Security Models
SOURCE: ONESTREAM CHAMPIONS
Hi Everyone,
Curious to hear others’ experience in the area of Security. At BDO, we currently have:
5k users configured, of which 4.5k are enabled. 3.6k are in our...
Forum Discussion
Hi all,
We have about 140 users and 114 groups, many of which are nested depending on the access type. We use slice security with data access groups between entity and UD2 product segment. We also defined security groups around:
-Cubes
-Dashboard groups: Acct recs, RequestIt/ACM, copy/clear dashboards, export dashboards, etc.
-Scenarios
-Various roles: Mostly based on the Security Roles page for example, data management access to the file explorer structure, manage cube views, manage fx rates, manage data management groups, task activity screen
-WF channels: Import, forms, journal entries
Hope that’s useful!
-Nicole
Hi Nicole,
That is helpful information, and has some similarities to our model.
How frequent are changes to your model for cube slices?
How would you classify the level of effort maintaining your model for changes (High, Medium, Low)?
Thanks,
Zach
Hi Zach,
Not often - I just updated the slices recently because we split out a segment from one to two so we needed a new group. That happens once every 3-5 years
I’d classify the level of effort as low because the groups are already set up the way we need to so we’re just moving people around as roles changes or new folks are hired. I’d guess ~95% of users have clearly defined roles but we edit that ~5% of more involved users more often as we add new things into OS (ie. parcel service, specific data mgmt/dashboarding etc.). We have ~3 people very familiar with security also so that makes it easier if new things pop up, like the segment split mentioned above.Thanks Nicole, that is helpful. Agree splitting is low effort when we need to, and that is great that you have 3 people familiar with your model.