idea Re: Security enhancement request to QEM - Access to source and target in Suggest an Idea

Security enhancement request to QEM - Access to source and target

l9phan1 — Thu, 11 Jun 2020 15:10:28 GMT

In the current version of QEM, anyone that can login to QEM have the ability to access source and target created by other people. Example: user1 can create a new task in QEM using source and target created previously by user2. This create a security issue since outside of the QEM application the user1 doesn't have access to source and target that user2 have access. It would be ideal to have source and target permission similiar to task permission.

Re: Security enhancement request to QEM - Access to source and target

BradA — Fri, 19 Jun 2020 15:20:51 GMT

I agree that QEM and the Replicate UI should be able to assign access controls at the individual Endpoint level as can be done for an individual task.

Re: Security enhancement request to QEM - Access to source and target - Status changed to: Open - Collecting Feedback

Ola_Mayer — Wed, 24 Jun 2020 14:30:12 GMT

Thank you for your feedback, we are currently collecting additional feedback.

Re: Security enhancement request to QEM - Access to source and target

Matthew_Christian — Tue, 07 Jul 2020 16:49:09 GMT

This feature is very important to us from a data privacy perspective.

My team works in a governance and compliance role and we use Attunity to move data for several highly sensitive data sources. We discussed the lack of controls at the endpoint and task level with our compliance counsel and it's considered to be a data privacy compliance risk. Our current workaround is to use separate servers for different content, but that's not really scalable for a global organization.

Having this feature is key for us to use the product in a scalable, cost-effective manner.

Re: Security enhancement request to QEM - Access to source and target

JonCarpenter — Fri, 10 Jul 2020 14:26:06 GMT

The ability to control access to endpoints is an important topic in my organization as well. We have an analytics group that is separate from IT. Our IT group needs to maintain security on the source systems and ensure compliance with our security policies. It would be ideal to have a granular way to control endpoint access within Replicate itself, and QEM.

Re: Security enhancement request to QEM - Access to source and target

l9phan1 — Fri, 10 Jul 2020 15:36:07 GMT

I am glad to see you have the same concern.

Re: Security enhancement request to QEM - Access to source and target

paullewis — Mon, 13 Jul 2020 16:43:40 GMT

Big Up Vote!!!

This SER is spot on by detailing a glaring hole in the QEM/Replicate security model. It is not sufficient to hide a task from prying eyes. The products should also protect the source and target endpoints to ensure that NO unauthorized access or manipulation of data can occur.

Currently anyone with developer access to Replicate can create a task, assign any source endpoint they choose and replicate data. Once replication is complete they delete the task and nobody is the wiser. Sure the activity is recorded in logs, but these are not easily digestible and there are no reports that can easily be run to see who created/executed tasks with which endpoints during a period of time.

This gap in security is forcing my corporation to stand up "secure" replicate servers with tight access permissions to prevent the potential unauthorized access or manipulation of data. This is an unnecessary cost and administrative burden that can be eliminated by simply applying the same security model to endpoints that is currently in place for tasks.

Re: Security enhancement request to QEM - Access to source and target

JCJnr — Wed, 02 Sep 2020 12:17:55 GMT

Another Big Vote !!!

Working in a Banking environment, the are some system replicating Credit Card Numbers, and this cause a serious risk for the bank.

I really cannot wait for this enhancement to be build..

Please Please Please!!!!!!!

Re: Security enhancement request to QEM - Access to source and target

sidneyb — Thu, 15 Apr 2021 18:07:09 GMT

Any updates on this new feature, it's becoming a key item for us to enable replication of sensitive data without having to stand up new instances of Qlik Replicate.

Re: Security enhancement request to QEM - Access to source and target - Status changed to: Open - On Roadmap

Shelley_Brennan — Fri, 23 Jul 2021 18:14:01 GMT

Thank you for all of the good input. This is in the Replicate roadmap and will update when development is underway. Thank you!

Re: Security enhancement request to QEM - Access to source and target

andile — Thu, 03 Mar 2022 07:59:49 GMT

Security is very critical. I had opened a support case after seeing the highlighted message from QEM window. This feature is key as is the task permissions. No user should be able to make changes on other user's endpoints. It's like the concept of least privilege. You wanna give users the least access so that they can only manage what is theirs only.

Re: Security enhancement request to QEM - Access to source and target

Herra — Thu, 08 Sep 2022 11:41:51 GMT

Strongly agree..

Working in a company that has several divisions, where each should not have access to other division's endpoints so as to avoid mistakes or intentionally taking data from other divisions. Aims mistake or intentionally take data from other divisions.

Really appreciate if this feature is already on the roadmap and can be delivered soon.

Thank you.

Re: Security enhancement request to QEM - Access to source and target

marina_marshak — Tue, 21 Mar 2023 16:57:57 GMT

Thank you for your continued feedback and patience while we deliver new features and enhancements to Replicate product.

This feature is very important to us, and it is high priority item on Replicate short-term roadmap.

From now on, please track this idea from the Ideation por...

Meghann_MacDonald — Wed, 02 Aug 2023 16:26:11 GMT

From now on, please track this idea from the Ideation portal.

Link to new idea

Meghann

NOTE: Upon clicking this link 2 tabs may open - please feel free to close the one with a login page. If you only see 1 tab with the login page, please try clicking this link first: Authenticate me! then try the link above again. Ensure pop-up blocker is off.

Re: Security enhancement request to QEM - Access to source and target - Status changed to: Closed - Archived

Ideation — Wed, 02 Aug 2023 16:26:13 GMT