We have put together a handy guide for BI developers Top 4 Security Prnciples so that you know your data is secure!
Process Level Security
The overall set of controls, test and procedures a system uses to safeguard data. Any BI vendor you consider should follow all the major industry standards here.
That means checking for vulnerabilities using the DREAD methodology, deploying Secure Development Life Cycle (SDLC) methodology, and running regular audits and penetration tests, in line with the OWASP testing guide. This last one should be conducted externally, so you know they’re not cheating.
System Level Security
This covers who has access, and to what – i.e. authentication, permissions and user management for the application. At a basic level, your BI platform should allow you to offer different level of access, depending on whether you want the user to view or create dashboards, or manage whole data projects. Encryption for data, account credentials and authorization profiles is essential.
Also, keep an eye out for integrations with your active directory, with other platforms using Single Sign-On (SSO), and REST API to customize security settings. These will make it far easier to keep your BI in sync with your organization’s security standards.
Object Level Security
This refers to tools that manage access to different components within the platform. For example, in Sisense’s case, admins control which users or groups can access or edit each dashboard and Elasticube.
Data Level Security
Now we’re down to the nitty-gritty, determining precisely which data inside each data source each individual user can see.
A sophisticated BI program will allow you to use row level security to define exactly what each user sees in a dashboard that’s been shared with them, or prevent new starters from accessing certain data until they’ve been added to the right group. That way, you don’t hand over the keys to the kingdom until they’ve earned your faith.
No matter what case works best for you and your cliental an efficeint security set up is critical to your BI platform development.