Strong data security starts with proper documentation
In source systems, we – or the IT or finance department – often hold some pretty strong views on who should get access to which data, with shared file folders ideally having limited access according to business roles and needs.
For example, log-ins in ERP systems typically restrict access for shop assistants and warehouse workers who can see less information than managers and the finance department. And it goes without saying that payroll is often the most restricted area, since a lot of sensitive and personal data is stored there.
The moment data leaves the source systems for a BI front-end like Tableau, Power BI or Qlik, we often neglect the importance of security rules.
Sometimes, security is neglected due to forgetfulness, other times it is more a matter of turning the blind eye towards it. When addressed directly, some technicians will state that the main reason for not going all in for data security in BI and analytics is the lack of options. They simply lack a tool, a place, or a way to implement security without having to manually hand code access rights.
This hand coding is required in numerous apps or as a way to maintain various connect strings in a data source or even as parameters in a spreadsheet or text file so that systems can look up security privileges and variables that are used to interconnect in a semi-automated way.
Security Layer? Yes, Please!
No matter what stage of the data life cycle and no matter which tool you use – even if you’re just accessing data sources via an Excel spreadsheet – security measures should always be applied.
Recognizing this as an important issue for a BI platform, some modern solutions are now available to solve the task of security. A few of these solutions are part of a company’s BI platform, residing as functionality in the data warehouse, and can offer access rights (on tables and fields) granted on the level of business user roles or based on the content of a specific field.
As an example, in this way, your French sales team can only see sales in France, while the German sales team can focus on German sales, even though they are both looking at the same dataset and using the same front-end tool or app.
One important consideration to actively decide is who should get access to data. Another piece of the puzzle is to keep the overview of data accessible, where it’s all stored and how it’s all connected. Yes, I am talking about documentation.
Documentation Adds to Security
Most programmers, software developers, data warehouse modelers and others working in similar areas find writing documentation to be one of the least desired tasks at all. It often ends up at the bottom of the to-do list or the back side of the list, never to be checked off as a completed action item.
But having up-to-date documentation lets you keep track of changes made in the data model over time, as well as to answer any questions regarding current dependencies in data and where your data should reside.
Adding to that, is also holds the benefits of having a resource telling you how measures are calculated, ensuring fast response whenever someone questions where a certain number originates from and which data fields it’s based on.
By choosing a platform that supports automation for the task of writing and maintaining documentation, you get the benefit of either freeing up personnel that can be used to add more data sources or build more data models for analytics and self-service BI.
It is true that if the current status of documentation is at a bare minimum and you do not wish to raise the bar very little time would be saved, but having the automation still makes it a lot easier to get an overview of the data, where it is used and with needed security levels. The end result would be saving a lot of time when it comes to answering questions about your data, as well as making it easier for compliance when it comes to audits.
If you, your data protection officer, DPO, or someone from external audits like GDPR, want to look over shoulders, the documentation is only one click away and always up-to-date, revealing who has access to which data.
As things stand in your business right now, dare you ask the all-important question: Do you know exactly who has access to which data in your current environment? Even more, do you need to conduct a data audit? If so, you might like “4 steps to conducting a GDPR compliance audit.”