Data Security

This applies to: Managed Dashboards, Managed Reports

Symphony Managed Dashboards and Managed Reports support user-based filtering of data or row-level security using attributes that describe each logged-in user and can be used to filter the data they see. You can create your own custom attributes and assign values to user accounts or groups of users to use for filtering against a particular column, for example returning only data where the Region is North America for the appropriate users.

• Set up a security hierarchy based on custom attributes to completely hide non-applicable values from users, including in filters, while allowing for the option to use data cube storage options.

• You can also configure a transform in a data cube to filter the data according to an attribute such as account name or a custom attribute.

• Some data sources may already have row-level security set up. If you use impersonated Windows credentials or roles impersonation when creating the data connector, or if each user creates their own data connector with their own credentials, each user will see data according to the existing rules.

When creating a data connector or data cube for other users to use, you can also determine which tables, columns, or cubes are included, for table-level and column-level security. Select data structures to include under a data connector, or columns to include in a data cube's select transform or process result. When connecting to an OLAP database, cube perspectives define a subset of measures and dimensions to be provided when using them. The security privileges described in the previous section can be used to provide access to only the appropriate files to each user. DundasScript used for example in a data cube's calculated element can check the current session and the user's attributes or custom attributes to determine whether or which values should be displayed depending on the user.

Metric sets have options to make use of measures for formulas or states, for example, but hide their values completely from users visualizing the result or exporting the data. If users should be able to visualize but not export data, you can also prevent export of metric sets or only certain measures or hierarchies.