --> 00:12:37,920
Architecturally, this is why guarantees fail.

366
00:12:37,920 --> 00:12:39,800
Fabric connects heterogeneous planes,

367
00:12:39,800 --> 00:12:41,520
control, data, compute.

368
00:12:41,520 --> 00:12:43,040
Each has its own decision surface.

369
00:12:43,040 --> 00:12:45,080
A lineage graph stitches metadata across them,

370
00:12:45,080 --> 00:12:46,800
but not every hop is instrumented equally,

371
00:12:46,800 --> 00:12:48,240
not every path is synchronous

372
00:12:48,240 --> 00:12:50,120
and not every consumer is visible.

373
00:12:50,120 --> 00:12:52,920
Notebooks, exports, composite models, shared data sets,

374
00:12:52,920 --> 00:12:55,480
these are access planes masquerading as convenience.

375
00:12:55,480 --> 00:12:56,920
The map can't enforce intent

376
00:12:56,920 --> 00:12:58,960
because it doesn't own the enforcement points.

377
00:12:58,960 --> 00:13:01,800
Per view does, entra does, DLP does.

378
00:13:01,800 --> 00:13:03,600
If those are not configured to veto,

379
00:13:03,600 --> 00:13:05,080
the arrows are just arrows.

380
00:13:05,080 --> 00:13:07,320
Let me show you exactly how to treat lineage correctly.

381
00:13:07,320 --> 00:13:08,000
Three rules.

382
00:13:08,000 --> 00:13:09,920
Assume every arrow is a hypothesis.

383
00:13:09,920 --> 00:13:11,920
Verify with enforcement sensitivity labels

384
00:13:11,920 --> 00:13:14,000
must persist across the hop and block operations

385
00:13:14,000 --> 00:13:15,000
when they don't.

386
00:13:15,000 --> 00:13:16,960
Tested by attempting the prohibited action

387
00:13:16,960 --> 00:13:18,520
and expecting a failure.

388
00:13:18,520 --> 00:13:21,080
Treat off graph flows as the default threat.

389
00:13:21,080 --> 00:13:23,960
Any export, notebook, write or cross workspace reuse

390
00:13:23,960 --> 00:13:25,960
must encounter DLP at the boundary

391
00:13:25,960 --> 00:13:27,600
and conditional access at identity.

392
00:13:27,600 --> 00:13:30,440
If you can't force that check, you do not control the edge.

393
00:13:30,440 --> 00:13:32,680
Use lineage for impact analysis, not comfort.

394
00:13:32,680 --> 00:13:34,440
When a source changes, you trace who breaks.

395
00:13:34,440 --> 00:13:37,120
When an incident hits, you reconstruct blast radius.

396
00:13:37,120 --> 00:13:40,040
You do not assume safety because the graph looks clean.

397
00:13:40,040 --> 00:13:41,160
A micro story.

398
00:13:41,160 --> 00:13:43,640
A health analytics team proudly showed full lineage

399
00:13:43,640 --> 00:13:46,720
from EMR extracts to a deidentified encounters model.

400
00:13:46,720 --> 00:13:48,360
Labels looked correct and to end.

401
00:13:48,360 --> 00:13:50,640
During a drill, we asked them to export a small slice

402
00:13:50,640 --> 00:13:52,040
for a vendor model test.

403
00:13:52,040 --> 00:13:54,320
The exports exceeded because the label policy annotated.

404
00:13:54,320 --> 00:13:55,440
It didn't veto.

405
00:13:55,440 --> 00:13:57,800
The CSV was re-imported as a synthetic benchmark

406
00:13:57,800 --> 00:13:59,080
in a separate workspace.

407
00:13:59,080 --> 00:14:01,320
Lineage showed a new node post hoc.

408
00:14:01,320 --> 00:14:05,040
We flipped the policy, label blocks export for that classification,

409
00:14:05,040 --> 00:14:08,120
notebooks, writing tables, inherit and propagate labels,

410
00:14:08,120 --> 00:14:12,280
DLP intercepts cross workspace imports with confidential payloads

411
00:14:12,280 --> 00:14:14,720
and conditional access forces compliant devices

412
00:14:14,720 --> 00:14:16,320
for any lake house right.

413
00:14:16,320 --> 00:14:18,240
The next export attempt failed closed.

414
00:14:18,240 --> 00:14:19,480
The graph didn't change much.

415
00:14:19,480 --> 00:14:21,720
The system did.

416
00:14:21,720 --> 00:14:23,920
The game changer nobody talks about is this.

417
00:14:23,920 --> 00:14:26,160
Once you stop treating lineage as a control,

418
00:14:26,160 --> 00:14:27,200
your design changes.

419
00:14:27,200 --> 00:14:29,200
You move decisions to the control plane,

420
00:14:29,200 --> 00:14:30,960
labels define what?

421
00:14:30,960 --> 00:14:34,080
DLP enforces how data leaves or persists.

422
00:14:34,080 --> 00:14:35,760
Entra decides who.

423
00:14:35,760 --> 00:14:37,600
Lineage becomes what it always was.

424
00:14:37,600 --> 00:14:38,360
Evidence.

425
00:14:38,360 --> 00:14:39,000
Useful.

426
00:14:39,000 --> 00:14:41,680
Informative, but never a guarantee.

427
00:14:41,680 --> 00:14:42,560
Case 4.

428
00:14:42,560 --> 00:14:44,960
Share data set plus cross workspace access.

429
00:14:44,960 --> 00:14:46,640
You fixed calculated tables.

430
00:14:46,640 --> 00:14:48,160
You stopped trusting lineage.

431
00:14:48,160 --> 00:14:50,680
Then someone proposes the golden data set.

432
00:14:50,680 --> 00:14:52,400
One semantic model to rule them all

433
00:14:52,400 --> 00:14:54,680
shared across workspaces for consistency.

434
00:14:54,680 --> 00:14:55,480
It sounds efficient.

435
00:14:55,480 --> 00:14:56,600
It is an access plane.

436
00:14:56,600 --> 00:14:58,800
The moment you reuse a model across workspaces,

437
00:14:58,800 --> 00:15:01,520
you erode the very boundaries you thought you were enforcing.

438
00:15:01,520 --> 00:15:02,880
Here's the failure pattern.

439
00:15:02,880 --> 00:15:05,840
Finance publishes a certified revenue core semantic model

440
00:15:05,840 --> 00:15:07,080
in a controlled workspace.

441
00:15:07,080 --> 00:15:09,840
Product, sales and ops build, thin reports against it

442
00:15:09,840 --> 00:15:11,360
from their own workspaces.

443
00:15:11,360 --> 00:15:14,160
To speed adoption and analyst adds a few convenience roles

444
00:15:14,160 --> 00:15:16,680
in the shared model plus a couple of broadly scoped

445
00:15:16,680 --> 00:15:19,120
intro groups so everyone who needs it gets in,

446
00:15:19,120 --> 00:15:22,280
it works queries flow, dashboard ship.

447
00:15:22,280 --> 00:15:25,280
Three months later, an audit asks a simple question.

448
00:15:25,280 --> 00:15:28,440
List every user who could access Rose labeled highly confidential

449
00:15:28,440 --> 00:15:31,400
for region X on the evening of June 5th.

450
00:15:31,400 --> 00:15:33,800
You can't answer because identity scope now spans

451
00:15:33,800 --> 00:15:36,640
multiple workspaces, each with separate sharing,

452
00:15:36,640 --> 00:15:38,680
each with local report level filters,

453
00:15:38,680 --> 00:15:40,960
and each with its own set of temporarily added users

454
00:15:40,960 --> 00:15:42,440
that never got removed.

455
00:15:42,440 --> 00:15:44,560
The golden dataset dissolved your boundary.

456
00:15:44,560 --> 00:15:47,040
The thing most teams miss is simple.

457
00:15:47,040 --> 00:15:49,880
Cross workspace reuse is not a convenience feature.

458
00:15:49,880 --> 00:15:51,360
It's an access plane.

459
00:15:51,360 --> 00:15:54,880
When you point a report in workspace B at a model in workspace A,

460
00:15:54,880 --> 00:15:56,280
you didn't just reuse metrics.

461
00:15:56,280 --> 00:15:59,600
You created a new path where users, service principles,

462
00:15:59,600 --> 00:16:02,640
and groups in B can induce queries against A.

463
00:16:02,640 --> 00:16:05,040
If inheritance semantics between the control plane,

464
00:16:05,040 --> 00:16:08,520
workspaces, roles, sharing, and the data plane model permissions

465
00:16:08,520 --> 00:16:11,640
are less, don't match perfectly, and they never do.

466
00:16:11,640 --> 00:16:15,520
You've now got inferred trust replacing explicit authorization.

467
00:16:15,520 --> 00:16:17,320
This clicked for me during a permissions review.

468
00:16:17,320 --> 00:16:19,760
The shared model had tight RLS by region.

469
00:16:19,760 --> 00:16:21,880
The consuming workspace had a power BI app

470
00:16:21,880 --> 00:16:23,800
with build permission granted to a team group

471
00:16:23,800 --> 00:16:25,000
that included contractors.

472
00:16:25,000 --> 00:16:27,240
Contractors could not view the app content,

473
00:16:27,240 --> 00:16:29,640
but build permission was enough to create a new report

474
00:16:29,640 --> 00:16:31,240
that bound to the shared dataset,

475
00:16:31,240 --> 00:16:32,960
publish it to a different workspace,

476
00:16:32,960 --> 00:16:35,120
and request access there through a different owner

477
00:16:35,120 --> 00:16:37,720
who assumed group membership implied vetting.

478
00:16:37,720 --> 00:16:39,440
Intent dissolved across boundaries.

479
00:16:39,440 --> 00:16:41,320
No breach, no alert.

480
00:16:41,320 --> 00:16:43,120
Just architectural erosion.

481
00:16:43,120 --> 00:16:45,680
Now here's where most people mess up,

482
00:16:45,680 --> 00:16:48,120
that they try to manage shared data sets sprawl

483
00:16:48,120 --> 00:16:49,800
with naming conventions and wikis.

484
00:16:49,800 --> 00:16:51,840
They write who should use this on a confluence page

485
00:16:51,840 --> 00:16:54,320
and hope it sticks, or they centralize ownership

486
00:16:54,320 --> 00:16:56,840
in one admin who approves every access request.

487
00:16:56,840 --> 00:16:58,960
It works until it doesn't, velocity wins,

488
00:16:58,960 --> 00:17:01,200
and exceptions pile up as temporary.

489
00:17:01,200 --> 00:17:03,520
Those exceptions are entropy generators.

490
00:17:03,520 --> 00:17:06,400
Over time, your golden dataset becomes a federation

491
00:17:06,400 --> 00:17:08,560
of implied contracts you never encoded.

492
00:17:08,560 --> 00:17:10,840
Architecturally, this is why the boundary fails.

493
00:17:10,840 --> 00:17:12,800
Workspaces are control plane containers.

494
00:17:12,800 --> 00:17:16,320
Data sets are data plane objects, reports in other workspaces,

495
00:17:16,320 --> 00:17:18,240
create new authorization contexts

496
00:17:18,240 --> 00:17:20,560
that your original workspace never sees.

497
00:17:20,560 --> 00:17:24,000
Even if RLS holds, the identity graph expands.

498
00:17:24,000 --> 00:17:26,920
App audiences, build permissions, share links,

499
00:17:26,920 --> 00:17:29,880
service principles, and cross tenant B2B guests.

500
00:17:29,880 --> 00:17:31,880
And remember, the engine evaluates measures

501
00:17:31,880 --> 00:17:34,680
under whatever filter context the consuming reports applies.

502
00:17:34,680 --> 00:17:36,760
If that report introduces global benchmarks

503
00:17:36,760 --> 00:17:40,400
or helper pages that compare scoped values to unscoped ones,

504
00:17:40,400 --> 00:17:42,160
you just reintroduce the inference problem

505
00:17:42,160 --> 00:17:43,520
from a different angle.

506
00:17:43,520 --> 00:17:46,160
Now scattered across teams you don't manage.

507
00:17:46,160 --> 00:17:48,440
The deterministic stance is uncompromising

508
00:17:48,440 --> 00:17:51,280
and force boundaries at Entra Group and Service Principle Level.

509
00:17:51,280 --> 00:17:52,640
No implicit reach through.

510
00:17:52,640 --> 00:17:54,160
That means a few hard rules.

511
00:17:54,160 --> 00:17:57,240
The only identities allowed to query a shared dataset

512
00:17:57,240 --> 00:17:59,160
are explicitly enumerated Entra Groups

513
00:17:59,160 --> 00:18:01,480
that you own, review, and recertify.

514
00:18:01,480 --> 00:18:05,280
No nested everyone groups, no ad hoc shares, no email addresses.

515
00:18:05,280 --> 00:18:07,360
Build permission is not a shortcut for trust.

516
00:18:07,360 --> 00:18:09,960
If a user can build, they are in scope for query.

517
00:18:09,960 --> 00:18:13,400
Treat, build as equivalent to, may execute arbitrary DAX

518
00:18:13,400 --> 00:18:14,600
against this model.

519
00:18:14,600 --> 00:18:16,720
If that's not acceptable, they don't get built.

520
00:18:16,720 --> 00:18:19,200
Consuming workspace is do not extend authorization.

521
00:18:19,200 --> 00:18:20,360
They project it.

522
00:18:20,360 --> 00:18:22,760
If the consuming workspace contains users not

523
00:18:22,760 --> 00:18:25,960
in the datasets approved groups, the connection fails closed.

524
00:18:25,960 --> 00:18:27,640
No inherit from container semantics.

525
00:18:27,640 --> 00:18:30,000
No app audience implies data access.

526
00:18:30,000 --> 00:18:31,560
Let me show you exactly how to recent test

527
00:18:31,560 --> 00:18:32,960
a shared dataset design.

528
00:18:32,960 --> 00:18:34,040
Ask three questions.

529
00:18:34,040 --> 00:18:36,280
Can any consuming workspace add a principle

530
00:18:36,280 --> 00:18:38,640
who is not present in the datasets Entra Groups

531
00:18:38,640 --> 00:18:39,920
and still induce queries?

532
00:18:39,920 --> 00:18:41,760
If yes, you have reached through.

533
00:18:41,760 --> 00:18:43,720
Does any consuming report introduce measures

534
00:18:43,720 --> 00:18:45,760
that compare scoped values to all values

535
00:18:45,760 --> 00:18:46,600
from the shared model?

536
00:18:46,600 --> 00:18:48,800
If yes, you've reopened an inference channel.

537
00:18:48,800 --> 00:18:50,880
Is there a service principle with build rights used

538
00:18:50,880 --> 00:18:52,160
for automation?

539
00:18:52,160 --> 00:18:54,680
If yes, confirm its app role is scoped

540
00:18:54,680 --> 00:18:57,000
to the same groups enforced by RLS

541
00:18:57,000 --> 00:18:59,040
or you've created a machine bypass.

542
00:18:59,040 --> 00:19:00,240
A micro story.

543
00:19:00,240 --> 00:19:03,600
A retailer standardised on a shared store performance model.

544
00:19:03,600 --> 00:19:05,760
Marketing built thin reports in their workspace.

545
00:19:05,760 --> 00:19:07,240
To drive a campaign, they granted

546
00:19:07,240 --> 00:19:09,160
a vendor service principle build access

547
00:19:09,160 --> 00:19:11,640
to bind data into a PowerPoint generator.

548
00:19:11,640 --> 00:19:14,000
The principle wasn't in the models region groups.

549
00:19:14,000 --> 00:19:15,920
RLS still filtered row visibility,

550
00:19:15,920 --> 00:19:18,200
but the automation rendered a cross-region trend

551
00:19:18,200 --> 00:19:20,800
by using measures that normalised against removed filters

552
00:19:20,800 --> 00:19:21,720
store.

553
00:19:21,720 --> 00:19:23,240
The vendor never saw individual stores.

554
00:19:23,240 --> 00:19:25,600
They saw a decorated trend line that when compared

555
00:19:25,600 --> 00:19:28,840
to their own regional data, allowed back calculation

556
00:19:28,840 --> 00:19:30,040
of competitor deltas.

557
00:19:30,040 --> 00:19:31,000
Nobody intended it.

558
00:19:31,000 --> 00:19:33,720
Everyone assumed build wasn't view.

559
00:19:33,720 --> 00:19:35,160
It was both.

560
00:19:35,160 --> 00:19:37,400
The game changer nobody talks about is this.

