Cognos, a world leader in business intelligence and performance management solutions, announced the results of a recent security evaluation on Cognos 8 Business Intelligence performed by Symantec Corporation. Cognos 8 BI helps enterprise customers worldwide continue to progress BI standardization and performance management initiatives with increased confidence in secure information delivery and access throughout the organization.

Cognos 8 Business Intelligence has gone through an independent and detailed security evaluation conducted by Symantec. According to the report, the overall design of Cognos 8 BI employs a robust architecture for secure reporting and analysis. The security assessment also revealed that Cognos understands sound security practices and has surpassed industry best practices by designing a secure architecture and framework for reporting and analysis applications. The audit concluded that, at the time of the assessment, " none of the capabilities assessed contained high risk instances of common web application vulnerabilities."

"As security subject matter experts, the Symantec Consulting Services organization is focused on helping companies increase their knowledge of security and other IT risks that impact them today to enable them to effectively meet the requirements of their customers," said Charles Johnson, vice president, global consulting, Symantec. "By leveraging Symantec application security experts to assess the Cognos 8 BI security architecture, Cognos has further demonstrated its commitment to ensuring its products continue to meet customer requirements for securing their most important assets."

Cognos 8 BI offers enterprise customers a comprehensive foundation to address BI security concerns, including the areas of authentication, access control, data-level security, application firewall, and encryption:

  • Authentication: Cognos 8 BI delivers prebuilt integration with leading security providers and security APIs for custom security systems to enable simultaneous user authentication and logon to any number of namespaces, which is a key security criteria according to Symantec. Unlike other BI providers that still rely on their own security maintenance, Cognos 8 BI reduces the complexity, time, and costs of administering and maintaining multiple security systems by enabling customers to leverage "best of breed" security providers and in-place application security.
  • Access Control: Cognos 8 BI enables establishment of granular user access rights from within Cognos or a third-party security provider. This authorization is centralized to simplify administration of disperse user communities and does not burden IT administrators to manage multiple security schemes. As a result, IT can grant or deny permissions, perform BI activities, and track/audit usage for select users, groups, and roles. Customers can leverage this control to ensure government and industry compliance requirements and reduce IT costs for maintaining authorization to BI capabilities.
  • Data-level Access Rights: Cognos 8 BI enables security of all BI objects and information, from folders, subject areas, individual reports, analysis, metrics, scorecards and dashboards, events and alerts, portal pages, data connections, etc. This granular level of control eliminates the need for maintaining different information models per user group, and reduces report proliferation as one report can display different content depending on data security settings for different users. In addition, data-level security enables BI standardization of a centralized or hosted solution while ensuring different user communities only have access to the information they need.
  • Application Firewall: Cognos 8 BI's application firewall provides additional level of web security by preventing unauthorized access to BI services. The application firewall monitors and interprets protocol traffic between BI services as a way to help prevent hostile attacks and service interruption, and logs any denied traffic. This approach balances open services with stringent security to give organizations confidence for global and external deployment.
  • Encryption: Cognos 8 BI protects all data and transmissions using industry-standard encryption algorithms such as Triple DES and AES. This encryption approach prevents vulnerability of data, temporary files, and communications, and protects information from data source to data presentation (through a dashboard, scorecard, report, spreadsheet, etc.).

"Organizations want to turn information into competitive advantage, but the more information they deliver, the greater the volume of security concerns," said Gartner analyst Kurt Schlegel. "In addition, tighter regulatory compliance and a shift to outsourcing on-demand software requires stringent security and a complete audit trail within and beyond the enterprise. BI security needs to be more than just an evaluation checklist item, and enterprises should carefully scrutinize security measures and standards to protect information while fostering access to a wide range of users."
"One of the benefits we have identified with Cognos 8 BI is the ability to integrate the BI security with our existing enterprise security architecture," said Mark Lack, planning and financial analysis manager, Mueller, Inc. "This ease of integration is important for three reasons. First, because user access is defined at the enterprise level, users only see BI data they already have access to, making their experience easy and seamless. Second, this alleviates the frustration and nightmare of maintaining security at multiple levels. Third, by keeping security in sync across our applications, we can help reduce our cost and risk."

"BI security risks can occur at any point during information access, from the end user down to specific data points," said Frank Gelbert, CEO, Appfluent Technology, a Cognos technology partner. "Cognos 8 BI's inherent security capabilities protect enterprises down to the data layer. Our joint customers benefit from this deep level of protection, and when combined with the Appfluent data usage solutions, gain visibility into how data and applications are being accessed. As a result, enterprises can monitor usage and improve efficiency of BI and performance management solutions with greater confidence."

For more information about Cognos 8 BI security, visit .

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access