Security Roadmap Overview
In some circumstances, managing security within IBM Cognos 8 BI can be a multi-phase process that involves four key steps. FirstQuarter’s Security Studio software compliments the comprehensive security of IBM Cognos 8 Business Intelligence simplifies those steps. With FirstQuarter’s Security Studio you can:
- Centralizes security administration
- Reduces administrative burden by at least 90%
- Addresses ongoing data security audit and compliance issues
- Simplies the administration process.
The solution addresses security in the following area within IBM Cognos BI.
- Namespace Management
- How to effectively manage groups and memberships within my namespace?
- Data and Object Security
- How to quickly setup custom views?
- How to show/hide various dimensions and measures?
- Content Security
- How to quickly setup group-based filters?
- How to limit which folders, tables, and columns that a user can access?
- Cognos Connection
- How to provide users with a truly role appropriate view of objects within Cognos Connection?
- Audit Reporting
- Provides visibility into “Who has access to what?” and “When did the grant occur?”
FirstQuarter’s Security Studio simplifies and organizes these key tasks into a unified security console that streamlines the security administration process and improves overall security accuracy.
Step 1:
Alleviate ongoing namespace management issues
FirstQuarter’s Namespace Management & Reporting tools
Valuable tools to address the following key administrative issues:
- Single security console for managing ongoing namespace issues which include:
- Creating new groups in the target namespace
- Seamlessly creating user to group memberships
- Security reporting that addresses ongoing management issues and ongoing data security audit concerns.
FirstQuarter's Namespace Management & Reporting modules facilitate day-to-day tasks involved in administering IBM Cognos. They provide a single point of administration for Cognos BI as well as IBM Cognos reporting that address ongoing management and data security audit concerns.
Step 2:
Secure IBM Cognos business intelligence
FirstQuarter's Security Studio
The first and only administration tool that builds and coordinates security in Transformer, Framework Manager and Impromptu/IWR.
Data Security Modules
Within the Cognos Business Intelligence applications, Security Studio controls data and object security.
Based upon user preferences set within Staging Manager:
| Module | Data Security | Object Security |
|---|---|---|
| Transformer | Creates complex custom views that are necessary to drive data security within cubes. Can create security for all security Transformer security policies: Apex, Exclude, Cloak, and Summarize. | Based upon user preferences set within Staging Manager: Shows/hides dimensions Shows/hides measures Controls cube based access groups, sometimes referred to as model security. |
| Framework Manager | Creates complex group/filter pairs that drive security. Groups may be created from data in one or more dimensions using Security Studio Staging Manager. | Limits access to various tables based upon object security settings. |
| Impromptu | Creates complex group/filter pairs that drive security. Groups may be created from data in one or more dimensions using Security Studio Staging Manager. | Based upon user preferences set within Staging Manager: Limits access to various tables based upon object security settings. |
Step 3:
Secure IBM Cognos Conneciton
Content Security
In Security Studio we refer to security within Cognos Connection as Content Security. Security Studio facilitates the creation of security in Cognos Connection to ease the burden of administrators.
Configuring security for each of the object below requires that: (1) groups be setup in the namespace, (2) that a linkage be made between the namespace group and the objecting being secured, and (3) that the appropriate grant/deny attributes be set for each object being secured. This becomes a cascading challenge when administrators have to address issues like: who has read, write, and admin privilege to various objects in Cognos Connection.
Security Studio addresses security on the most common objects as well as objects that are often of secondary focus to administrators.
| Most common focus of administrators | Secondary focus for administrators |
|---|---|
| Folder | Job Definition |
| Package | Query |
| Capabilities | Report |
| Data Sources | Analysis |
| Folder | Report View |
| Shortcut | |
| URL |
Step 4:
Relieve IT Burden
FirstQuarter’s Web Grant
After securing IBM Cognos BI, it is important to relieve the burden in IT by delegating security to those involved in the day-to-day running of the business. With WebGrant, administrators can delegate the ongoing membership assignment process to those in the user community who are closest to the day to day changes.
This results in shorter turnaround time and reduction in the administrative burden for IT.
WebGrant allows administrators to cleanly and precisely determine how security responsibilities for ongoing membership management are delegated across the organization.
Note: WebGrant is available to customers using FirstQuarters Namespace Management & Reporting tools as well as Data/Content Security tools.