561
00:19:37,400 --> 00:19:40,520
Once you treat cross workspace reuse as an access plane,

562
00:19:40,520 --> 00:19:42,000
you change the defaults.

563
00:19:42,000 --> 00:19:44,800
Shared data sets live behind dedicated Android groups,

564
00:19:44,800 --> 00:19:47,760
no nested membership, quarterly recertification.

565
00:19:47,760 --> 00:19:49,680
Service principles are workload identities

566
00:19:49,680 --> 00:19:51,920
with conditional access and kill switches.

567
00:19:51,920 --> 00:19:54,880
Consuming workspaces get zero authority by default.

568
00:19:54,880 --> 00:19:57,480
Build is gated by the same groups as view.

569
00:19:57,480 --> 00:19:59,800
And when a team insists on a local convenience measure

570
00:19:59,800 --> 00:20:02,600
that compares scope to unscoped, you don't argue style.

571
00:20:02,600 --> 00:20:05,280
You block publication until that logic lives upstream

572
00:20:05,280 --> 00:20:07,920
where identity has already decided who may see the result.

573
00:20:07,920 --> 00:20:09,800
You are not misconfiguring power BI.

574
00:20:09,800 --> 00:20:12,480
You are refusing to let convenience become your authorization

575
00:20:12,480 --> 00:20:14,400
model, boundaries aren't labels or arrows.

576
00:20:14,400 --> 00:20:16,480
Boundaries are identities evaluated at runtime

577
00:20:16,480 --> 00:20:17,800
enforced by design.

578
00:20:17,800 --> 00:20:21,240
Case five, Dex exception sprawl, the patchwork semantic layer,

579
00:20:21,240 --> 00:20:24,680
you band calculated tables, you lockdown shared data sets,

580
00:20:24,680 --> 00:20:26,400
the arrows no longer allow you.

581
00:20:26,400 --> 00:20:28,240
Then the sprawl begins, not with a breach,

582
00:20:28,240 --> 00:20:30,960
but with a favour, which we just need a one-off measure.

583
00:20:30,960 --> 00:20:33,040
It chips, it works, it stays.

584
00:20:33,040 --> 00:20:35,920
Six months later, the semantic layer is a quilt of exceptions.

585
00:20:35,920 --> 00:20:38,880
Nobody can read, nobody can test, and nobody can retire.

586
00:20:38,880 --> 00:20:40,120
Here's the failure pattern.

587
00:20:40,120 --> 00:20:42,040
A report needs a clean profit margin

588
00:20:42,040 --> 00:20:43,720
that excludes promo excuse.

589
00:20:43,720 --> 00:20:45,120
Another team wants a net revenue

590
00:20:45,120 --> 00:20:47,480
that smooths returns over a rolling window.

591
00:20:47,480 --> 00:20:49,920
A third needs active customers with a carve-out

592
00:20:49,920 --> 00:20:51,160
for trial periods.

593
00:20:51,160 --> 00:20:52,240
Each request is reasonable.

594
00:20:52,240 --> 00:20:55,440
Each becomes a local measure with a slightly different definition

595
00:20:55,440 --> 00:20:57,360
and a slightly different escape hatch.

596
00:20:57,360 --> 00:20:59,120
Review never happens because there's nothing

597
00:20:59,120 --> 00:21:00,920
obviously malicious, just math.

598
00:21:00,920 --> 00:21:03,520
Over time, those one-offs crystallize into patterns.

599
00:21:03,520 --> 00:21:06,320
Helper measures that normalize across removed filters,

600
00:21:06,320 --> 00:21:08,760
convenience flags that backdoor classification,

601
00:21:08,760 --> 00:21:10,800
total versus my scope comparators

602
00:21:10,800 --> 00:21:13,640
that reopen inference dynamic format strings

603
00:21:13,640 --> 00:21:15,600
that encode sensitive state in visuals.

604
00:21:15,600 --> 00:21:17,480
The model becomes an authorization patchwork

605
00:21:17,480 --> 00:21:19,080
disguised as analytics.

606
00:21:19,080 --> 00:21:20,920
The thing most teams miss is simple.

607
00:21:20,920 --> 00:21:22,520
Exceptions are entropy generators

608
00:21:22,520 --> 00:21:24,200
that never retire themselves.

609
00:21:24,200 --> 00:21:25,480
Readability is not control.

610
00:21:25,480 --> 00:21:26,880
A pretty measure name and a comments block

611
00:21:26,880 --> 00:21:27,960
don't enforce anything.

612
00:21:27,960 --> 00:21:29,960
Libraries without policy are accelerants.

613
00:21:29,960 --> 00:21:32,240
The moment you centralize a helper measure

614
00:21:32,240 --> 00:21:34,280
and publish it as reusable,

615
00:21:34,280 --> 00:21:36,120
you've industrialized the exception.

616
00:21:36,120 --> 00:21:38,720
A thousand reports can now invoke a logic path

617
00:21:38,720 --> 00:21:42,560
that was never vetted by identity, labels, or DLP.

618
00:21:42,560 --> 00:21:44,920
That is how semantic layers turn into decision engines

619
00:21:44,920 --> 00:21:46,080
you didn't design.

620
00:21:46,080 --> 00:21:48,400
This clicked for me during a deprecation exercise.

621
00:21:48,400 --> 00:21:50,360
We tried to remove net revenue edgy,

622
00:21:50,360 --> 00:21:53,280
created two years prior to handle a promotional anomaly.

623
00:21:53,280 --> 00:21:56,320
It lived in four workspaces, had eight variations

624
00:21:56,320 --> 00:21:59,600
and fed a KPI used by finance, marketing, and operations.

625
00:21:59,600 --> 00:22:02,240
Each copy diverged subtly, different date windows,

626
00:22:02,240 --> 00:22:04,560
different product filters, different fallback behaviors

627
00:22:04,560 --> 00:22:05,760
when plant tables changed.

628
00:22:05,760 --> 00:22:08,720
We couldn't kill any of them without breaking good reports.

629
00:22:08,720 --> 00:22:10,200
We weren't refactoring DAX.

630
00:22:10,200 --> 00:22:13,440
We were unwinding organizational folklore embedded in formulas.

631
00:22:13,440 --> 00:22:14,840
Now here's where most people mess up.

632
00:22:14,840 --> 00:22:17,760
They attempt to fight sprawl with linting and code reviews.

633
00:22:17,760 --> 00:22:20,240
They add naming conventions, folder structures,

634
00:22:20,240 --> 00:22:23,280
a helper table of standard measures, and a request form.

635
00:22:23,280 --> 00:22:25,000
It slows entropy for a quarter.

636
00:22:25,000 --> 00:22:26,960
Then velocity wins, a deadline arrives.

637
00:22:26,960 --> 00:22:29,400
Someone copies a measure, tweaks one line, and ships.

638
00:22:29,400 --> 00:22:32,040
Exceptions compound because your controls are advisory.

639
00:22:32,040 --> 00:22:33,440
They don't fail closed.

640
00:22:33,440 --> 00:22:35,800
Architecturally, this is why sprawl is inevitable

641
00:22:35,800 --> 00:22:37,080
in a permissive system.

642
00:22:37,080 --> 00:22:40,200
DAX is a functional language with powerful context manipulation.

643
00:22:40,200 --> 00:22:43,280
It can represent authorization adjacent logic, succinctly,

644
00:22:43,280 --> 00:22:45,960
and spread instantly via copy paste or shared libraries.

645
00:22:45,960 --> 00:22:49,120
Without a policy compiler that forbids entire categories,

646
00:22:49,120 --> 00:22:50,920
you can't prevent the same anti-pattern

647
00:22:50,920 --> 00:22:52,640
from reappearing with a new name.

648
00:22:52,640 --> 00:22:55,200
Every library you publish without a policy manifest

649
00:22:55,200 --> 00:22:57,920
becomes a distribution channel for ambiguity.

650
00:22:57,920 --> 00:23:00,600
Every temporary measure becomes a new model.

651
00:23:00,600 --> 00:23:03,480
The deterministic stance is blunt, prohibit categories

652
00:23:03,480 --> 00:23:04,760
of logic and DAX.

653
00:23:04,760 --> 00:23:07,200
Ban authorization adjacent measures outright.

654
00:23:07,200 --> 00:23:10,600
If a measure alters visibility in further cross-identity boundaries

655
00:23:10,600 --> 00:23:12,920
rewrites business keys or overrides classification,

656
00:23:12,920 --> 00:23:14,760
it cannot exist in the semantic layer.

657
00:23:14,760 --> 00:23:18,360
You don't review it, you block it, you relocate the need upstream,

658
00:23:18,360 --> 00:23:20,640
where identity labels and DLP can adjudicate.

659
00:23:20,640 --> 00:23:23,200
And you drive the rest through libraries with policy manifests,

660
00:23:23,200 --> 00:23:24,360
not just code.

661
00:23:24,360 --> 00:23:27,920
A manifest declares the allowed filters, the sensitivity scope,

662
00:23:27,920 --> 00:23:30,600
the identity assumptions, and the failure mode.

663
00:23:30,600 --> 00:23:32,680
If the assumptions aren't met, the build fails,

664
00:23:32,680 --> 00:23:34,520
not a warning, a veto.

665
00:23:34,520 --> 00:23:36,480
Let me show you exactly how to reason test

666
00:23:36,480 --> 00:23:40,160
for sprawl before it metastasizes three filters.

667
00:23:40,160 --> 00:23:41,440
Name gravity.

668
00:23:41,440 --> 00:23:44,640
If a measure's name invites reuse, net, adjusted,

669
00:23:44,640 --> 00:23:48,040
normalized, assume it will spread, treated as policy,

670
00:23:48,040 --> 00:23:49,160
not convenience.

671
00:23:49,160 --> 00:23:50,000
Scope mismatch.

672
00:23:50,000 --> 00:23:52,680
If any branch compares scoped values to unscoped totals,

673
00:23:52,680 --> 00:23:54,360
it's an inference path in disguise.

674
00:23:54,360 --> 00:23:56,480
Illegaled on classification distortion.

675
00:23:56,480 --> 00:23:59,760
If dynamic format strings, icons, or SVG encode sensitive state

676
00:23:59,760 --> 00:24:02,120
that are less or labels would otherwise hide,

677
00:24:02,120 --> 00:24:03,760
you've created a leakage channel.

678
00:24:03,760 --> 00:24:05,080
Ban it.

679
00:24:05,080 --> 00:24:06,640
A micro story.

680
00:24:06,640 --> 00:24:09,400
A sales ops team published pipeline adje

681
00:24:09,400 --> 00:24:12,040
to exclude internal transfers from forecasts.

682
00:24:12,040 --> 00:24:14,840
Marketing loved it, copied it, and added a brand filter,

683
00:24:14,840 --> 00:24:17,280
finance forked it, switching to fiscal calendars.

684
00:24:17,280 --> 00:24:20,680
Within weeks, three adjusted pipeline KPIs

685
00:24:20,680 --> 00:24:23,280
disagreed by single digits in executive decks.

686
00:24:23,280 --> 00:24:24,920
Nobody knew which was canonical,

687
00:24:24,920 --> 00:24:28,560
and one variant used all date to stabilize seasonality,

688
00:24:28,560 --> 00:24:31,000
reopening an inference path across regions.

689
00:24:31,000 --> 00:24:32,000
We pulled the plug.

690
00:24:32,000 --> 00:24:34,080
The adjustment moved upstream into the warehouse

691
00:24:34,080 --> 00:24:35,920
with a highly confidential label.

692
00:24:35,920 --> 00:24:38,040
The library got a manifest, allowed filters,

693
00:24:38,040 --> 00:24:39,560
fiscal alignment, and a hard stop

694
00:24:39,560 --> 00:24:42,880
if a report attempted remove filters over protected dimensions.

695
00:24:42,880 --> 00:24:44,320
Build broke until they complied.

696
00:24:44,320 --> 00:24:46,600
The disagreement disappeared, so did the side channel.

697
00:24:46,600 --> 00:24:48,320
The game changer nobody talks about is this.

698
00:24:48,320 --> 00:24:50,920
Once you outlaw whole families of DAX exceptions

699
00:24:50,920 --> 00:24:53,280
and require manifest for reusable logic,

700
00:24:53,280 --> 00:24:55,400
the semantic layer stops being a patchwork.

701
00:24:55,400 --> 00:24:57,040
Measure return to analytics.

702
00:24:57,040 --> 00:24:58,680
Policy returns to identity.

703
00:24:58,680 --> 00:25:00,080
Sproul doesn't slow.

704
00:25:00,080 --> 00:25:01,840
It fails to exist.

705
00:25:01,840 --> 00:25:04,840
Illegal in DAX decisions that must fail closed.

706
00:25:04,840 --> 00:25:07,440
Before we fix anything else, we have to draw the red lines,

707
00:25:07,440 --> 00:25:11,040
not preferences, not best practices, illegal categories,

708
00:25:11,040 --> 00:25:13,120
because ambiguity is where entropy grows

709
00:25:13,120 --> 00:25:14,680
if a measure can change what's visible,

710
00:25:14,680 --> 00:25:17,800
infer what's hidden, or rewrite what identity already decided

711
00:25:17,800 --> 00:25:18,600
it cannot exist.

712
00:25:18,600 --> 00:25:21,520
These are the decisions that must fail closed in DAX.

713
00:25:21,520 --> 00:25:24,280
Prohibit visibility changes encoded in measures.

714
00:25:24,280 --> 00:25:26,040
Anything that expands or contracts

715
00:25:26,040 --> 00:25:29,440
who can see rows or columns directly or by proxy

716
00:25:29,440 --> 00:25:30,520
is in access control.

717
00:25:30,520 --> 00:25:32,440
That includes patterns that do the following.

718
00:25:32,440 --> 00:25:34,800
Remove filters, unprotected dimensions,

719
00:25:34,800 --> 00:25:38,640
using all, all except or remove filters.

720
00:25:38,640 --> 00:25:41,240
Conditionally, mask values based on slices

721
00:25:41,240 --> 00:25:44,280
when the slicer scope differs from identity scope.

722
00:25:44,280 --> 00:25:46,800
Or fabricate helper totals that aggregate

723
00:25:46,800 --> 00:25:49,320
outside the viewers are less.

724
00:25:49,320 --> 00:25:51,080
Architecturally, these aren't aggregations.

725
00:25:51,080 --> 00:25:52,200
They are alternate worlds.

726
00:25:52,200 --> 00:25:54,240
If you need a global view, computed upstream

727
00:25:54,240 --> 00:25:57,720
under identity and publish the result as a governed artifact.

728
00:25:57,720 --> 00:25:59,120
DAX consumes visibility.

729
00:25:59,120 --> 00:26:00,320
It never defines it.

730
00:26:00,320 --> 00:26:02,120
Prohibit security context, inference,

731
00:26:02,120 --> 00:26:04,480
via aggregates or conditional masking.

732
00:26:04,480 --> 00:26:07,880
If a measure can compare my scoped value to an all-value,

733
00:26:07,880 --> 00:26:09,600
you've built a subtraction engine.

734
00:26:09,600 --> 00:26:12,280
If it can flip format strings, icons or SVGs

735
00:26:12,280 --> 00:26:14,960
based on a hidden state you've encoded a covert channel,

736
00:26:14,960 --> 00:26:17,160
the shortcut nobody teaches is simple.

737
00:26:17,160 --> 00:26:19,280
Any comparator that crosses identity boundaries

738
00:26:19,280 --> 00:26:20,760
is an inference tool in disguise.

739
00:26:20,760 --> 00:26:22,640
The engine is happy to compute both sides.

740
00:26:22,640 --> 00:26:24,280
Your RLS won't stop the math.

741
00:26:24,280 --> 00:26:26,920
The only safe version is one where both operands

742
00:26:26,920 --> 00:26:29,280
are produced upstream in a domain already decided

743
00:26:29,280 --> 00:26:30,760
by Entra and Tag by Purview.

744
00:26:30,760 --> 00:26:32,920
If that's not true, the measure is illegal.

745
00:26:32,920 --> 00:26:35,520
Prohibit business key rewrites that bypass lineage

746
00:26:35,520 --> 00:26:37,480
and labels calculation shortcuts

747
00:26:37,480 --> 00:26:39,400
that stitch keys across domains,

748
00:26:39,400 --> 00:26:41,280
concatenating region and month,

749
00:26:41,280 --> 00:26:43,840
coalescing surrogate keys or reassigning unknowns

750
00:26:43,840 --> 00:26:46,080
on the fly or classification operations.

751
00:26:46,080 --> 00:26:49,080
They alter how data joins, which alters what rows exist.

