Galaktikasoft

OLAP Security


When working with Ranet OLAP, access to business data in the pivot table can be organized according to the principle of Microsoft SQL Server Analysis Services where you can customize access rights for all users. Such a security model based on users’ roles for each data hierarchy provides the necessary security level for confidential information. Today we will take a look into the way of providing data security by MS SQL Analysis Services.

Why is OLAP data protection important for business?

Human factor takes great influence when speaking about working with huge amounts of OLAP data. Statistically, human dishonesty and errors cause up to 64% of data loss cases. People can change or delete some important information. Backup solutions help avoid such incidents and maintain better OLAP security.
Hackers attack can cause a leakage of strategic information, which is crucial for your business. That is why it’s important to implement a secure solution which makes it possible to back up and get back the data. This also applies to the insider threat, and there’s no matter whether it was made accidentally or by an unfair decision.
Data synchronization errors can also cause deletion of information when you import OLAP data from some kind of device or synchronize several devices.
This list of risk factors cannot be described as exhaustive, but it’s enough to realize that commercial data is a valuable asset which must be protected as a matter of priority. Not all vendors can provide the required level of OLAP data security regarding known vulnerabilities. Let’s consider the ways of supporting appropriate control of data usage in the case of common operating of Ranet OLAP components and Microsoft SQL Server Analysis Services.

Writeback partitions

Certain reports are impossible without the modification of initial business data, for instance, when you need to do the cost forecast for the next quarter. Ranet OLAP provides users with such a feature. If an OLAP cube has an editing option, then you can change all numeric values comparatively to certain economic conditions right in the cube. It is comfortable because you do not need to create several reports manually. Among other things, it maintains OLAP security, because initial data cannot be deleted. It means that the data loss is excluded. The history of changes is available for all the users, so you will know who edits the document and when they do it.

How OLAP security is maintained in Microsoft SQL Server Analysis Services?

In general, OLAP data security monitoring can be arranged in two ways: at instance level and at user level:

User level

Organization of data access control in compliance with security roles allows to manage the process of data usage even in an enterprise with very complex organizational structure. Meanwhile, this process doesn’t interfere with simultaneous users’ activity in the system. Roles are assigned by system administrators for the users that don’t have administrator’s access rights.
Assignment of a security role allows to configure access to a certain data type for a definite group of employees, for example, sales department or accounts department. One user can possess several security roles. In this case, they can use all privileges, which correspond to the present role.
The role connotes to a user or a group of users. Users can be added to the list of roles and deleted from there.

Instance level

A set of permissions is envisaged for each role. Permission is related to a certain object. At the same time, different permission sets can be provided for one and the same object. It means that users with diverse roles can have access to the same document but see only a specified piece of data. For example, a certain user can recall information about annual sales in Europe for 2017 and in parallel the access to the information about sales of some products can be denied for the same user.
The functionality of Ranet OLAP allows to define access rights for users down to rows and even cells. These options enable administrators to implement flexible database security policy. User’s query results in Ranet OLAP pivot table are shown based on SQL Server security model. Ranet OLAP Pivot Grid control is responsible for proper performing of referred actions.
To learn more about strong OLAP security capacities of Ranet OLAP Pivot Grid control read our blogpost.