Learn About Data Security in Your Model

Depending on your business case or the sensibility of your data, you might need to restrict access to your data. Data can be secured at different levels in modeler. You can apply security settings to models and dimensions, and you can also apply more detailed restrictions.

This section provides an overview of the security settings available. You'll find links in the sections below that redirect you to more detailed content.

Security Settings Based on Teams or User IDs

The foundation of security comes from the user role assignment. For each role, you can define permissions. In the Security Roles area, you can assign general permissions for all models, but you can't assign permissions for individual models. For information on user roles, see Standard Application Roles.

Users must be assigned a role with the same overall model permission level as the model type they want to access. For example, someone assigned only Read access to Analytic Models in their role (and not also granted Update, Delete, or Maintain) will only ever be able to view data from the models they are allowed to read, even if they are additionally granted Update, Delete, or Maintain permissions on those models.

Think of it like a combination: to read a user's private planning model that has been shared with you, you'll need three things:

  • Rights to read the model via the sharing rights that are set by the user when they share it.
  • Read rights on the Planning Model or Analytics Model application privilege.
  • Read rights on the Private Files application privilege.
    Note
    Depending on where the model is saved you might need read rights on either Private File or Public Files application privilege. For example, if the model is saved in the Models folder under Public, you need read on the Public files application privlege. For more information, see Permissions

If you don't have one of these three rights, you won't be able to read (open or use) the model.

Note
Users with an SAP Analytics Cloud for planning, standard edition license must be assigned a role with Maintain permissions on planning models and analytic models. Users also need the Read and Maintain permissions granted via the Share settings directly on the model itself to upload or change data. For more information, see Create Roles and Share Files or Folders.

Share/Unshare Your Model

Another security level comes from the sharing settings and the file location of models. By default, models saved to My files area are only see by the user who creates the model. However, you can share your model with other teams or individual user. You can make the model accessible to others by saving it to the public folder. Saving a file to public folder automatically share it with everyone who can access this folder as long as their role give them permissions.
Note
Model permissions take priority on story permission. For example, if you want a user to view all data on a story, you need to share the story and give the user at least read permissions for each of the models that are used in the story.

Models can be shared the same way that stories and folders can be shared. In the sharing dialog, you can choose the access level for the users or teams that the model is shared with: View, Edit, Full Control, or a Custom access level.

For information about sharing files, see Share Files or Folders.

Version Security

Adding version security to a model lets you restrict read, write, and delete access to public versions, to prevent other users or teams from changing them. Users who have read-only permission for public versions can still copy data to a private version that they can edit. Users who don't have write permissions can't publish into a public version. With delete permissions for a public version, a user can read, publish to, and delete a public version.

Model Data Privacy

This setting determines whether the model is visible to users other than the owner. If you switch on Model Data Privacy, only the owner of the model and user roles that have specifically been granted access can see the data. Disable this switch if you want the model and data to be public.

Data Access Control

You can set permission for individual dimension using Data Access Control.
Example

  • To ensure that product managers can see the financial results only for their products, you enable the DAC for the dimension Product.

  • To prevent some planners from deleting a public version, you enable data access control for the version dimension and don't give them delete access for that version.

For more information, see Set Up Data Access Control.

Validation Rules

For planning models, validation rules let you define the allowed member combinations across multiple dimensions to prevent improper data entry and planning operations in stories and analytic applications. The system validates the data in the model according to the validation rules you define for this model, and planners are only allowed to enter data or use planning functions for the specified member combinations.

Validation rules do not impact data import and data deletion. To prevent planners from deleting public versions, use data access control.

For more information, see Define Valid Member Combinations for Planning Using Validation Rules.

Data Locking

Unlike most other data security features, data locks are designed to change frequently over time. For planning models, data locking lets you prevent changes to specific data at different stages of the planning process, while also delegating control over the lock state to other users.

Except by users with special permissions, locked values can’t be changed by importing or deleting values in the modeler, or by data entry or other planning operations. Data locking doesn’t prevent public version deletion, though; use data access control instead.

For more information, see Configuring Data Locking.