752
00:26:49,080 --> 00:26:52,200
Upstream is where keys are defined, stewarded and labeled.

753
00:26:52,200 --> 00:26:54,600
In model rewrites create a side ledger,

754
00:26:54,600 --> 00:26:56,160
your governance can't see.

755
00:26:56,160 --> 00:26:57,160
That distinction matters.

756
00:26:57,160 --> 00:27:00,400
If the business key needs a fix, fix it where lineage can prove it

757
00:27:00,400 --> 00:27:02,000
and labels can veto it.

758
00:27:02,000 --> 00:27:03,920
Prohibit data classification overrides

759
00:27:03,920 --> 00:27:06,240
including format string tricks and SVG encoding

760
00:27:06,240 --> 00:27:07,360
of sensitive states.

761
00:27:07,360 --> 00:27:10,840
Dynamic format strings can leak confidential classifications,

762
00:27:10,840 --> 00:27:14,520
colors for at-risk accounts, icons for blocked vendors,

763
00:27:14,520 --> 00:27:16,880
suffixes that imply threshold crossings.

764
00:27:16,880 --> 00:27:20,520
If a user can only see a subset of rows by RLS,

765
00:27:20,520 --> 00:27:22,440
but the visual signals depend on totals

766
00:27:22,440 --> 00:27:23,880
that include hidden rows,

767
00:27:23,880 --> 00:27:26,400
you've turned visuals into a disclosure device.

768
00:27:26,400 --> 00:27:27,600
The rule is blunt.

769
00:27:27,600 --> 00:27:30,640
If a label would hide or restrict the underlying data,

770
00:27:30,640 --> 00:27:33,720
the semantic layer may not represent that state indirectly.

771
00:27:33,720 --> 00:27:36,280
Either compute a safe, labeled derivative upstream

772
00:27:36,280 --> 00:27:37,360
or it does not render.

773
00:27:37,360 --> 00:27:40,240
Prohibit cross domain joins that materialize identity leakage

774
00:27:40,240 --> 00:27:43,440
paths, DAX patterns that treat as one domain into another

775
00:27:43,440 --> 00:27:45,800
or that create virtual relationships across tables

776
00:27:45,800 --> 00:27:48,240
with different sensitivity or identity scopes,

777
00:27:48,240 --> 00:27:51,200
turn a report into a join engine, your control plane,

778
00:27:51,200 --> 00:27:52,680
didn't authorize.

779
00:27:52,680 --> 00:27:54,680
Even if each table is individually safe,

780
00:27:54,680 --> 00:27:56,320
their intersection might not be.

781
00:27:56,320 --> 00:27:58,800
If the join is legitimate, it belongs in the data plane

782
00:27:58,800 --> 00:28:01,320
governed by labels, lineage and DLP,

783
00:28:01,320 --> 00:28:03,800
where entra guards the perimeter and purview

784
00:28:03,800 --> 00:28:06,440
can persist classification across the results.

785
00:28:06,440 --> 00:28:08,960
And if you can't get that approval upstream,

786
00:28:08,960 --> 00:28:10,560
the join is not allowed downstream.

787
00:28:10,560 --> 00:28:12,680
Now, how do you enforce illegal in a language

788
00:28:12,680 --> 00:28:14,440
that happily evaluates anything you write?

789
00:28:14,440 --> 00:28:15,720
You don't rely on human review.

790
00:28:15,720 --> 00:28:17,160
You fail builds by design.

791
00:28:17,160 --> 00:28:19,560
You lint for band functions only as a proxy,

792
00:28:19,560 --> 00:28:22,280
all remove filters, cross filter, knowing patterns

793
00:28:22,280 --> 00:28:23,480
matter more than tokens.

794
00:28:23,480 --> 00:28:25,320
You attach policy manifest to libraries,

795
00:28:25,320 --> 00:28:27,880
allowed filters, permitted dimension sensitivity scope

796
00:28:27,880 --> 00:28:31,000
and the identity assumptions each function relies on.

797
00:28:31,000 --> 00:28:33,480
If a measure calls a library outside its declared scope,

798
00:28:33,480 --> 00:28:35,080
the model fails to publish.

799
00:28:35,080 --> 00:28:36,920
If a report references a label table

800
00:28:36,920 --> 00:28:38,760
and includes an illegal comparator,

801
00:28:38,760 --> 00:28:40,440
the pipeline rejects the artifact.

802
00:28:40,440 --> 00:28:43,560
No warnings, no exceptions, closed by default.

803
00:28:43,560 --> 00:28:46,240
This is where the separation of duties becomes operational.

804
00:28:46,240 --> 00:28:49,440
Identity belongs to entra, groups, roles, app

805
00:28:49,440 --> 00:28:51,280
and service principle boundaries.

806
00:28:51,280 --> 00:28:54,480
Classification belongs to purview, labels that veto, not decorate.

807
00:28:54,480 --> 00:28:58,200
Exfiltration control belongs to DLP, blocking exports,

808
00:28:58,200 --> 00:29:00,400
notebook rights, composite model blends

809
00:29:00,400 --> 00:29:03,520
and cross workspace imports when labels say no.

810
00:29:03,520 --> 00:29:06,800
Blast radius belongs to capacity, isolating risk domain

811
00:29:06,800 --> 00:29:09,200
so a mistake does not become an incident.

812
00:29:09,200 --> 00:29:11,160
The semantic model sits last in the chain,

813
00:29:11,160 --> 00:29:12,960
it visualizes approved reality.

814
00:29:12,960 --> 00:29:15,200
It never invents its own, a quick sanity test

815
00:29:15,200 --> 00:29:16,640
to keep your reviews short.

816
00:29:16,640 --> 00:29:19,120
For any candidate measure, ask, does this logic introduce

817
00:29:19,120 --> 00:29:21,680
a perspective the user's identity could not request directly?

818
00:29:21,680 --> 00:29:23,120
Does it encode a business decision

819
00:29:23,120 --> 00:29:25,160
that shifts row existence or meaning?

820
00:29:25,160 --> 00:29:26,960
Does it compare my scope to all scope

821
00:29:26,960 --> 00:29:28,280
across a protected dimension?

822
00:29:28,280 --> 00:29:30,320
If any answer is yes, it's illegal in DAX.

823
00:29:30,320 --> 00:29:33,200
Move the requirement upstream, where intent can be compiled,

824
00:29:33,200 --> 00:29:35,040
labeled and enforced or don't ship it.

825
00:29:35,040 --> 00:29:36,920
If you remember nothing else, remember this.

826
00:29:36,920 --> 00:29:38,520
Analytics happens in DAX.

827
00:29:38,520 --> 00:29:39,840
Authorization does not.

828
00:29:39,840 --> 00:29:41,960
When that distinction holds, your model stops drifting.

829
00:29:41,960 --> 00:29:44,160
When it blurs entropy wins.

830
00:29:44,160 --> 00:29:48,240
Entra as authorization compiler, enforce assumptions at scale.

831
00:29:48,240 --> 00:29:51,080
You cannot fix conditional chaos with friendly DAX.

832
00:29:51,080 --> 00:29:52,720
You have to move the decision to a system

833
00:29:52,720 --> 00:29:54,360
that treats authorization like code.

834
00:29:54,360 --> 00:29:55,520
That system is entra.

835
00:29:55,520 --> 00:29:57,840
Think of it as your authorization compiler.

836
00:29:57,840 --> 00:29:59,160
You write intent once.

837
00:29:59,160 --> 00:30:01,400
Who can act, wear and under which conditions,

838
00:30:01,400 --> 00:30:03,640
and entra builds the graph of identities, roles,

839
00:30:03,640 --> 00:30:06,200
and policies that the rest of fabric must obey.

840
00:30:06,200 --> 00:30:08,000
Same inputs produce the same decisions.

841
00:30:08,000 --> 00:30:09,720
No analyst help at runtime.

842
00:30:09,720 --> 00:30:11,400
No drift.

843
00:30:11,400 --> 00:30:12,920
Here's the uncomfortable truth.

844
00:30:12,920 --> 00:30:15,720
If you don't compile intent before the model exists,

845
00:30:15,720 --> 00:30:18,080
you are delegating access to the semantic layer.

846
00:30:18,080 --> 00:30:19,360
It will accept the delegation.

847
00:30:19,360 --> 00:30:20,600
It should not.

848
00:30:20,600 --> 00:30:22,200
Start with non-negotiables.

849
00:30:22,200 --> 00:30:23,560
Identities are not people.

850
00:30:23,560 --> 00:30:24,640
They are actors.

851
00:30:24,640 --> 00:30:28,440
Treat every consumer, human, app, service principal agent

852
00:30:28,440 --> 00:30:30,120
as a first class identity.

853
00:30:30,120 --> 00:30:31,280
Then set boundaries.

854
00:30:31,280 --> 00:30:33,960
App identities only wear automation is necessary.

855
00:30:33,960 --> 00:30:34,960
No shared secrets.

856
00:30:34,960 --> 00:30:36,640
No one app for everything.

857
00:30:36,640 --> 00:30:39,720
Each workload identity has a narrow scope, a revocation

858
00:30:39,720 --> 00:30:41,440
path, and a kill switch.

859
00:30:41,440 --> 00:30:43,720
If you can't disable it without breaking the world,

860
00:30:43,720 --> 00:30:46,040
you build a backhoe, not a tool.

861
00:30:46,040 --> 00:30:48,520
Group membership decides authorization, not workspace

862
00:30:48,520 --> 00:30:49,200
is not names.

863
00:30:49,200 --> 00:30:51,600
Entra groups are the only doorway into sensitive models.

864
00:30:51,600 --> 00:30:53,400
Every group is owned, resertified,

865
00:30:53,400 --> 00:30:55,680
and free of nested everyone recursion.

866
00:30:55,680 --> 00:30:57,440
You grant groups to data sets.

867
00:30:57,440 --> 00:31:00,120
You never grant individuals to reports as a shortcut.

868
00:31:00,120 --> 00:31:02,040
Service principles live under conditional access.

869
00:31:02,040 --> 00:31:03,560
Yes, machines need policies.

870
00:31:03,560 --> 00:31:06,840
Device claims, locations, risk signals applied to workloads,

871
00:31:06,840 --> 00:31:08,160
not just humans.

872
00:31:08,160 --> 00:31:10,920
If the principle can run from anywhere with no friction,

873
00:31:10,920 --> 00:31:13,400
you've built an exfiltration path with an API key.

874
00:31:13,400 --> 00:31:15,960
This is the foundational mistake most teams make.

875
00:31:15,960 --> 00:31:17,960
They try to describe data policy with DAX

876
00:31:17,960 --> 00:31:20,800
when they never described actor policy with Entra.

877
00:31:20,800 --> 00:31:22,080
Once you nail actor boundaries,

878
00:31:22,080 --> 00:31:24,000
you start compiling your assumptions.

879
00:31:24,000 --> 00:31:26,240
Conditional access is where most of your we thought

880
00:31:26,240 --> 00:31:29,400
the network was the boundary beliefs go to die, replace them.

881
00:31:29,400 --> 00:31:31,680
Treat conditional access as the runtime gate

882
00:31:31,680 --> 00:31:33,400
for every path to data.

883
00:31:33,400 --> 00:31:35,720
Block legacy protocols and non-compliant devices.

884
00:31:35,720 --> 00:31:37,600
If a device can't attest, it can't query.

885
00:31:37,600 --> 00:31:39,640
Not warn, not educate, but block.

886
00:31:39,640 --> 00:31:42,080
This is where fail-closed lives in reality.

887
00:31:42,080 --> 00:31:43,560
Risk adaptive decisions.

888
00:31:43,560 --> 00:31:46,560
High-risk user or workload requires step-up MFA

889
00:31:46,560 --> 00:31:48,560
or deny outright for sensitive scopes.

890
00:31:48,560 --> 00:31:50,080
You're not punishing users.

891
00:31:50,080 --> 00:31:51,840
You're preventing helpful automation

892
00:31:51,840 --> 00:31:53,440
from becoming your breach.

893
00:31:53,440 --> 00:31:55,200
App-enforced session controls.

894
00:31:55,200 --> 00:31:57,600
Your builder population is the most dangerous.

895
00:31:57,600 --> 00:32:00,560
Treat build permission like execute arbitrary DAX.

896
00:32:00,560 --> 00:32:03,120
If they can build, they must be on a compliant device

897
00:32:03,120 --> 00:32:06,480
in a trusted network and inside your monitored perimeter.

898
00:32:06,480 --> 00:32:09,400
If they can't meet those conditions, they can't compile queries.

899
00:32:09,400 --> 00:32:11,240
Entitlement management exists to drain

900
00:32:11,240 --> 00:32:13,480
exceptions sprawl from identity.

901
00:32:13,480 --> 00:32:17,160
Every temporary access story is an entropy generator

902
00:32:17,160 --> 00:32:20,160
until you make it a package with an owner, an approver,

903
00:32:20,160 --> 00:32:22,480
a time limit, and an automatic removal.

904
00:32:22,480 --> 00:32:24,440
You encode the business reason in the package.

905
00:32:24,440 --> 00:32:25,680
You don't encode it in a wiki.

906
00:32:25,680 --> 00:32:27,520
Now connect the dots to the semantic layer.

907
00:32:27,520 --> 00:32:30,320
The engine evaluates measures in whatever filter context

908
00:32:30,320 --> 00:32:31,720
the report hands it.

909
00:32:31,720 --> 00:32:34,280
Your job is to ensure only identities you compiled

910
00:32:34,280 --> 00:32:36,040
can hand it any context at all.

911
00:32:36,040 --> 00:32:38,160
Practically that means data sets never

912
00:32:38,160 --> 00:32:40,280
accept build-of-view from outside enumerated

913
00:32:40,280 --> 00:32:41,280
enter groups.

914
00:32:41,280 --> 00:32:43,360
Consuming workspace is project access.

915
00:32:43,360 --> 00:32:44,680
They do not extend it.

916
00:32:44,680 --> 00:32:47,320
A user not in an approved group cannot induce a query,

917
00:32:47,320 --> 00:32:49,640
even if they own the consuming workspace.

918
00:32:49,640 --> 00:32:51,880
Service principles that drive refreshes exports

919
00:32:51,880 --> 00:32:53,880
or embedding do not inherit human access.

920
00:32:53,880 --> 00:32:56,680
They have their own groups, their own conditional access,

921
00:32:56,680 --> 00:32:58,840
and their own approval flows.

922
00:32:58,840 --> 00:33:01,200
Workload identities are not convenience tunnels.

923
00:33:01,200 --> 00:33:02,920
They are bounded executors.

924
00:33:02,920 --> 00:33:04,680
Cross tenant guests are identities.

925
00:33:04,680 --> 00:33:06,880
They get the same packages, conditions, and aspirations.

926
00:33:06,880 --> 00:33:08,200
If you can't express it in entra,

927
00:33:08,200 --> 00:33:10,280
you can't express it with a share link either.

928
00:33:10,280 --> 00:33:12,080
Here's the shortcut nobody teaches.

929
00:33:12,080 --> 00:33:15,160
Your model access review should be primarily an identity review.

930
00:33:15,160 --> 00:33:18,320
If you need a visual to understand who can see what,

931
00:33:18,320 --> 00:33:19,800
when, you already lost.

932
00:33:19,800 --> 00:33:22,160
The answer should be derivedable from group membership,

933
00:33:22,160 --> 00:33:24,960
package grants, and conditional access policy.

934
00:33:24,960 --> 00:33:26,760
If you can't produce that derivation,

935
00:33:26,760 --> 00:33:28,400
the system is probabilistic.

936
00:33:28,400 --> 00:33:30,320
Fix identity, then fix data.

937
00:33:30,320 --> 00:33:31,720
Killswitch mindset.

938
00:33:31,720 --> 00:33:35,200
Every actor must have a rapid testable path to revocation.

939
00:33:35,200 --> 00:33:37,160
Humans leave, vendors change.

940
00:33:37,160 --> 00:33:40,160
Apps misbehave if the only way to stop a runaway principle

941
00:33:40,160 --> 00:33:42,280
is to find the person who knows the password.

942
00:33:42,280 --> 00:33:43,520
You build a time bomb.

943
00:33:43,520 --> 00:33:45,000
Validate Killswitch is quarterly.

944
00:33:45,000 --> 00:33:46,360
Don't trust the toggle.

945
00:33:46,360 --> 00:33:47,400
Press it.

946
00:33:47,400 --> 00:33:49,920
The reason this works is boring, determinism.

