Securing Sensitive Information Data Security Dashboards often contain the most important data in the company Securing that information makes business.

Slides:

Advertisements

Similar presentations

RP Designs Semi-Custom e-Commerce Package. Overview RP Designs semi- custom e-commerce package is a complete website solution. Visitors can browse a catalog.

Advertisements

Implementing Tableau Server in an Enterprise Environment

WordPress from Start to Finish Day 1: Installing and Using WordPress Looking at the WordPress database.

Forms Authentication, Users, Roles, Membership Ventsislav Popov Crossroad Ltd.

Forms Authority Database Store Username and Passwords: ASP.NET framework allows you to control access to pages, classes, or methods based on username and.

©2006 Microsoft Corporation. All rights reserved. Windows Vista Security Tidbits Steve Riley Senior Security Strategist Microsoft Corporation

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Web Application Security SSE USTC Qing Ding. Agenda General security issues Web-tier security requirements and schemes HTTP basic authentication based.

PETs and ID Management Privacy & Security Workshop JC Cannon Privacy Strategist Corporate Privacy Group Microsoft Corporation.

5 Copyright © 2006, Oracle. All rights reserved. Securing Grid Control.

Configuring Windows Vista Security Chapter 3. IE7 Pop-up Blocker Pop-up Blocker prevents annoying and sometimes unsafe pop-ups from web sites Can block.

Chapter 7 HARDENING SERVERS.

SETUP AND CONFIGURATIONS WEBLOGIC SERVER. 1.Weblogic Installation 2.Creating domain through configuration wizard 3.Creating domain using existing template.

Authenticating REST/Mobile clients using LDAP and OERealm

TWSd Configuring Tivoli Workload Scheduler Security 1of3

Enterprise Reporting with Reporting Services SQL Server 2005 Donald Farmer Group Program Manager Microsoft Corporation.

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007 SSL Security with Alpha Five App Server Protecting sensitive or personal data.

Edwin Sarmiento Microsoft MVP – Windows Server System Senior Systems Engineer/Database Administrator Fujitsu Asia Pte Ltd

August 25, SSO with Microsoft Active Directory Presented by: Craig Larrabee.

Copyright 2007, Information Builders. Slide 1 WebFOCUS Authentication Mark Nesson, Vashti Ragoonath Information Builders Summit 2008 User Conference June.

1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.

Session 11: Security with ASP.NET

Session 5: Working with MySQL iNET Academy Open Source Web Development.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.

Forms Authentication, Users, Roles, Membership Svetlin Nakov Telerik Corporation

Demos!. Demo 1: Dropbox-like Behavior Syndicate producerconsumer.

Document Management CategoryTracking Information Company:Citrix Systems, Inc. Author(s):Adolfo Montoya Owner(s):Worldwide Support Readiness Last modified:2/20/2012.

IT und TK Training Check Point Authentication Methods A short comparison.

WaveMaker Visual AJAX Studio 4.0 Training Authentication.

Copyright 2000 eMation SECURITY - Controlling Data Access with

Embedding CenterView and Hosting External Content.

SSL, Single Sign On, and External Authentication Presented By Jeff Kelley April 12, 2005.

SE-2840 Dr. Mark L. Hornick1 Web Application Security.

Using AS 10g with EBS What are the Benefits of Integrating AS 10g with Oracle Applications?

Identity on Force.com & Benefits of SSO Nick Simha.

Oracle Application Express Security. © 2009 Oracle Corporation Authentication Out-of-the-Box Pre-Configured Schemes LDAP Directory credentials Oracle.

TWSd - Security Workshop Part I of III T302 Tuesday, 4/20/2010 TWS Distributed & Mainframe User Education April 18-21, 2010  Carefree Resort  Carefree,

Module 4 : Installation Jong S. Bok

1 Chapter Overview Performing Configuration Tasks Setting Up Additional Features Performing Maintenance Tasks.

Designing Secure SharePoint External Access Ondrej Sevecek | MCM: Directory | MVP: Security |

Module 11: Securing a Microsoft ASP.NET Web Application.

Instructions You must bring your own laptop, your presentation and a power supply Technical staff is present in all to assist with network, audio and video.

Database Security. Multi-user database systems like Oracle include security to control how the database is accessed and used for example security Mechanisms:

Module 6: Data Protection. Overview What does Data Protection include? Protecting data from unauthorized users and authorized users who are trying to.

Michael Dalton, Christos Kozyrakis, and Nickolai Zeldovich MIT, Stanford University USENIX 09’ Nemesis: Preventing Authentication & Access Control Vulnerabilities.

1 Chapter Overview Creating Web Sites and FTP Sites Creating Virtual Directories Managing Site Security Troubleshooting IIS.

Security E-Learning Chapter 08. Security Control access to your web site –3 Techinques for Identifying users Giving users access to your site Securing.

24 October 2007 Fernando Lucas Rodriguez Adaptation of HyperNews for the NICE (SSO) authentication.

Oracle 11g: SQL Chapter 7 User Creation and Management.

