Features

You can utilize the following features to secure dimensions:

Secured and unsecured dimensions

You can have a mixture of secured and unsecured dimensions in an application. Securing dimensions allows you to control which users (or teams) have read, write or deny access to dimensions and their members. You need to define a dimension as secured if you want to control member access by specific dimensions. All users can access unsecured dimension members.

Member access profiles are used to grant application access. At least one dimension in an application should be secured to ensure control over application and data access. When defining member access for secured dimensions, be sure to define access for all secured dimensions of the application. Failure to do so results in the inability to access that application for any users or teams assigned to the member access profile. For more information about setting up member access profiles, see Member Access Profile Setup in the SAP Planning and Consolidation 7.5 NW Security Guide.

Security for member-level dimensions

In addition to defining dimensions as secure for individual applications, you can assign write access to members within the dimension using member access profiles. Since by default, users do not have access to any members of a secured dimension, member access profiles must be set up for the users you want to give read-only or write access.