947
00:33:49,920 --> 00:33:51,960
Authorization compiled in entra produces

948
00:33:51,960 --> 00:33:55,240
the same answer no matter how many reports, measures, or workspaces

949
00:33:55,240 --> 00:33:56,360
try to reinterpret it.

950
00:33:56,360 --> 00:33:59,200
You centralize who and underwater risk.

951
00:33:59,200 --> 00:34:00,560
Pervue handles what?

952
00:34:00,560 --> 00:34:02,400
DLP handles how it leaves.

953
00:34:02,400 --> 00:34:04,200
And fabric consumes under those constraints.

954
00:34:04,200 --> 00:34:05,600
You've inverted the entropy flow.

955
00:34:05,600 --> 00:34:06,760
One micro story.

956
00:34:06,760 --> 00:34:08,600
A shared customer profitability model

957
00:34:08,600 --> 00:34:10,240
served finance and product.

958
00:34:10,240 --> 00:34:13,200
Before entra hardening, two app registrations existed,

959
00:34:13,200 --> 00:34:15,640
one for refresh, one for monthly export.

960
00:34:15,640 --> 00:34:18,480
Both used broad permissions and ran from anywhere.

961
00:34:18,480 --> 00:34:20,360
We replaced them with workload identities

962
00:34:20,360 --> 00:34:23,680
scoped to one data set each, guarded by conditional access,

963
00:34:23,680 --> 00:34:25,920
trusted network and compliant workload,

964
00:34:25,920 --> 00:34:28,720
assigned via access packages with quarterly expiration

965
00:34:28,720 --> 00:34:31,600
and backed by a Killswitch runbook.

966
00:34:31,600 --> 00:34:33,200
When a vendor integration misfired

967
00:34:33,200 --> 00:34:35,800
and started pulling confidential segments at 2am,

968
00:34:35,800 --> 00:34:37,800
the Killswitch ended it in 30 seconds.

969
00:34:37,800 --> 00:34:39,440
No debate, no slack war room.

970
00:34:39,440 --> 00:34:41,080
Authority had been compiled already.

971
00:34:41,080 --> 00:34:42,840
Identity sets the perimeter.

972
00:34:42,840 --> 00:34:44,800
Next, you make decisions vetoable.

973
00:34:44,800 --> 00:34:48,560
Pervue turns classification into a control, not a caption.

974
00:34:48,560 --> 00:34:50,320
Pervue as veto, not decoration.

975
00:34:50,320 --> 00:34:52,920
Identity compiles who and under what risk.

976
00:34:52,920 --> 00:34:55,080
Now you need a system that says what the data is

977
00:34:55,080 --> 00:34:56,840
and has the authority to say no.

978
00:34:56,840 --> 00:34:58,040
That system is pervue.

979
00:34:58,040 --> 00:34:59,880
Treat it as a veto engine, not a catalog.

980
00:34:59,880 --> 00:35:01,800
If labels can't block their stickers,

981
00:35:01,800 --> 00:35:04,760
if classification can't break a pipeline, it's theater.

982
00:35:04,760 --> 00:35:06,400
Start with the uncomfortable truth.

983
00:35:06,400 --> 00:35:09,720
Sensitivity labels have to be persistent, portable and punitive.

984
00:35:09,720 --> 00:35:11,720
Persistent means the label survives hops.

985
00:35:11,720 --> 00:35:14,080
Lake house to warehouse, warehouse to semantic model,

986
00:35:14,080 --> 00:35:15,160
model to export.

987
00:35:15,160 --> 00:35:17,080
Portable means tools read it the same way.

988
00:35:17,080 --> 00:35:19,840
SQL endpoint, Spark, Power BI, notebooks.

989
00:35:19,840 --> 00:35:21,960
Punitive means the label doesn't just describe a state,

990
00:35:21,960 --> 00:35:23,120
it enforces it.

991
00:35:23,120 --> 00:35:25,480
If highly confidential can be exported to CSV

992
00:35:25,480 --> 00:35:27,280
because a user clicked really hard,

993
00:35:27,280 --> 00:35:30,240
you don't have governance, you have captions.

994
00:35:30,240 --> 00:35:31,680
Here's the practical stance.

995
00:35:31,680 --> 00:35:34,440
Labels define the what in your architecture.

996
00:35:34,440 --> 00:35:37,280
They are the contract that says this asset may not be reused

997
00:35:37,280 --> 00:35:38,680
outside these constraints.

998
00:35:38,680 --> 00:35:40,640
You bind that contract to actions.

999
00:35:40,640 --> 00:35:43,400
In fabric terms, the enforcement points are everywhere.

1000
00:35:43,400 --> 00:35:45,560
Content leaves a controlled boundary.

1001
00:35:45,560 --> 00:35:48,720
Exports from reports, downloads from the service.

1002
00:35:48,720 --> 00:35:51,400
Notebook writes to folders, cross workspace imports,

1003
00:35:51,400 --> 00:35:54,200
composite model blends, data flow outputs.

1004
00:35:54,200 --> 00:35:56,600
If per view can't veto those edges based on label,

1005
00:35:56,600 --> 00:35:58,560
you've designed for drift.

1006
00:35:58,560 --> 00:36:01,040
Auto labeling is not a convenience feature, it's a backstop.

1007
00:36:01,040 --> 00:36:03,600
Classification has to meet velocity where it lives.

1008
00:36:03,600 --> 00:36:04,800
Parkes in one lake,

1009
00:36:04,800 --> 00:36:07,600
SQL tables in the warehouse, semantic model artifacts.

1010
00:36:07,600 --> 00:36:10,280
When patents match or lineage proves sensitive origin,

1011
00:36:10,280 --> 00:36:11,920
labels apply automatically.

1012
00:36:11,920 --> 00:36:13,800
But the important part isn't the automation.

1013
00:36:13,800 --> 00:36:15,080
It's what happens next.

1014
00:36:15,080 --> 00:36:17,440
The label must make specific operations impossible,

1015
00:36:17,440 --> 00:36:19,240
not unadvised, impossible.

1016
00:36:19,240 --> 00:36:20,360
The block is the point.

1017
00:36:20,360 --> 00:36:23,080
Propagation matters because hops are where intent dies.

1018
00:36:23,080 --> 00:36:26,040
You want label persistence across engines and transformations,

1019
00:36:26,040 --> 00:36:27,240
not a best-effort guess.

1020
00:36:27,240 --> 00:36:30,160
When a notebook materializes a table from a labeled source,

1021
00:36:30,160 --> 00:36:31,640
the result inherits the label.

1022
00:36:31,640 --> 00:36:33,920
When a semantic model references a label table,

1023
00:36:33,920 --> 00:36:36,080
the model itself accrues an effective classification

1024
00:36:36,080 --> 00:36:37,560
that limits publication and sharing.

1025
00:36:37,560 --> 00:36:39,360
When a report builds on that model,

1026
00:36:39,360 --> 00:36:41,480
the same effective classification follows.

1027
00:36:41,480 --> 00:36:43,480
And when someone tries the just-a-quick export,

1028
00:36:43,480 --> 00:36:45,880
move DLP reads the label and blocks the exit.

1029
00:36:45,880 --> 00:36:47,280
That chain is vetoed by design.

1030
00:36:47,280 --> 00:36:50,760
This is where lineage re-enters as evidence, not enforcement.

1031
00:36:50,760 --> 00:36:53,160
You use the graph to explain why a label exists

1032
00:36:53,160 --> 00:36:54,360
and where it came from.

1033
00:36:54,360 --> 00:36:56,160
You do not use the graph to decide

1034
00:36:56,160 --> 00:36:58,280
whether the label should have had teeth.

1035
00:36:58,280 --> 00:36:59,680
The graph helps the audit.

1036
00:36:59,680 --> 00:37:02,120
This model derived from two confidential sources,

1037
00:37:02,120 --> 00:37:04,920
therefore its effective classification is confidential,

1038
00:37:04,920 --> 00:37:08,320
therefore export and cross-tenant sharing are disallowed.

1039
00:37:08,320 --> 00:37:09,680
The block is already in place.

1040
00:37:09,680 --> 00:37:10,560
The story comes later.

1041
00:37:10,560 --> 00:37:11,920
Let's make it operational.

1042
00:37:11,920 --> 00:37:14,560
Define a small set of labels with behavior attached.

1043
00:37:14,560 --> 00:37:18,080
Public, internal, confidential, highly confidential.

1044
00:37:18,080 --> 00:37:21,000
For each declare allowed destinations and forbidden operations,

1045
00:37:21,000 --> 00:37:23,000
public can leave, internal cannot leave the tenant,

1046
00:37:23,000 --> 00:37:25,320
confidential cannot leave governed workspaces

1047
00:37:25,320 --> 00:37:26,720
and cannot be exported.

1048
00:37:26,720 --> 00:37:28,640
Highly confidential cannot be copied,

1049
00:37:28,640 --> 00:37:30,080
blended in composite models,

1050
00:37:30,080 --> 00:37:33,040
or written by notebooks outside a specific enclave.

1051
00:37:33,040 --> 00:37:34,400
Then why are the actions?

1052
00:37:34,400 --> 00:37:36,880
Report exports blocked for confidential and above,

1053
00:37:36,880 --> 00:37:40,520
paginated, CSV, Excel, PDF, no exceptions.

1054
00:37:40,520 --> 00:37:42,640
Notebook writes inheritance required.

1055
00:37:42,640 --> 00:37:45,280
If a write strips the label, the operation fails.

1056
00:37:45,280 --> 00:37:47,640
If a target path is outside an allowed enclave,

1057
00:37:47,640 --> 00:37:48,880
the write fails.

1058
00:37:48,880 --> 00:37:50,360
Cross workspace imports,

1059
00:37:50,360 --> 00:37:52,760
blocked when the source model's effective classification

1060
00:37:52,760 --> 00:37:54,640
exceeds the target workspace's policy.

1061
00:37:54,640 --> 00:37:56,000
The connection fails closed.

1062
00:37:56,000 --> 00:37:57,200
Composite models.

1063
00:37:57,200 --> 00:37:59,680
Blending label sources beyond policy is rejected

1064
00:37:59,680 --> 00:38:01,200
by the service at published time.

1065
00:38:01,200 --> 00:38:02,080
Not warned.

1066
00:38:02,080 --> 00:38:03,040
Rejected.

1067
00:38:03,040 --> 00:38:05,840
Data flows and pipelines, outputs inherit labels,

1068
00:38:05,840 --> 00:38:07,960
destinations that cannot guarantee persistence

1069
00:38:07,960 --> 00:38:09,440
are disallowed by policy.

1070
00:38:09,440 --> 00:38:11,640
This clicked for a client the day we turned a catalog

1071
00:38:11,640 --> 00:38:12,880
into a firewall.

1072
00:38:12,880 --> 00:38:16,400
They had confidential customer data in a lake house,

1073
00:38:16,400 --> 00:38:18,000
a certified semantic model,

1074
00:38:18,000 --> 00:38:19,640
and a recurring quarterly review

1075
00:38:19,640 --> 00:38:23,040
where a team exported a slice to verify a third party forecast.

1076
00:38:23,040 --> 00:38:24,280
It had to be Excel.

1077
00:38:24,280 --> 00:38:25,600
The label annotated the model.

1078
00:38:25,600 --> 00:38:26,720
It didn't veto the export.

1079
00:38:26,720 --> 00:38:29,200
A month later, the CSV lived on a vendor drive.

1080
00:38:29,200 --> 00:38:31,000
Nothing malicious, just gravity.

1081
00:38:31,000 --> 00:38:32,600
We changed nothing about their visuals.

1082
00:38:32,600 --> 00:38:34,440
We changed everything about their edges.

1083
00:38:34,440 --> 00:38:36,760
The label now blocked export at the report,

1084
00:38:36,760 --> 00:38:39,640
forced notebooks to inherit classification on write,

1085
00:38:39,640 --> 00:38:42,600
and required a governed enclave for any analytical data

1086
00:38:42,600 --> 00:38:44,280
product that touched that domain.

1087
00:38:44,280 --> 00:38:45,960
The next quarter, they didn't export.

1088
00:38:45,960 --> 00:38:48,520
They created a derived label table in the enclave

1089
00:38:48,520 --> 00:38:50,560
with a safe aggregation upstream,

1090
00:38:50,560 --> 00:38:52,360
then granted the vendor a reviewed package

1091
00:38:52,360 --> 00:38:54,960
to query their table through a supervised endpoint.

1092
00:38:54,960 --> 00:38:56,320
Same business outcome.

1093
00:38:56,320 --> 00:38:57,760
Zero leakage path.

1094
00:38:57,760 --> 00:39:00,440
Propagation also has to cover clever channels.

1095
00:39:00,440 --> 00:39:03,840
Dynamic format strings and SVGs can encode sensitive state.

1096
00:39:03,840 --> 00:39:05,600
If the underlying data is labeled,

1097
00:39:05,600 --> 00:39:07,280
the semantic layer must not be allowed

1098
00:39:07,280 --> 00:39:10,520
to render indirect signals that imply hidden categories.

1099
00:39:10,520 --> 00:39:12,880
Either compute a safe derivative upstream

1100
00:39:12,880 --> 00:39:15,120
and label that or suppress the signal.

1101
00:39:15,120 --> 00:39:17,360
Yes, that means some visuals get less flashy.

1102
00:39:17,360 --> 00:39:19,200
It also means your labels have meaning.

1103
00:39:19,200 --> 00:39:21,200
And here's the pattern most people miss.

1104
00:39:21,200 --> 00:39:24,400
Classification must block reuse, not just access.

1105
00:39:24,400 --> 00:39:26,200
A model labeled confidential shouldn't

1106
00:39:26,200 --> 00:39:28,720
be promotable to a golden share data set

1107
00:39:28,720 --> 00:39:31,160
if it's policy for Bitz Cross workspace reach.

1108
00:39:31,160 --> 00:39:32,800
The published action itself should fail.

1109
00:39:32,800 --> 00:39:34,760
If a label can't stop a model from existing

1110
00:39:34,760 --> 00:39:37,240
in a place where your identity guarantees don't hold,

1111
00:39:37,240 --> 00:39:38,400
it's decoration.

1112
00:39:38,400 --> 00:39:41,520
Type her view to DLP so how data leaves or persists

1113
00:39:41,520 --> 00:39:42,800
is enforced at the edges.

1114
00:39:42,800 --> 00:39:45,600
Type her view to enter so who matters when labels decide?

1115
00:39:45,600 --> 00:39:46,480
Then make it boring.

1116
00:39:46,480 --> 00:39:49,760
Fewer labels, clear behaviors, tested quarterly,

1117
00:39:49,760 --> 00:39:52,920
attempt the prohibited operation, expect failure.

1118
00:39:52,920 --> 00:39:54,920
If you see a prompt you built a suggestion,

1119
00:39:54,920 --> 00:39:56,880
if you see a warning you built a hope,

1120
00:39:56,880 --> 00:39:58,960
governance is neither, governance is a veto.

1121
00:39:58,960 --> 00:40:01,880
DLP guardrails at fabric power BI boundaries.

1122
00:40:01,880 --> 00:40:04,960
Identity compiles who and labels define what.

1123
00:40:04,960 --> 00:40:06,520
Now you need breaks at the edges.

1124
00:40:06,520 --> 00:40:09,520
Data loss prevention is where how data leaves or persists

1125
00:40:09,520 --> 00:40:12,200
stops being aspirational and becomes enforced in motion.

1126
00:40:12,200 --> 00:40:14,280
If DLP is advisory your system will drift.

1127
00:40:14,280 --> 00:40:17,760
If DLP vetoes, exfiltration attempts turn into dead ends,

1128
00:40:17,760 --> 00:40:19,800
not lessons learned.

1129
00:40:19,800 --> 00:40:21,880
Start where the leaks actually happen.

1130
00:40:21,880 --> 00:40:25,560
Uploads, exports, notebooks, composite models,

1131
00:40:25,560 --> 00:40:26,640
and shared data sets.

1132
00:40:26,640 --> 00:40:28,040
These are not feature lists.

1133
00:40:28,040 --> 00:40:29,280
They're escape routes.

1134
00:40:29,280 --> 00:40:32,000
You close them by wiring DLP to the exact operations

1135
00:40:32,000 --> 00:40:34,480
that move data across planes, then making the block

1136
00:40:34,480 --> 00:40:36,320
the default.

1137
00:40:36,320 --> 00:40:37,400
Uploads first.