Session 11: Cookies, Sessions ans Security iNET Academy Open Source Web Development.

ASP.NET 2.0 Security Alex Mackman CM Group Ltd

Interstage BPM v11.2 1Copyright © 2010 FUJITSU LIMITED INTERSTAGE BPM ARCHITECTURE BPMS.

Maryknoll Wireless Network Access Steps for Windows 7 As of Aug 20, 2012.

Business Objects XIr2 Windows NT Authentication Single Sign-on 18 August 2006.

SY0-401 COMPTIA Security+ Certification Exam Vcepracticetest.com.

Installing and Configuring Moodle. Download Download latest Windows Install package from Moodle.orgMoodle.org.

Interstage BPM v11.2 1Copyright © 2010 FUJITSU LIMITED ADMINISTRATION.

1 E-Site - FTP Services Setup / install guide. 2 About FTP services can run on any desired port(s) Runs as a windows service Works for all sites installed.

19 Copyright © 2008, Oracle. All rights reserved. Security.

ArcGIS for Server Security: Advanced

Chapter 5 : Designing Windows Server-Level Security Processes

Jim Fawcett CSE686 – Internet Programming Summer 2005

Power BI Security Best Practices

IBM Certified WAS 8.5 Administrator

Chapter 27: System Security

PitchBook For MS Dynamics Plugin

Navigating GP Security

Use this presentation with Section 2 of the Deployment Workbook.

Designing IIS Security (IIS – Internet Information Service)

Boston Code Camp – April 2019 Jason Haley

Presentation transcript:

Securing Sensitive Information

Data Security Dashboards often contain the most important data in the company Securing that information makes business sense In some instances, securing certain information is required by law or contract

Overview Securing External Access to CenterView Server Server-wide CenterView Settings Dashboard Settings Data Security

Overview Securing External Access to CenterView Server Server-wide CenterView Settings Dashboard Settings Data Security

Securing Server Access Put CenterView server behind firewall –Only allow access to http port –Only run CV in that app server Protect CV Admin –Run Admin on separate App ServerRun Admin on separate App Server –Firewall blocks access to Admin port –To manage CV, administrators would need to be behind firewall, or to VPN in Apache instructions

Server Access cont…. Run App server over SSL –Encrypts all data transfers with CenterView –Step by step instructions for installing a certificate from a certificate authority can be found at the certificate authority’s website (Verisign or Thawte, eg.)

Overview Securing External Access to CenterView Server Server-wide CenterView Settings Dashboard Settings Data Security

Lock down CV Server DB CenterView Server database –Use own secured database, or –Password protect the installed postgres db Modify the Pgsql/data/pg_hba.conf file (Change ‘trust’ authentication method to ‘md5’, eg.)pg_hba.conf file –Change the password for the corda user: ALTER ROLE corda WITH PASSWORD 'somenewpassword'; ALTER ROLE Change the password in the Administrator for the DF Query Cache and the Snapshot DB (and CenterView Server Database, if enabled)

CenterView Admin Settings Deploy in Production Mode Set HTML Console to Off –Change Console Key to something else Disallow displaying of status page Remove example dashboards (Dashboards page)

Named Users Named Users always have access CenterView Resources Two options for set up –Allow automatic assignment of a named user on first login Great when there are lots of people –Manually select the users May be preferred when there are a few executives

Self-Service Login Can only be used with CenterView Authentication Users can register themselves into the system Users can modify their own account identity settings –Change password –Set/Change address –Recover password

Authentication Plug-in Access Active Directory plug-in shipped with CenterView Same plug-in for LDAP – may need some customization to use company scheme Tailor authorization to local environment by using the Auth Plugin API –Single sign-on –Business Objects –Salesforce –Directory is kept in database

Overview Securing External Access to CenterView Server Server-wide CenterView Settings Dashboard Settings Data Security

Dashboard Security Dashboard level access –Limit access to logged in users –Limit access to users in a specific group Pages and KPIs level access –Limit access to users in a specific group

Server Script User isLoggedIn() isUserInGroup(groupName) –Used in conjunction with ‘if’ tag, in the same place show different kpis for each group isAuthorized(kpi1.kpixml) Demo

Overview Securing External Access to CenterView Server Server-wide CenterView Settings Dashboard Settings Data Security

Datafunnel Alias Override Username and password set in the datafunnel tag override the username and password set in the alias. An Auth plug-in could set custom variables that are the username and password for the database for that user Use these custom variables in the datafunnel tag to override the alias.

Database Access Business Objects –Login with BO Auth Plug-in –BO Auth Plug-in can supply groups –User in CenterView uses BO credentials in datafunnel queries to BO Universe Build your own report or run an existing report with user granularity setup

Database Access Cont… Salesforce.com –Setting up embedded dashboards in salesforceSetting up embedded dashboards in salesforce –Privileges of the saleforce user are used in querying Salesforce data querying Salesforce data

Securing Sensitive Information Securing External Access to CenterView Server Server-wide CenterView Settings Dashboard Settings Data Security