Protecting sensitive information in Entity Lists in Power Pages is a critical part of ensuring that only authorized users have access to certain data. Entity Lists typically display data from Dataverse (formerly known as Common Data Service), and protecting sensitive information from unauthorized access or exposure requires careful planning and configuration. Below are the strategies for securing sensitive data in Entity Lists.
1. Define Security Roles and Permissions
The most important first step in securing sensitive information is to define security roles and configure table permissions appropriately. Power Pages integrates with Dataverse for data storage, and you can use security roles to restrict access at both the table and record level.
- Security Roles: Dataverse allows you to define security roles that control who can see or interact with specific data. The roles are customizable to restrict access to certain tables, views, records, or fields.
- Field-Level Security: For sensitive fields, you can use field-level security to restrict which users can view or update certain columns. This is done by configuring field security profiles in Dataverse and assigning them to specific roles. For example, financial data or personal information can be hidden from general users. Steps:
- Go to the Power Platform Admin Center.
- Under Dataverse, select Security.
- Set up Security Roles and assign users to appropriate roles.
- Use Field-level security to configure which fields are visible to each role.
2. Using Row-Level Security (RLS)
Row-Level Security (RLS) restricts access to data at the record level based on user identity. This ensures that users can only see data that they are permitted to view.
- How to Configure RLS:
- Define security roles that limit access to records based on the user’s data.
- For example, an employee might only be able to see their own record or the records of customers within their region.
- Create a security role that includes row-level security filters.
- Implement Owner-based access or Team-based access to specify who owns or manages records.
- Use the Access Control features in Dataverse to apply restrictions for specific users.
3. Conditional Display of Sensitive Data in Entity Lists
In some cases, you may want to display or hide specific columns in an Entity List based on the user’s role or specific conditions.
- Using JavaScript: You can write custom JavaScript that dynamically hides or shows certain fields based on the user’s role. JavaScript can be used to control visibility on the front-end while ensuring sensitive information is not displayed to unauthorized users. Example:
window.onload = function() { var userRole = getCurrentUserRole(); // Implement logic to fetch user role if (userRole !== "Administrator") { // Hide sensitive data column document.getElementById('sensitiveField').style.display = 'none'; } }; - Using Liquid Templates: Another approach is to use Liquid templates within the page or form. This can be used to hide sensitive fields based on roles. Example (Liquid Template):
{% if user.roles contains 'Manager' %} <div class="field">Sensitive Data: {{ entity.sensitive_field }}</div> {% else %} <div class="field">Sensitive Data: Hidden</div> {% endif %}
This Liquid template checks the user’s role and only displays sensitive information to users with the “Manager” role.
4. Using Dataverse Permissions to Restrict Entity List Access
- Table Permissions: You can configure Dataverse table permissions to allow or restrict users from accessing specific entities (tables). By default, entities can be accessed by users who have the required read permissions. Steps:
- Go to Power Apps.
- Under Dataverse, select the table.
- Configure permissions on the table level for different roles (read, write, delete, etc.).
- Entity List Configuration: In Power Pages, configure your Entity List to respect these permissions. For example, if a user is not allowed to view the records from a sensitive table, you can prevent them from accessing the Entity List or limit the data shown based on their role.
5. Audit and Logging for Data Access
Logging user activity and creating audit trails can be an effective way to track who accessed sensitive data and when.
- Enable Dataverse Auditing: Dataverse supports auditing, allowing you to keep track of data access and changes. You can track when sensitive records were viewed or edited. Steps:
- Go to Power Platform Admin Center.
- Under Dataverse, select Auditing.
- Configure Audit Settings to track changes and views for sensitive data.
6. Encrypt Sensitive Data
For additional security, you can encrypt sensitive data both in transit and at rest.
- Encryption at Rest: Ensure that your Dataverse environment is configured for encryption at rest. This is typically handled automatically by Microsoft when using Dataverse.
- Encryption in Transit: Use HTTPS for secure communication between the client (Power Pages) and the server (Dataverse). This ensures that sensitive information is encrypted during transmission.
7. Using Custom Permissions for Specific Data Columns
If you need granular control over individual columns in an Entity List, you can leverage custom security logic or plugin execution to prevent specific columns from being loaded or displayed based on the user’s permissions.
8. Configure Entity List Views and Filtering
Configure Entity List views to ensure that only non-sensitive data is visible by default. Filter out columns that hold sensitive data, such as personal information or financial records, unless the user has the appropriate permissions.
- Dynamic View Filtering: Apply dynamic filters based on the user’s role or profile so that sensitive data is excluded from the default view. Example:
- Create views that exclude sensitive columns like
Social Security NumberorSalary, and then apply role-based logic to enable or disable their visibility depending on the user’s role.
- Create views that exclude sensitive columns like
9. Use Secure Sharing for Sensitive Records
For certain scenarios, you may need to share specific records with specific users or teams. Secure sharing in Dataverse allows you to grant users access to specific records while keeping others protected.
- Share records with specific users or teams who have a legitimate need to view or modify them.