1138
00:40:37,400 --> 00:40:39,720
Treat every inbound file, parquet, or CSV

1139
00:40:39,720 --> 00:40:41,400
as an untrusted carry on.

1140
00:40:41,400 --> 00:40:44,560
DLP scams on arrival into one lake folders and lake house tables,

1141
00:40:44,560 --> 00:40:47,880
ties detections to purview labels, and assigns effective policy.

1142
00:40:47,880 --> 00:40:50,440
If a file contains patterns that trigger, confidential,

1143
00:40:50,440 --> 00:40:52,640
or higher, it cannot land in a workspace

1144
00:40:52,640 --> 00:40:54,480
that lacks a matching policy boundary.

1145
00:40:54,480 --> 00:40:55,800
The import fails closed.

1146
00:40:55,800 --> 00:40:57,520
Not a banner, a refusal.

1147
00:40:57,520 --> 00:40:59,640
This prevents though, will clean it later pathway

1148
00:40:59,640 --> 00:41:00,960
that never gets cleaned.

1149
00:41:00,960 --> 00:41:02,280
Exports are the classic bleed.

1150
00:41:02,280 --> 00:41:03,600
You don't educate here.

1151
00:41:03,600 --> 00:41:04,920
You ban for protected classes.

1152
00:41:04,920 --> 00:41:08,080
Reports, CSV, Excel, PDF, paginated exports,

1153
00:41:08,080 --> 00:41:09,640
blocked when the effective classification

1154
00:41:09,640 --> 00:41:12,520
is confidential or above, downloads from the service,

1155
00:41:12,520 --> 00:41:13,680
blocked.

1156
00:41:13,680 --> 00:41:14,960
Analyze in Excel.

1157
00:41:14,960 --> 00:41:18,640
Blocked unless the label and group scope, match, and allow list.

1158
00:41:18,640 --> 00:41:20,800
If a business outcome requires a downstream handoff,

1159
00:41:20,800 --> 00:41:22,680
you create an upstream label derivative

1160
00:41:22,680 --> 00:41:25,720
in a governed enclave and ground supervise time-bound access

1161
00:41:25,720 --> 00:41:26,880
to that derivative.

1162
00:41:26,880 --> 00:41:28,480
The report never becomes a file.

1163
00:41:28,480 --> 00:41:30,240
Notebooks are powerful and dangerous

1164
00:41:30,240 --> 00:41:32,200
because they are programmable exits.

1165
00:41:32,200 --> 00:41:33,440
DLP wraps them at right.

1166
00:41:33,440 --> 00:41:34,040
Two rules.

1167
00:41:34,040 --> 00:41:36,520
Inheritance required and destination constrained.

1168
00:41:36,520 --> 00:41:38,480
Any right that drops a label fails.

1169
00:41:38,480 --> 00:41:40,840
Any attempt to write labeled output to a path

1170
00:41:40,840 --> 00:41:43,200
outside an approved enclave fails.

1171
00:41:43,200 --> 00:41:46,240
Spark, pandas, Escal, you don't care about the language.

1172
00:41:46,240 --> 00:41:48,520
You care that the result remains inside the boundary

1173
00:41:48,520 --> 00:41:51,080
with the same teeth it had before the code ran.

1174
00:41:51,080 --> 00:41:52,400
Couple this with conditional access.

1175
00:41:52,400 --> 00:41:54,600
So only compliant devices and trusted locations

1176
00:41:54,600 --> 00:41:57,520
can even open notebooks touching protected domains.

1177
00:41:57,520 --> 00:41:59,280
Composite models and shared datasets

1178
00:41:59,280 --> 00:42:00,800
present blended exits.

1179
00:42:00,800 --> 00:42:02,720
DLP must inspect the published path.

1180
00:42:02,720 --> 00:42:05,640
If a new composite attempts to mix a labeled source

1181
00:42:05,640 --> 00:42:07,400
that forbids blending with another source,

1182
00:42:07,400 --> 00:42:09,280
local import, external direct query,

1183
00:42:09,280 --> 00:42:12,320
or a different workspaces model, the published fails.

1184
00:42:12,320 --> 00:42:15,000
If a consuming workspace points at a shared dataset

1185
00:42:15,000 --> 00:42:16,720
whose effective classification exceeds

1186
00:42:16,720 --> 00:42:19,600
that workspaces allowed policy, the connection fails.

1187
00:42:19,600 --> 00:42:22,520
This is not a style opinion about model architecture.

1188
00:42:22,520 --> 00:42:23,680
It is a boundary rule.

1189
00:42:23,680 --> 00:42:25,480
You cannot create an ungoverned join

1190
00:42:25,480 --> 00:42:27,720
by sneaking it through a convenience feature.

1191
00:42:27,720 --> 00:42:30,680
Adaptive responses matter because velocity fights you.

1192
00:42:30,680 --> 00:42:32,600
You start in monitor for net new detections

1193
00:42:32,600 --> 00:42:34,000
to learn blast radius.

1194
00:42:34,000 --> 00:42:36,000
Then you warn for low sensitivity violations

1195
00:42:36,000 --> 00:42:37,360
to build muscle memory.

1196
00:42:37,360 --> 00:42:39,800
But you block early for protected domains.

1197
00:42:39,800 --> 00:42:41,400
When labels say confidential or higher,

1198
00:42:41,400 --> 00:42:42,440
you don't wait for culture.

1199
00:42:42,440 --> 00:42:43,640
You enforce culture.

1200
00:42:43,640 --> 00:42:45,160
Quarantine is your friend.

1201
00:42:45,160 --> 00:42:47,040
If an upload hits a high risk pattern

1202
00:42:47,040 --> 00:42:49,920
or a notebook write targets an untrusted path,

1203
00:42:49,920 --> 00:42:52,320
you shunt the artifact into a restricted workspace

1204
00:42:52,320 --> 00:42:54,440
where only stewards can recover it.

1205
00:42:54,440 --> 00:42:57,280
Education happens after containment, not instead of it.

1206
00:42:57,280 --> 00:42:59,600
Genii introduces exfiltration by chat.

1207
00:42:59,600 --> 00:43:01,480
Just pays the road to test the prompt.

1208
00:43:01,480 --> 00:43:04,080
DLP meets it at the browser and the tenant.

1209
00:43:04,080 --> 00:43:06,000
Block posting sensitive clipboard data

1210
00:43:06,000 --> 00:43:08,840
to unapproved AI domains and treat any fabric connector

1211
00:43:08,840 --> 00:43:11,360
to generative services as an egress channel subject

1212
00:43:11,360 --> 00:43:13,280
to labels and conditional access.

1213
00:43:13,280 --> 00:43:15,960
If the payload carries a protected classification,

1214
00:43:15,960 --> 00:43:16,920
the call fails.

1215
00:43:16,920 --> 00:43:18,760
If the session isn't compliant, the call fails.

1216
00:43:18,760 --> 00:43:20,360
Silence, not guidance.

1217
00:43:20,360 --> 00:43:22,080
Outcome orientation keeps you honest.

1218
00:43:22,080 --> 00:43:24,680
The goal is simple, models cannot outlive their security

1219
00:43:24,680 --> 00:43:25,440
intent.

1220
00:43:25,440 --> 00:43:27,480
If an artifact's label forbids export,

1221
00:43:27,480 --> 00:43:29,280
no feature produces a file.

1222
00:43:29,280 --> 00:43:31,040
If blending would dissolve a boundary,

1223
00:43:31,040 --> 00:43:32,960
no publish creates the composite.

1224
00:43:32,960 --> 00:43:35,360
If a notebook would synthesize a side table,

1225
00:43:35,360 --> 00:43:38,160
it writes only into the unclave under the same label.

1226
00:43:38,160 --> 00:43:39,000
Or not at all.

1227
00:43:39,000 --> 00:43:42,240
DLP is the mechanism that makes those sentences true in motion.

1228
00:43:42,240 --> 00:43:44,600
The uncomfortable truth, without DLP guardrails,

1229
00:43:44,600 --> 00:43:46,040
you're depending on human restraint

1230
00:43:46,040 --> 00:43:49,520
at precisely the moment's humans optimized for convenience.

1231
00:43:49,520 --> 00:43:52,760
With DLP, you shift the burden from memory to mechanics,

1232
00:43:52,760 --> 00:43:55,400
intent survives contact with deadlines.

1233
00:43:55,400 --> 00:43:58,000
Capacity isolation is containment, not tuning.

1234
00:43:58,000 --> 00:44:00,560
You've wired identity, labels, and DLP.

1235
00:44:00,560 --> 00:44:02,240
Good, now assume something still slips.

1236
00:44:02,240 --> 00:44:03,080
It will.

1237
00:44:03,080 --> 00:44:04,960
At that moment, performance knobs won't save you.

1238
00:44:04,960 --> 00:44:05,920
Boundaries will.

1239
00:44:05,920 --> 00:44:07,720
Capacity is not a speed slider.

1240
00:44:07,720 --> 00:44:10,280
It is a containment line, treated as a governance boundary

1241
00:44:10,280 --> 00:44:12,240
first, attuning parameter second.

1242
00:44:12,240 --> 00:44:15,080
Here's the failure pattern, a shared premium capacity host's

1243
00:44:15,080 --> 00:44:18,280
finance HR and product analytics, because it's convenient

1244
00:44:18,280 --> 00:44:19,560
and has headroom.

1245
00:44:19,560 --> 00:44:21,800
A rushed exception lands a prohibited comparator

1246
00:44:21,800 --> 00:44:23,000
in products workspace.

1247
00:44:23,000 --> 00:44:24,680
It ships.

1248
00:44:24,680 --> 00:44:27,360
Hours later, finance escalates in anomaly.

1249
00:44:27,360 --> 00:44:29,520
A vendor saw an aggregated trend that only

1250
00:44:29,520 --> 00:44:32,000
exists when products help her measure normalizes

1251
00:44:32,000 --> 00:44:34,080
against an unscoped total.

1252
00:44:34,080 --> 00:44:35,240
Nothing broke.

1253
00:44:35,240 --> 00:44:36,920
The breach was inference.

1254
00:44:36,920 --> 00:44:39,200
Incident response now spans every workspace

1255
00:44:39,200 --> 00:44:41,720
on that capacity, every app, every shared data set,

1256
00:44:41,720 --> 00:44:43,560
and every service principle with build.

1257
00:44:43,560 --> 00:44:45,000
You didn't just have a logic error.

1258
00:44:45,000 --> 00:44:46,640
You had an unbounded blast radius.

1259
00:44:46,640 --> 00:44:48,560
The thing most teams miss is simple.

1260
00:44:48,560 --> 00:44:50,320
Capacity's carry tendency semantics,

1261
00:44:50,320 --> 00:44:51,760
whether you acknowledge them or not.

1262
00:44:51,760 --> 00:44:54,160
CPU, memory, cues, cache, and background jobs

1263
00:44:54,160 --> 00:44:55,600
are shared surfaces.

1264
00:44:55,600 --> 00:44:58,360
So our administrators, service principles, and pipelines.

1265
00:44:58,360 --> 00:45:00,880
When you co-locate risk domains on the same capacity,

1266
00:45:00,880 --> 00:45:02,240
you fuse their fate.

1267
00:45:02,240 --> 00:45:04,320
A mistake in one becomes noise in another.

1268
00:45:04,320 --> 00:45:07,120
A kill switch for one becomes collateral damage for all.

1269
00:45:07,120 --> 00:45:09,360
Investigations wander across unrelated teams

1270
00:45:09,360 --> 00:45:11,600
because the telemetry isn't scoped to a fault domain

1271
00:45:11,600 --> 00:45:12,600
you can quarantine.

1272
00:45:12,600 --> 00:45:14,720
This clicked for me during a containment drill.

1273
00:45:14,720 --> 00:45:18,080
We simulated a DLP block bypass via a misscoped notebook

1274
00:45:18,080 --> 00:45:18,440
right.

1275
00:45:18,440 --> 00:45:20,680
The right happened in a mixed capacity

1276
00:45:20,680 --> 00:45:23,600
to freeze the path operations throttled the capacity.

1277
00:45:23,600 --> 00:45:26,880
That paused HR refreshes, killed marketing, export job,

1278
00:45:26,880 --> 00:45:28,400
and delayed finances close.

1279
00:45:28,400 --> 00:45:30,680
We stopped the leak by stopping the business.

1280
00:45:30,680 --> 00:45:31,880
That isn't resilience.

1281
00:45:31,880 --> 00:45:33,360
That's shared fragility.

1282
00:45:33,360 --> 00:45:35,280
The deterministic stance is blunt,

1283
00:45:35,280 --> 00:45:38,000
segregate by risk domain, not by department org chart,

1284
00:45:38,000 --> 00:45:39,680
and not by utilization graph.

1285
00:45:39,680 --> 00:45:41,720
Finance sits alone, HR sits alone,

1286
00:45:41,720 --> 00:45:45,000
regulated products sit alone, vendor facing sandboxes,

1287
00:45:45,000 --> 00:45:48,240
sit in a sacrificial capacity with aggressive policies

1288
00:45:48,240 --> 00:45:49,720
and easy kill switches.

1289
00:45:49,720 --> 00:45:52,040
Low risk self-service can share, but never

1290
00:45:52,040 --> 00:45:54,760
with anything that would trigger a regulatory disclosure

1291
00:45:54,760 --> 00:45:55,440
if leaked.

1292
00:45:55,440 --> 00:45:58,040
You are building fire compartments, not a bigger living room.

1293
00:45:58,040 --> 00:46:00,920
How do you operationalize capacity as containment

1294
00:46:00,920 --> 00:46:03,240
without turning into procurement theater?

1295
00:46:03,240 --> 00:46:04,920
Three rules.

1296
00:46:04,920 --> 00:46:09,600
Boundary first, efficiency second, start with a domain map.

1297
00:46:09,600 --> 00:46:12,680
Which data classes and identities must never cohabitate,

1298
00:46:12,680 --> 00:46:15,440
assign each to a dedicated capacity, even small excuse

1299
00:46:15,440 --> 00:46:16,040
if needed.

1300
00:46:16,040 --> 00:46:17,880
Then right size, you can always scale up.

1301
00:46:17,880 --> 00:46:20,120
You cannot retroactively isolate a blast radius.

1302
00:46:20,120 --> 00:46:22,200
No implicit cross-capacity trust.

1303
00:46:22,200 --> 00:46:24,680
If a shared data set in capacity A is consumed

1304
00:46:24,680 --> 00:46:28,080
by a report in capacity B, treat that as cross-boundary access,

1305
00:46:28,080 --> 00:46:30,840
enforce the same entra-groups, labels, and DLP checks

1306
00:46:30,840 --> 00:46:32,560
you'd require across tenants.

1307
00:46:32,560 --> 00:46:34,920
If the publishing workflow can't prove enforcement,

1308
00:46:34,920 --> 00:46:36,280
the connection fails.

1309
00:46:36,280 --> 00:46:38,960
Throttling as policy signal, not a performance bandaid.

1310
00:46:38,960 --> 00:46:41,800
When a team requests consolidation to save money,

1311
00:46:41,800 --> 00:46:44,240
deny if it erodes isolation.

1312
00:46:44,240 --> 00:46:46,120
When a capacity approaches limits,

1313
00:46:46,120 --> 00:46:48,560
scale within the domain or effect workloads

1314
00:46:48,560 --> 00:46:50,840
do not merge domains to balance load.

1315
00:46:50,840 --> 00:46:52,360
Throttling and queue limits are controls

1316
00:46:52,360 --> 00:46:55,320
that keep failure local, not levers to hide governance dead.

1317
00:46:55,320 --> 00:46:56,240
A micro story.

1318
00:46:56,240 --> 00:46:58,640
A healthcare client ran clinical analytics and marketing

1319
00:46:58,640 --> 00:47:01,600
dashboards on 1F64 because utilization was low.

1320
00:47:01,600 --> 00:47:03,640
A contractor's automation in marketing attempted

1321
00:47:03,640 --> 00:47:06,720
to export a model labeled highly confidential via a composite

1322
00:47:06,720 --> 00:47:07,440
blend.

1323
00:47:07,440 --> 00:47:09,560
DLP blocked the publish, but the automation

1324
00:47:09,560 --> 00:47:11,040
hammered retreats for an hour.

1325
00:47:11,040 --> 00:47:13,960
Capacity, memory pressure spiked, and clinical refreshes

1326
00:47:13,960 --> 00:47:15,200
started failing.

1327
00:47:15,200 --> 00:47:17,000
No data left the tenant, but operations

1328
00:47:17,000 --> 00:47:20,360
declared a severity one because clinicians lost dashboards

1329
00:47:20,360 --> 00:47:22,400
mid-round, we split capacities.

