Skip to Main Content
Spotfire Ideas Portal
Status Future Consideration
Product Spotfire
Categories Library
Created by Guest
Created on Dec 4, 2018

Need for folder-based licensing, or change in Browse permission to disable saving / exporting content (security leak)

In my Spotfire Library, there are some files containing sensitive data  that I do not want users to save, either back to the Library or to the file system, nor do I want them to Export data or visualizations, etc., from those files. I can limit access to the folders containing those files, but I cannot prevent unauthorized export or copy out of those files, because for the Library as a whole, these actions are permissible. 

There needs to be folder-based permissioning to prevent the Save/Export operations. This should already be a part of the Browse permission, but is not. Browse means you can open files and navigate folders. There is nothing in the classic definition of the word "browse" that implies "saving". OTOH, "modify" implies you are indeed saving content, so save/export operations should be part of Modify, but not Browse.

 

To have this functionality now, I would need to stand up and maintain another, distinct Spotfire environment that disables all save/export licenses for a certain class of user. Blah.

Additionally, we need to expand the action log Action categories to include saving files and Exporting data / images, so Admins can track and audit data exposure.

Any chance we could see some needed improvements in the Administration of the Spotfire platform?

thanks,

JP

 

 

  • Attach files
5 MERGED

More security on Data / Action with DXP

Merged
Hello Here is our problem.Team A create Information Link and DXP file, and publish it in Web Player.On Web mode, Team A can Access and Modify, and Team B can just Access.The DXP has the option "Autorize Web Customer" to NO, so that Business Author...
almost 5 years ago in Spotfire / Visualization 0 Future Consideration