1330
00:47:22,400 --> 00:47:27,040
Clinical on a dedicated DLP hardened F64, marketing and self-service

1331
00:47:27,040 --> 00:47:30,000
moved to an F32 with stricter conditional access

1332
00:47:30,000 --> 00:47:31,800
and a short-killed switch runbook.

1333
00:47:31,800 --> 00:47:33,560
The next time automation misbehaved,

1334
00:47:33,560 --> 00:47:35,640
we killed marketing's capacity in 30 seconds.

1335
00:47:35,640 --> 00:47:37,040
Clinical state green.

1336
00:47:37,040 --> 00:47:39,520
The incident report was one page, not a novel.

1337
00:47:39,520 --> 00:47:42,240
Here's the shortcut, nobody teaches.

1338
00:47:42,240 --> 00:47:45,280
Capacity isolation is cheaper than incident response.

1339
00:47:45,280 --> 00:47:48,600
You trade a modest baseline cost for predictable containment,

1340
00:47:48,600 --> 00:47:51,720
faster investigations and fewer late night bridge calls.

1341
00:47:51,720 --> 00:47:55,120
You also gain clean telemetry, capacity scope logs, query

1342
00:47:55,120 --> 00:47:58,720
traces, and DLP events that map to a single domain owner.

1343
00:47:58,720 --> 00:48:01,360
That's how you answer who could see what when,

1344
00:48:01,360 --> 00:48:03,880
without spelanking across unrelated workspaces.

1345
00:48:03,880 --> 00:48:04,760
You are not tuning.

1346
00:48:04,760 --> 00:48:07,160
You are drawing lines that code, people, and emergencies

1347
00:48:07,160 --> 00:48:08,880
cannot casually cross.

1348
00:48:08,880 --> 00:48:12,080
When identity labels and DLP fail to catch an edge case,

1349
00:48:12,080 --> 00:48:14,400
and they will, capacity isolation,

1350
00:48:14,400 --> 00:48:17,760
make sure the blast is loud, local, and short.

1351
00:48:17,760 --> 00:48:18,800
That's the point.

1352
00:48:18,800 --> 00:48:20,760
The deterministic data governance playbook.

1353
00:48:20,760 --> 00:48:23,240
You don't fix conditional chaos with more guidance.

1354
00:48:23,240 --> 00:48:26,000
You replace ambiguity with structures that can't drift.

1355
00:48:26,000 --> 00:48:27,600
This playbook isn't a checklist.

1356
00:48:27,600 --> 00:48:29,200
It's a stance.

1357
00:48:29,200 --> 00:48:32,720
Identity compiles intent, labels veto, DLP enforces,

1358
00:48:32,720 --> 00:48:35,680
capacity contains, DAX visualizes only what those layers

1359
00:48:35,680 --> 00:48:36,760
already decided.

1360
00:48:36,760 --> 00:48:38,080
That's the operating model.

1361
00:48:38,080 --> 00:48:39,080
Principles first.

1362
00:48:39,080 --> 00:48:39,840
Four of them.

1363
00:48:39,840 --> 00:48:40,880
Identity first.

1364
00:48:40,880 --> 00:48:41,880
Label enforced.

1365
00:48:41,880 --> 00:48:42,760
DLP blocked.

1366
00:48:42,760 --> 00:48:44,000
Capacity contained.

1367
00:48:44,000 --> 00:48:46,840
Identity first means every actor is explicit and scoped.

1368
00:48:46,840 --> 00:48:50,080
Humans, apps, service principles, agents,

1369
00:48:50,080 --> 00:48:52,760
guarded by conditional access and kill switches.

1370
00:48:52,760 --> 00:48:54,800
Label enforced means purview classifications

1371
00:48:54,800 --> 00:48:57,320
are portable and punitive, not decorative.

1372
00:48:57,320 --> 00:48:59,320
DLP block means, exfiltration paths

1373
00:48:59,320 --> 00:49:00,960
fail closed by default.

1374
00:49:00,960 --> 00:49:04,320
Export, notebooks, cross workspace imports, composite blends.

1375
00:49:04,320 --> 00:49:07,000
Capacity contained means wrist domains never cohabitate.

1376
00:49:07,000 --> 00:49:08,120
Now draw the red lines.

1377
00:49:08,120 --> 00:49:09,320
Illegal index table.

1378
00:49:09,320 --> 00:49:11,280
Decisions that must fail closed.

1379
00:49:11,280 --> 00:49:13,800
Any measure that alters visibility removes

1380
00:49:13,800 --> 00:49:15,480
filters on protected domains.

1381
00:49:15,480 --> 00:49:17,240
Compare scope to unscoped values,

1382
00:49:17,240 --> 00:49:19,280
re-write keys or encode sensitive state

1383
00:49:19,280 --> 00:49:22,880
with format strings or SVG is an authorization decision.

1384
00:49:22,880 --> 00:49:25,120
That logic is illegal in the semantic layer.

1385
00:49:25,120 --> 00:49:27,360
Move it upstream or reject the build.

1386
00:49:27,360 --> 00:49:29,760
This simplifies review from is this safe?

1387
00:49:29,760 --> 00:49:31,760
To does this pattern exist?

1388
00:49:31,760 --> 00:49:33,000
The build pipeline answers.

1389
00:49:33,000 --> 00:49:34,200
Not the reviewer.

1390
00:49:34,200 --> 00:49:35,960
Next map where logic lives.

1391
00:49:35,960 --> 00:49:39,160
Upstream owns business definitions, keys, eligibility,

1392
00:49:39,160 --> 00:49:41,320
global totals, and any benchmark

1393
00:49:41,320 --> 00:49:43,080
that crosses identity boundaries.

1394
00:49:43,080 --> 00:49:45,400
They are computed where Entra has already decided

1395
00:49:45,400 --> 00:49:48,840
who may query them and where labels can veto reuse.

1396
00:49:48,840 --> 00:49:51,200
The semantic model consumes governed artifacts,

1397
00:49:51,200 --> 00:49:53,160
shapes, visuals, and expresses analytics

1398
00:49:53,160 --> 00:49:55,000
that never change who can see what.

1399
00:49:55,000 --> 00:49:56,280
Visuals tell a story.

1400
00:49:56,280 --> 00:49:57,560
They don't negotiate access.

1401
00:49:57,560 --> 00:50:00,280
If you need a comparator, you request an upstream,

1402
00:50:00,280 --> 00:50:02,720
labeled derivative with the same teeth as its inputs.

1403
00:50:02,720 --> 00:50:04,520
If you can't get it, you don't publish the story.

1404
00:50:04,520 --> 00:50:07,240
You need cadence, exceptions expire by default.

1405
00:50:07,240 --> 00:50:09,480
Access packages in Entra come with time limits

1406
00:50:09,480 --> 00:50:11,080
and recertifications.

1407
00:50:11,080 --> 00:50:13,040
Shared dataset groups re-certify quarterly.

1408
00:50:13,040 --> 00:50:14,720
Service principles rotate on a schedule

1409
00:50:14,720 --> 00:50:16,720
and validate kill switches in drills.

1410
00:50:16,720 --> 00:50:19,320
Libraries ship with policy manifests,

1411
00:50:19,320 --> 00:50:22,960
allowed filters, sensitivity scope, identity assumptions,

1412
00:50:22,960 --> 00:50:24,360
and prohibited functions.

1413
00:50:24,360 --> 00:50:26,720
If a measure violates the manifest publication fails,

1414
00:50:26,720 --> 00:50:27,720
this isn't linting.

1415
00:50:27,720 --> 00:50:30,040
This is a compiler error for governance.

1416
00:50:30,040 --> 00:50:32,080
Libraries require policy.

1417
00:50:32,080 --> 00:50:35,560
A helper measure without a manifest is an accelerant.

1418
00:50:35,560 --> 00:50:37,400
A reusable function with declared assumptions

1419
00:50:37,400 --> 00:50:38,880
becomes safe plumbing.

1420
00:50:38,880 --> 00:50:40,880
Your manifest answers four questions.

1421
00:50:40,880 --> 00:50:42,840
Which dimensions may this logic touch?

1422
00:50:42,840 --> 00:50:44,440
Which labels are compatible?

1423
00:50:44,440 --> 00:50:46,000
Which identity groups may use it?

1424
00:50:46,000 --> 00:50:48,400
What happens if a caller supplies an illegal filter?

1425
00:50:48,400 --> 00:50:51,520
The only acceptable answer to the last one is it fails.

1426
00:50:51,520 --> 00:50:54,240
Not warns, not logs, it fails.

1427
00:50:54,240 --> 00:50:57,400
You also need an audit posture that doesn't depend on heroics.

1428
00:50:57,400 --> 00:50:58,800
Who could see what when?

1429
00:50:58,800 --> 00:51:01,080
Must be derivable from Entra group membership,

1430
00:51:01,080 --> 00:51:03,240
conditional access logs, label policy,

1431
00:51:03,240 --> 00:51:05,520
DLP actions and capacity boundaries.

1432
00:51:05,520 --> 00:51:07,360
Lineage helps tell the story.

1433
00:51:07,360 --> 00:51:08,960
It never substitutes for the proof.

1434
00:51:08,960 --> 00:51:11,280
Proof that a user, not in an approved group,

1435
00:51:11,280 --> 00:51:12,800
cannot induce a query.

1436
00:51:12,800 --> 00:51:15,840
Proof that a label blocks export and cross workspace import.

1437
00:51:15,840 --> 00:51:17,480
Proof that a composite blend is rejected

1438
00:51:17,480 --> 00:51:19,080
when classifications conflict.

1439
00:51:19,080 --> 00:51:20,040
Test quarterly.

1440
00:51:20,040 --> 00:51:21,040
Press the kill switch.

1441
00:51:21,040 --> 00:51:24,160
Let's convert the five failures into repeatable findings.

1442
00:51:24,160 --> 00:51:27,520
RLS bypass via measures, audit for comparators crossing,

1443
00:51:27,520 --> 00:51:29,040
protected dimensions.

1444
00:51:29,040 --> 00:51:32,400
Banal remove filters or all except over identity scope tables,

1445
00:51:32,400 --> 00:51:34,520
require upstream benchmarks with labels,

1446
00:51:34,520 --> 00:51:37,400
finding phrased as, measure permits visibility altering

1447
00:51:37,400 --> 00:51:39,680
comparator, publication blocked,

1448
00:51:39,680 --> 00:51:42,280
semantic model drift via calculated tables,

1449
00:51:42,280 --> 00:51:45,280
scan for calculated artifacts encoding business definitions

1450
00:51:45,280 --> 00:51:48,600
or cross label joins, disallow in pipeline.

1451
00:51:48,600 --> 00:51:52,080
Finding calculated table redefines governed logic,

1452
00:51:52,080 --> 00:51:56,280
move upstream or reject, lineage theater, test vetoes at edges,

1453
00:51:56,280 --> 00:52:00,200
attempt export, notebook write, cross workspace import,

1454
00:52:00,200 --> 00:52:03,200
and composite blend with protected labels.

1455
00:52:03,200 --> 00:52:05,400
Findings are binary, blocked as designed

1456
00:52:05,400 --> 00:52:08,840
or veto missing policy gap, shared data set erosion,

1457
00:52:08,840 --> 00:52:11,720
enumerate principles through Entra, deny build view

1458
00:52:11,720 --> 00:52:14,680
outside approved groups, and prove consuming workspaces

1459
00:52:14,680 --> 00:52:16,960
cannot extend authorization.

1460
00:52:16,960 --> 00:52:18,720
Finding reach through detected connection

1461
00:52:18,720 --> 00:52:20,560
fails until groups align.

1462
00:52:20,560 --> 00:52:24,880
Tax exceptions, brawl, index measures by name, gravity, edge,

1463
00:52:24,880 --> 00:52:28,480
net, normalized, scope mismatch, and classification

1464
00:52:28,480 --> 00:52:31,680
distortion, require manifests, reject without one,

1465
00:52:31,680 --> 00:52:35,760
finding reusable logic, lags, manifest, illegal category.

1466
00:52:35,760 --> 00:52:37,600
Make the reviewers job mechanical.

1467
00:52:37,600 --> 00:52:40,720
Pipelines enforce manifests and illegal index rules.

1468
00:52:40,720 --> 00:52:43,720
Entra packages expire, purview labels block,

1469
00:52:43,720 --> 00:52:47,120
DLP closes exits, capacity isolates.

1470
00:52:47,120 --> 00:52:50,520
Reviewers confirm structure exists, they don't arbitrate taste.

1471
00:52:50,520 --> 00:52:54,320
A micro routine you can run tomorrow, pick one high risk model,

1472
00:52:54,320 --> 00:52:56,440
attach labels to inputs if missing.

1473
00:52:56,440 --> 00:52:58,600
Why a DLP on exports and notebook writes,

1474
00:52:58,600 --> 00:53:01,240
move one cross boundary benchmark upstream and label it,

1475
00:53:01,240 --> 00:53:04,800
replace one illegal comparator with that upstream artifact.

1476
00:53:04,800 --> 00:53:07,320
Restrict data set access to enumerated groups,

1477
00:53:07,320 --> 00:53:09,840
then intentionally attempt the prohibited actions,

1478
00:53:09,840 --> 00:53:13,040
export a labeled report, publish a composite blend,

1479
00:53:13,040 --> 00:53:15,280
connect from an unapproved workspace,

1480
00:53:15,280 --> 00:53:18,000
and run a notebook right to an untrusted path.

1481
00:53:18,000 --> 00:53:19,120
Expect four failures.

1482
00:53:19,120 --> 00:53:21,480
If any path you didn't enforce, you documented.

1483
00:53:21,480 --> 00:53:24,240
The playbooks pay off is boring predictability.

1484
00:53:24,240 --> 00:53:25,920
Once identity compiles labels, veto,

1485
00:53:25,920 --> 00:53:27,800
DLP enforcers and capacity contains

1486
00:53:27,800 --> 00:53:30,120
DAX stops being where governance goes to die.

1487
00:53:30,120 --> 00:53:31,400
It becomes what it should have been,

1488
00:53:31,400 --> 00:53:34,280
a language for analytics riding on top of intent

1489
00:53:34,280 --> 00:53:35,520
that was already decided.

1490
00:53:35,520 --> 00:53:37,520
That's not stricter, that's safer,

1491
00:53:37,520 --> 00:53:39,640
and radically simpler to live with.

1492
00:53:39,640 --> 00:53:42,000
Field assessment, convert failures to findings.

1493
00:53:42,000 --> 00:53:43,440
You don't fix this with training,

1494
00:53:43,440 --> 00:53:45,200
you fix it by turning vague concerns

1495
00:53:45,200 --> 00:53:47,040
into machine checkable findings.

1496
00:53:47,040 --> 00:53:48,640
Field assessment is not a workshop.

1497
00:53:48,640 --> 00:53:50,720
It's a hostile audit you run against your own estate

1498
00:53:50,720 --> 00:53:51,920
with the presumption of drift.

1499
00:53:51,920 --> 00:53:53,000
The output isn't advised.

1500
00:53:53,000 --> 00:53:55,520
It's a list of blocks, refactors and revocations.

1501
00:53:55,520 --> 00:53:57,640
Start with RLS bypass tests,

1502
00:53:57,640 --> 00:54:00,200
build two synthetic identities in Entra,

1503
00:54:00,200 --> 00:54:02,320
one fully entitled to a protected dimension,

1504
00:54:02,320 --> 00:54:05,600
one explicitly excluded, assign them to a test workspace bound

1505
00:54:05,600 --> 00:54:07,360
to a copy of the target model,

1506
00:54:07,360 --> 00:54:10,720
then within the model, seed a battery of inference probes,

1507
00:54:10,720 --> 00:54:13,160
measures that try the known bypasses,

1508
00:54:13,160 --> 00:54:16,280
scoped versus unscoped comparators on protected dimensions,

1509
00:54:16,280 --> 00:54:19,120
remove filters and all on identity scoped tables,

1510
00:54:19,120 --> 00:54:22,000
totals that invert the filter context with calculate,

1511
00:54:22,000 --> 00:54:25,640
format strings and SVG icons that flip based on hidden categories,

1512
00:54:25,640 --> 00:54:28,400
execute the same visuals as both identities.

1513
00:54:28,400 --> 00:54:31,160
If any delta appears between scoped and unscoped probes

1514
00:54:31,160 --> 00:54:33,880
that shouldn't exist, you have an inference path.

1515
00:54:33,880 --> 00:54:36,920
The finding is phrased as visibility altering comparator

1516
00:54:36,920 --> 00:54:39,640
detected, measure publication must be blocked

1517
00:54:39,640 --> 00:54:41,520
and upstream benchmark required.

1518
00:54:41,520 --> 00:54:44,080
No discussion of intent, you document the pattern

1519
00:54:44,080 --> 00:54:45,560
and attach the remediation.

1520
00:54:45,560 --> 00:54:49,440
Now scan for drift, calculated artifacts that fork truth.

1521
00:54:49,440 --> 00:54:52,200
You aren't hunting for clever decks, your classifying risk,

1522
00:54:52,200 --> 00:54:54,160
enumerate calculated tables and columns.

1523
00:54:54,160 --> 00:54:56,320
For each ask three questions automatically,

1524
00:54:56,320 --> 00:54:58,960
does it reference multiple domains with mixed labels?

1525
00:54:58,960 --> 00:55:01,920
Does it reshape keys or join paths that should exist upstream?

1526
00:55:01,920 --> 00:55:03,480
Does any downstream measure rely on it

1527
00:55:03,480 --> 00:55:05,640
to scope visibility or eligibility?

1528
00:55:05,640 --> 00:55:08,960
If any answer is yes, market is illegal and model logic.

1529
00:55:08,960 --> 00:55:10,680
Your pipeline should be able to fail builds

1530
00:55:10,680 --> 00:55:12,520
when these categories are present.

1531
00:55:12,520 --> 00:55:14,880
The finding reads, calculated artifact

1532
00:55:14,880 --> 00:55:17,680
and codes governed business logic, relocate upstream

1533
00:55:17,680 --> 00:55:19,200
or reject publication.

1534
00:55:19,200 --> 00:55:21,000
You're not punishing speed, you're removing

1535
00:55:21,000 --> 00:55:23,560
the authoring surface that makes governance optional.

1536
00:55:23,560 --> 00:55:26,160
Stress the lineage narrative with enforcement reality.

1537
00:55:26,160 --> 00:55:28,720
Pick one model labeled confidential or higher.

1538
00:55:28,720 --> 00:55:30,960
Attempt the prohibited actions at every edge.

1539
00:55:30,960 --> 00:55:34,360
Export CSV from a report, download the PBX if allowed,

1540
00:55:34,360 --> 00:55:37,680
write a labeled slice from a notebook to an unapproved folder.

1541
00:55:37,680 --> 00:55:40,000
Import the labeled artifact into a different workspace

1542
00:55:40,000 --> 00:55:41,160
via composite model.

1543
00:55:41,160 --> 00:55:43,920
For each expect failure, if a warning appears,

1544
00:55:43,920 --> 00:55:47,320
you record veto missing policy gap at edge X.

1545
00:55:47,320 --> 00:55:49,080
The action item isn't to update a wiki,

1546
00:55:49,080 --> 00:55:52,560
it's to wire purview and DLP so the operation is impossible.

1547
00:55:52,560 --> 00:55:56,160
After remediation, rerun the same actions and expect silence.

1548
00:55:56,160 --> 00:55:57,920
This converts pretty arrows into evidence

1549
00:55:57,920 --> 00:55:59,840
that blocks existed when it mattered.

1550
00:55:59,840 --> 00:56:02,200
Interrogate shared dataset reach through.

1551
00:56:02,200 --> 00:56:04,680
Build a matrix for each shared model.

1552
00:56:04,680 --> 00:56:08,160
Data set enter groups, RLS roles, app audiences,

1553
00:56:08,160 --> 00:56:10,000
build permissions, service principles

1554
00:56:10,000 --> 00:56:12,000
and all consuming workspaces.

1555
00:56:12,000 --> 00:56:14,880
Then try to induce a query from a principle present only

1556
00:56:14,880 --> 00:56:17,280
in a consuming workspace, not in the dataset groups.

1557
00:56:17,280 --> 00:56:20,640
If a query reaches the model, you've dissolved the boundary,

1558
00:56:20,640 --> 00:56:23,880
capture, cross workspace reach through detected,

1559
00:56:23,880 --> 00:56:27,400
require alignment to enumerated groups or fail connection.

1560
00:56:27,400 --> 00:56:30,040
Next, hunt for consuming reports that introduce scoped

1561
00:56:30,040 --> 00:56:32,280
versus all patterns against the shared model.

1562
00:56:32,280 --> 00:56:36,000
Flag them as illegal comparators and require upstream benchmarks

1563
00:56:36,000 --> 00:56:36,800
or removal.

1564
00:56:36,800 --> 00:56:38,680
This is not about naming the guilty.

1565
00:56:38,680 --> 00:56:40,400
It's about closing the access plane

1566
00:56:40,400 --> 00:56:42,920
that consistency quietly opened.

1567
00:56:42,920 --> 00:56:45,680
Inventory DAX exceptions sprawl, pass measure names

1568
00:56:45,680 --> 00:56:46,640
in bodies.

1569
00:56:46,640 --> 00:56:50,360
Name gravity catches the accelerants, adjusted, net, normalized

1570
00:56:50,360 --> 00:56:52,120
helper, global.

1571
00:56:52,120 --> 00:56:54,800
Scope analysis finds branches that compare scoped values

1572
00:56:54,800 --> 00:56:57,120
to remove filters over protected dimensions.

1573
00:56:57,120 --> 00:57:00,520
Classification checks detect dynamic strings or SVGs

1574
00:57:00,520 --> 00:57:03,120
that encode sensitive states, tag these as authorization

1575
00:57:03,120 --> 00:57:05,280
adjacent, then require policy manifests

1576
00:57:05,280 --> 00:57:07,400
for any reusable measure library.

1577
00:57:07,400 --> 00:57:10,400
The manifest states allow dimensions, compatible labels,

1578
00:57:10,400 --> 00:57:12,560
identity assumptions, and the failure mode

1579
00:57:12,560 --> 00:57:13,840
if assumptions aren't met.

1580
00:57:13,840 --> 00:57:16,440
If a published model references a library without a manifest,

1581
00:57:16,440 --> 00:57:17,640
the build fails.

1582
00:57:17,640 --> 00:57:21,200
Findings read reusable logic, lacks policy manifest,

1583
00:57:21,200 --> 00:57:22,800
publication rejected.

1584
00:57:22,800 --> 00:57:24,760
Your assessment needs identity in the loop.

1585
00:57:24,760 --> 00:57:27,000
Pull enter group membership and entitlement management

1586
00:57:27,000 --> 00:57:28,760
grants for every data set.

1587
00:57:28,760 --> 00:57:31,080
Verify recertification dates, ownership,

1588
00:57:31,080 --> 00:57:32,480
and nested group presence.

1589
00:57:32,480 --> 00:57:35,400
Kill any individual grants or public links to models.

1590
00:57:35,400 --> 00:57:37,040
Confirm conditional access policies

1591
00:57:37,040 --> 00:57:40,160
apply to build up populations and workload identities,

1592
00:57:40,160 --> 00:57:41,080
not just users.

1593
00:57:41,080 --> 00:57:43,080
Then press kill switches in a drill,

1594
00:57:43,080 --> 00:57:45,160
revoke a workload identity midrun,

1595
00:57:45,160 --> 00:57:48,200
and confirm queries die were expected without collateral damage

1596
00:57:48,200 --> 00:57:50,560
outside the intended capacity.

1597
00:57:50,560 --> 00:57:52,040
Findings here are binary.

1598
00:57:52,040 --> 00:57:55,800
Kills which validated or revocation path unclear, design omission.

1599
00:57:55,800 --> 00:57:57,120
Capacity is part of the test.

1600
00:57:57,120 --> 00:57:59,680
Move one high risk workspace to a dedicated capacity

1601
00:57:59,680 --> 00:58:00,600
temporarily.

1602
00:58:00,600 --> 00:58:03,200
Re-run export blocks, composite publish rejections,

1603
00:58:03,200 --> 00:58:04,800
and reach through attempts.

1604
00:58:04,800 --> 00:58:07,160
Confirm failures occur within the capacity boundary

1605
00:58:07,160 --> 00:58:08,400
and do not ripple.

1606
00:58:08,400 --> 00:58:10,360
Then intentionally cause a DLP quarantine

1607
00:58:10,360 --> 00:58:13,120
by uploading a labeled file into the wrong workspace.

1608
00:58:13,120 --> 00:58:15,120
The capacity hosting that workspace should

1609
00:58:15,120 --> 00:58:16,320
localize the incident.

1610
00:58:16,320 --> 00:58:17,760
If you can't keep the blast local,

1611
00:58:17,760 --> 00:58:20,280
you've treated capacity like a speed slider.

1612
00:58:20,280 --> 00:58:22,160
The finding reads containment insufficient,

1613
00:58:22,160 --> 00:58:25,360
segregate risk domains, close with the cadence.

1614
00:58:25,360 --> 00:58:27,800
Every finding maps to one or four levers.

1615
00:58:27,800 --> 00:58:29,280
Entra groups and packages,

1616
00:58:29,280 --> 00:58:32,880
purview labels and propagation DLP edge blocks capacity isolation.

1617
00:58:32,880 --> 00:58:35,280
You assign owners per lever and set deadlines.

1618
00:58:35,280 --> 00:58:38,000
Then you rerun the exact same hostile tests quarterly.

1619
00:58:38,000 --> 00:58:40,840
No new probes, no changing rules, same inputs,

1620
00:58:40,840 --> 00:58:42,080
same expected failures.

1621
00:58:42,080 --> 00:58:43,440
That's how you know the system stayed

1622
00:58:43,440 --> 00:58:46,240
deterministic long after the training slides expired.

1623
00:58:46,240 --> 00:58:48,640
Why training fails without architecture?

1624
00:58:48,640 --> 00:58:51,320
Most teams respond to entropy with training.

1625
00:58:51,320 --> 00:58:55,200
Lunch and learns, brown bags on better daxom in policy pages.

1626
00:58:55,200 --> 00:58:56,440
It feels responsible.

1627
00:58:56,440 --> 00:58:57,240
It is not.

1628
00:58:57,240 --> 00:59:00,320
You're trying to teach humans to do what the system refuses to enforce.

1629
00:59:00,320 --> 00:59:01,560
Memories the control plane.

1630
00:59:01,560 --> 00:59:02,760
That fails on schedule.

1631
00:59:02,760 --> 00:59:04,080
Start with cognition.

1632
00:59:04,080 --> 00:59:05,520
Human reasoning does not scale.

1633
00:59:05,520 --> 00:59:08,280
Under pressure, people optimize for delivery, not doctrine.

1634
00:59:08,280 --> 00:59:10,040
That's predictable, not malicious.

1635
00:59:10,040 --> 00:59:12,600
Libraries like DAXLIP exist because repetition

1636
00:59:12,600 --> 00:59:15,400
under deadline forces shortcuts into artifacts.

1637
00:59:15,400 --> 00:59:16,920
You did not improve practice.

1638
00:59:16,920 --> 00:59:18,720
You created accelerants without a veto,

1639
00:59:18,720 --> 00:59:20,200
those accelerants spread.

1640
00:59:20,200 --> 00:59:22,960
Best practice relies on recall at the worst possible time,

1641
00:59:22,960 --> 00:59:24,680
Friday night and of quarter.

1642
00:59:24,680 --> 00:59:25,760
Someone needs a comparator.

1643
00:59:25,760 --> 00:59:27,480
They remember a talk about all selected,

1644
00:59:27,480 --> 00:59:29,320
but not the part about protected dimensions.

1645
00:59:29,320 --> 00:59:31,120
They ship the version they can compile.

1646
00:59:31,120 --> 00:59:32,760
Training does not intercept that moment.

1647
00:59:32,760 --> 00:59:33,760
Controls do.

1648
00:59:33,760 --> 00:59:35,720
The system either evaluates identity

1649
00:59:35,720 --> 00:59:37,480
and labels before the measure exists

1650
00:59:37,480 --> 00:59:39,520
or it accepts whatever the author can imagine.

1651
00:59:39,520 --> 00:59:41,200
Tooling without veto is theater.

1652
00:59:41,200 --> 00:59:42,840
Dashboards that surface lineage,

1653
00:59:42,840 --> 00:59:45,200
stewards, endorsements, useful later.

1654
00:59:45,200 --> 00:59:49,040
A DAX formatter, a linter, a style guide, nice, advisory.

1655
00:59:49,040 --> 00:59:51,320
None of that converts intent into a failure state

1656
00:59:51,320 --> 00:59:52,480
the engine respects.

1657
00:59:52,480 --> 00:59:53,600
Culture talks.

1658
00:59:53,600 --> 00:59:54,400
Code runs.

1659
00:59:54,400 --> 00:59:56,400
When they disagree, code wins.

1660
00:59:56,400 --> 00:59:59,040
The reason is architectural, not motivational.

1661
00:59:59,040 --> 01:00:01,320
You're operating a distributed decision engine.

1662
01:00:01,320 --> 01:00:03,280
Measures reports notebooks, pipelines,

1663
01:00:03,280 --> 01:00:05,680
each a place where intent becomes action.

1664
01:00:05,680 --> 01:00:08,000
The only way to hold the line is to remove decision rights

1665
01:00:08,000 --> 01:00:10,680
from places that cannot express identity or classification

1666
01:00:10,680 --> 01:00:11,960
and place them where they can.

1667
01:00:11,960 --> 01:00:13,440
That means entra compiles actors,

1668
01:00:13,440 --> 01:00:17,160
purview labels, veto, DLP blocks, edges, capacity contains.

1669
01:00:17,160 --> 01:00:18,680
Training amplifies that design.

1670
01:00:18,680 --> 01:00:19,800
It cannot replace it.

1671
01:00:19,800 --> 01:00:21,800
This clicked for me during a remediation sprint

1672
01:00:21,800 --> 01:00:23,520
after a lessons learned week.

1673
01:00:23,520 --> 01:00:25,680
The team had just completed a DAX workshop.

1674
01:00:25,680 --> 01:00:27,800
Gorgeous slides, fresh notebooks.

1675
01:00:27,800 --> 01:00:29,480
Within two weeks, the same inference pattern

1676
01:00:29,480 --> 01:00:31,200
reappeared with a different function set.

1677
01:00:31,200 --> 01:00:32,400
The author knew the guidance.

1678
01:00:32,400 --> 01:00:35,040
They chose a different path because the build allowed it.

1679
01:00:35,040 --> 01:00:36,120
We didn't change the deck.

1680
01:00:36,120 --> 01:00:37,640
We changed the pipeline.

1681
01:00:37,640 --> 01:00:39,480
Illegal patterns failed publication.

1682
01:00:39,480 --> 01:00:41,720
The behavior ended without a single meeting.

1683
01:00:41,720 --> 01:00:43,440
Now here's where most people mess up.

1684
01:00:43,440 --> 01:00:46,520
They assume if developers just understood context transition,

1685
01:00:46,520 --> 01:00:49,560
calculate semantics, or RLS subtleties,

1686
01:00:49,560 --> 01:00:50,880
exceptions would vanish.

1687
01:00:50,880 --> 01:00:51,880
Knowledge is necessary.

1688
01:00:51,880 --> 01:00:52,880
It is not sufficient.

1689
01:00:52,880 --> 01:00:54,640
Complexity guarantees novelty.

1690
01:00:54,640 --> 01:00:56,360
Someone will invent a new bypass.

1691
01:00:56,360 --> 01:00:57,800
You cannot enumerate cleverness.

1692
01:00:57,800 --> 01:00:59,240
You can forbid classes of logic

1693
01:00:59,240 --> 01:01:00,800
and move the need upstream

1694
01:01:00,800 --> 01:01:03,520
where identity already decided who may see the result.

1695
01:01:03,520 --> 01:01:05,400
Deterministic governance converts advice

1696
01:01:05,400 --> 01:01:07,240
into machine enforced rules.

1697
01:01:07,240 --> 01:01:10,800
Don't export confidential becomes export operation fails.

1698
01:01:10,800 --> 01:01:13,000
Don't compare, scoped to unscoped across region

1699
01:01:13,000 --> 01:01:15,240
becomes publication rejected.

1700
01:01:15,240 --> 01:01:18,440
Don't let contractors execute arbitrary DAX becomes

1701
01:01:18,440 --> 01:01:21,720
conditional access, denies, build outside compliant posture.

1702
01:01:21,720 --> 01:01:23,600
The outcome is not dependent on memory.

1703
01:01:23,600 --> 01:01:25,000
The outcome is compiled.

1704
01:01:25,000 --> 01:01:26,480
Education still matters.

1705
01:01:26,480 --> 01:01:28,640
But only as user interface to the structure.

1706
01:01:28,640 --> 01:01:32,160
Teach what the system will allow, what it will block, and why.

1707
01:01:32,160 --> 01:01:34,000
Show the kill switches, the labels behaviors,

1708
01:01:34,000 --> 01:01:36,600
the edges that veto, make success easy and error

1709
01:01:36,600 --> 01:01:37,600
impossible.

1710
01:01:37,600 --> 01:01:38,920
That is the opposite of blame.

1711
01:01:38,920 --> 01:01:41,400
It is the design that keeps good people from having to be perfect.

1712
01:01:41,400 --> 01:01:42,640
A micro story.

1713
01:01:42,640 --> 01:01:44,640
A finance team spends six months socializing

1714
01:01:44,640 --> 01:01:46,600
and no exports policy.

1715
01:01:46,600 --> 01:01:47,600
Compliance signed it.

1716
01:01:47,600 --> 01:01:48,600
Everyone agreed.

1717
01:01:48,600 --> 01:01:49,600
Quarter close arrived.

1718
01:01:49,600 --> 01:01:51,160
An analyst exported anyway.

1719
01:01:51,160 --> 01:01:52,160
Not defiance.

1720
01:01:52,160 --> 01:01:53,160
Deadline.

1721
01:01:53,160 --> 01:01:55,120
We replace the poster with a block tied to label.

1722
01:01:55,120 --> 01:01:57,560
The next close nobody exported because nobody could.

1723
01:01:57,560 --> 01:01:58,920
The training stopped being a plea.

1724
01:01:58,920 --> 01:02:01,480
It became documentation for a system that already behaved.

1725
01:02:01,480 --> 01:02:03,000
You are not under investing in people.

1726
01:02:03,000 --> 01:02:05,320
You are overestimating what people can hold in their heads

1727
01:02:05,320 --> 01:02:06,880
when the clock is loud.

1728
01:02:06,880 --> 01:02:08,480
Make the architecture carry the weight.

1729
01:02:08,480 --> 01:02:11,080
Then teach the architecture objections.

1730
01:02:11,080 --> 01:02:12,640
Reframed the system laws.

1731
01:02:12,640 --> 01:02:14,080
We trust our analysts.

1732
01:02:14,080 --> 01:02:16,120
The system did not ask for their intentions.

1733
01:02:16,120 --> 01:02:17,560
It asked for code.

1734
01:02:17,560 --> 01:02:21,560
In a distributed decision engine, intent without enforcement is noise.

1735
01:02:21,560 --> 01:02:22,560
Law.

1736
01:02:22,560 --> 01:02:24,360
People optimize for delivery under pressure.

1737
01:02:24,360 --> 01:02:27,920
Therefore, any control that relies on memory is an entropy generator.

1738
01:02:27,920 --> 01:02:29,280
Encode trust as scope,

1739
01:02:29,280 --> 01:02:33,040
Entra groups, conditional access, expiring packages.

1740
01:02:33,040 --> 01:02:35,280
Everything else is storytelling you cannot audit.

1741
01:02:35,280 --> 01:02:36,560
Our lineage is complete.

1742
01:02:36,560 --> 01:02:37,760
Lineage is a map of movement.

1743
01:02:37,760 --> 01:02:38,760
It is not a break.

1744
01:02:38,760 --> 01:02:41,480
You can draw the arrows after the fact and still have no way to prove

1745
01:02:41,480 --> 01:02:46,080
that a labeled asset could not be exported, blended or reinterpreted by a comparator.

1746
01:02:46,080 --> 01:02:47,080
Law.

1747
01:02:47,080 --> 01:02:48,080
Lineage is evidence.

1748
01:02:48,080 --> 01:02:49,080
Not assurance.

1749
01:02:49,080 --> 01:02:50,080
Therefore, enforcement must live at the edges.

1750
01:02:50,080 --> 01:02:54,920
DLP blocks tied to labels, published time vetoes, and failed connections across boundaries.

1751
01:02:54,920 --> 01:02:57,680
If a diagram is the control, there is no control.

1752
01:02:57,680 --> 01:02:59,240
Shared data sets save time.

1753
01:02:59,240 --> 01:03:01,480
They do and they also create an access plane.

1754
01:03:01,480 --> 01:03:04,240
Time saved does not negate identity scope.

1755
01:03:04,240 --> 01:03:05,240
Law.

1756
01:03:05,240 --> 01:03:07,440
Convenience is not an authorization model.

1757
01:03:07,440 --> 01:03:10,840
Therefore, bill permission equals may execute arbitrary DAX.

1758
01:03:10,840 --> 01:03:13,880
And consuming workspace's project authorization never extended.

1759
01:03:13,880 --> 01:03:18,520
If any principle outside enumerated groups can induce a query, the connection fails.

1760
01:03:18,520 --> 01:03:20,120
Efficiency follows authority.

1761
01:03:20,120 --> 01:03:21,440
Not the other way around.

1762
01:03:21,440 --> 01:03:22,440
We tag everything.

1763
01:03:22,440 --> 01:03:24,360
Labels without veto are stickers.

1764
01:03:24,360 --> 01:03:27,640
Attack that cannot deny an export or killer composite is theater.

1765
01:03:27,640 --> 01:03:28,640
Law.

1766
01:03:28,640 --> 01:03:29,840
Classification is a gate.

1767
01:03:29,840 --> 01:03:30,840
Not a caption.

1768
01:03:30,840 --> 01:03:34,840
Law.

1769
01:03:34,840 --> 01:03:36,840
Dissallowed actions at every edge.

1770
01:03:36,840 --> 01:03:37,840
Exports.

1771
01:03:37,840 --> 01:03:38,840
Notebook rights.

1772
01:03:38,840 --> 01:03:39,840
Cross workspace imports.

1773
01:03:39,840 --> 01:03:40,840
Composite blends.

1774
01:03:40,840 --> 01:03:44,840
If a label can't stop the model from existing where it shouldn't, it does nothing.

1775
01:03:44,840 --> 01:03:45,840
Performance first.

1776
01:03:45,840 --> 01:03:48,240
Speed is irrelevant when errors propagate at line rate.

1777
01:03:48,240 --> 01:03:50,640
A fast breach is still a breach.

1778
01:03:50,640 --> 01:03:51,640
Law.

1779
01:03:51,640 --> 01:03:52,640
Capacity is containment.

1780
01:03:52,640 --> 01:03:53,640
Not tuning.

1781
01:03:53,640 --> 01:03:54,640
Therefore, segregation by risk domain.

1782
01:03:54,640 --> 01:03:55,640
Outranks.

1783
01:03:55,640 --> 01:03:56,640
Consolidation savings.

1784
01:03:56,640 --> 01:03:57,640
Throttling is a policy signal.

1785
01:03:57,640 --> 01:03:58,640
Not a comfort knob.

1786
01:03:58,640 --> 01:04:06,040
If isolation is sacrificed to utilization, investigations will be slow, noisy and inconclusive.

1787
01:04:06,040 --> 01:04:07,240
We'll train the team.

1788
01:04:07,240 --> 01:04:09,240
Training is necessary to explain the structure.

1789
01:04:09,240 --> 01:04:10,640
It is not the structure.

1790
01:04:10,640 --> 01:04:11,640
Law.

1791
01:04:11,640 --> 01:04:13,040
Advice cannot substitute for a veto.

1792
01:04:13,040 --> 01:04:16,440
Therefore illegal index patterns fail build period.

1793
01:04:16,440 --> 01:04:17,640
Developers can learn why.

1794
01:04:17,640 --> 01:04:19,040
They cannot override the compiler.

1795
01:04:19,040 --> 01:04:23,840
If the pipeline permits a known bypass, your curriculum becomes an accelerant.

1796
01:04:23,840 --> 01:04:26,840
RLS already protects us.

1797
01:04:26,840 --> 01:04:29,040
RLS constrains row visibility.

1798
01:04:29,040 --> 01:04:31,040
It does not constrain math.

1799
01:04:31,040 --> 01:04:36,040
A measure comparing scope to unscoped values can leak aggregate truth without ever showing a row.

1800
01:04:36,040 --> 01:04:39,040
Law, analytics and authorization are different categories.

1801
01:04:39,040 --> 01:04:43,840
Therefore, comparators that cross identity scoped dimensions are illegal index and must be

1802
01:04:43,840 --> 01:04:46,840
computed upstream under identity and labels.

1803
01:04:46,840 --> 01:04:50,440
If it needs global context, it does not belong in the semantic layer.

1804
01:04:50,440 --> 01:04:52,440
Exceptions are rare.

1805
01:04:52,440 --> 01:04:53,840
They are immortal.

1806
01:04:53,840 --> 01:04:58,240
If a temporary measure becomes a reference, then a standard, then folklore.

1807
01:04:58,240 --> 01:04:59,240
Law.

1808
01:04:59,240 --> 01:05:01,440
Exceptions do not retire themselves.

1809
01:05:01,440 --> 01:05:04,040
Therefore, libraries require manifests.

1810
01:05:04,040 --> 01:05:09,840
Measures with name, gravity are treated as policy and any authorization adjacent logic is banned, not reviewed.

1811
01:05:09,840 --> 01:05:13,640
If a rule depends on someone remembering to clean up, it will accumulate.

1812
01:05:13,640 --> 01:05:15,240
Our vendor needs build access.

1813
01:05:15,240 --> 01:05:16,640
Vendors are identities.

1814
01:05:16,640 --> 01:05:18,640
Workload identities are actors.

1815
01:05:18,640 --> 01:05:19,440
Law.

1816
01:05:19,440 --> 01:05:20,840
Every actor has a kill switch.

1817
01:05:20,840 --> 01:05:27,440
Therefore, service principles get dedicated groups, conditional access, time bound packages and a tested revocation path.

1818
01:05:27,440 --> 01:05:32,640
If you cannot stop an automation without collateral damage, you build an ex-filtration tunnel with a marketing name.

1819
01:05:32,640 --> 01:05:35,440
We can't block exports, the business needs excel.

1820
01:05:35,440 --> 01:05:37,440
The business needs outcomes not file formats.

1821
01:05:37,440 --> 01:05:38,440
Law.

1822
01:05:38,440 --> 01:05:41,040
Governance is outcome preserving and channel restricting.

1823
01:05:41,040 --> 01:05:48,640
Therefore, sensitive outcomes are produced as labeled derivatives in governed enclaves and accessed through supervised endpoints.

1824
01:05:48,640 --> 01:05:54,240
If a requirement collapses to we need CSV, it is a process smell, not a control argument.

1825
01:05:54,240 --> 01:05:57,040
Our environment is too complex for strict rules.

1826
01:05:57,040 --> 01:06:00,640
Complexity is precisely why you need deterministic rules.

1827
01:06:00,640 --> 01:06:01,440
Law.

1828
01:06:01,440 --> 01:06:03,040
Drift grows with surface area.

1829
01:06:03,040 --> 01:06:11,040
Therefore, you remove decision rights from surfaces that cannot express identity or classification and centralize them in entra, purview, DLP and capacity boundaries.

1830
01:06:11,040 --> 01:06:15,440
If your answer to scale is more discretion, you are manufacturing variants.

1831
01:06:15,440 --> 01:06:18,840
Blocking will slow us down. Early. It will make you faster later.

1832
01:06:18,840 --> 01:06:19,440
Law.

1833
01:06:19,440 --> 01:06:23,240
Blocks replace late incident response with early design decisions.

1834
01:06:23,240 --> 01:06:28,240
Therefore, published time rejections and edge vetoes move pain to planning, not production.

1835
01:06:28,240 --> 01:06:33,440
If your calendar prefers firefighting to architecture, you will keep paying the surge pricing.

1836
01:06:33,440 --> 01:06:34,440
Prove this matters.

1837
01:06:34,440 --> 01:06:37,040
Audit asks, who could see what when?

1838
01:06:37,040 --> 01:06:40,840
Law.

1839
01:06:40,840 --> 01:06:43,440
Proveability outranks plausibility.

1840
01:06:43,440 --> 01:06:53,440
Therefore, access is derivable from group membership, conditional access, label policy, DLP actions and capacity boundaries, without spelunking lineage diagrams.

1841
01:06:53,440 --> 01:06:56,840
If you cannot derive the answer from structure, you do not have governance.

1842
01:06:56,840 --> 01:06:59,840
You have faith. Operating rules you can enforce tomorrow.

1843
01:06:59,840 --> 01:07:03,040
Band classes of measures that alter visibility or classification.

1844
01:07:03,040 --> 01:07:08,640
Make it mechanical, a published time rule that rejects patterns with all removed filters, overprotected dimensions,

1845
01:07:08,640 --> 01:07:15,240
scoped verse, unscoped comparators, business key rewrites or dynamic format strings, encoding sensitive state.

1846
01:07:15,240 --> 01:07:20,040
The pipeline fails the artifact. You don't debate intent, you remove the surface.

1847
01:07:20,040 --> 01:07:23,240
Require entrust scoped identities for every consumer and agent.

1848
01:07:23,240 --> 01:07:26,640
No individual grants, no anonymous links.

1849
01:07:26,640 --> 01:07:30,640
Data sets accept build and view only from enumerated intragroups.

1850
01:07:30,640 --> 01:07:37,840
Service principles get dedicated groups, conditional access, time bound access packages and kills which runbooks tested quarterly.

1851
01:07:37,840 --> 01:07:41,640
Consuming workspace is project authorization, they never extend it.

1852
01:07:41,640 --> 01:07:45,040
Make per view labels a prerequisite for model publication.

1853
01:07:45,040 --> 01:07:47,440
Inputs without labels are blocked at ingestion.

1854
01:07:47,440 --> 01:07:52,240
Effective classification propagates to semantic models and reports, with attached behaviors,

1855
01:07:52,240 --> 01:07:58,040
confidential and above cannot be exported, blended in composites, or imported cross workspace.

1856
01:07:58,040 --> 01:08:01,240
Label inheritance is enforced, writes that drop labels fail.

1857
01:08:01,240 --> 01:08:07,640
Turn DLP to enforce at edges, no silent paths, wire blocks for report exports, service downloads,

1858
01:08:07,640 --> 01:08:12,440
notebook writes to unapproved paths, composite model publishers that cross classifications

1859
01:08:12,440 --> 01:08:15,240
and cross workspace imports violating policy.

1860
01:08:15,240 --> 01:08:20,640
Start in monitor for low risk, one briefly, then block decisively for protected domains.

1861
01:08:20,640 --> 01:08:23,440
Quarantine violations into steward only enclaves.

1862
01:08:23,440 --> 01:08:27,640
Isolate capacities by risk domain deny consolidation that erodes isolation.

1863
01:08:27,640 --> 01:08:32,840
Finance, HR, regulated product analytics and vendor sandboxes each get their own capacity.

1864
01:08:32,840 --> 01:08:37,640
Treat cross capacity data set consumption as a boundary crossing with the same entra label

1865
01:08:37,640 --> 01:08:42,640
and DLP checks as cross tenant, throttling is a policy signal, not a comfort knob,

1866
01:08:42,640 --> 01:08:47,040
attached policy manifests to reusable libraries, declare allowed filters,

1867
01:08:47,040 --> 01:08:52,040
compatible labels, identity assumptions and the failure mode reject.

1868
01:08:52,040 --> 01:08:55,840
Pipelines verify manifest adherence, violations hold publication,

1869
01:08:55,840 --> 01:09:00,440
measures with name gravity require manifests by default, validate kill switches,

1870
01:09:00,440 --> 01:09:04,440
pick one workload identity per capacity and revoke it mid run.

1871
01:09:04,440 --> 01:09:07,840
Confirm queries die locally without collateral blast, you'll feel slower week one,

1872
01:09:07,840 --> 01:09:09,640
you'll be faster forever after.

1873
01:09:09,640 --> 01:09:13,240
The takeaway is simple, analytics happens in DAX, authorization does not,

1874
01:09:13,240 --> 01:09:16,240
and only deterministic governance keeps that boundary intact.

1875
01:09:16,240 --> 01:09:20,240
If you want the manifest illegal in DAX rules and a step-by-step hostile assessment,

1876
01:09:20,240 --> 01:09:22,240
grab the playbook linked below.

1877
01:09:22,240 --> 01:09:26,640
Subscribe for the deep dive on wiring entrapackages, purview vetoes and DLP edge blocks,

1878
01:09:26,640 --> 01:09:29,640
then run the four failure tests this week.