topic Re: Securing intellectual property on an app deployed on a client site in Management & Governance

Securing intellectual property on an app deployed on a client site

jonathandienst — Sat, 16 Nov 2024 07:06:51 GMT

We have a new requirement and that is to deploy prebuilt solutions to client servers. These solutions contain ip in the load script that needs to be protected. I know how to do that in a Qlikview Enterprise environment. I would like to answer some questions for Qlik Sense Enterprise:

Can any one else see the apps in my workspace and especially the load script? Assume that the client has QS admin(s) and network admin(s) with the normal admin rights.
Is the load script removed from the published app?
Presumably a user with rootadmin access would be able add themselves to the stream and duplicate the app into their own workspace. Is there any way to prevent them from seeing the load script?
Are there other risks?

Re: Securing intellectual property on an app deployed on a client site

agigliotti — Thu, 06 Dec 2018 09:57:15 GMT

very interesting topic also for me.

Re: Securing intellectual property on an app deployed on a client site

jonathandienst — Fri, 07 Dec 2018 05:17:56 GMT

*Bump*

No-one?

Re: Securing intellectual property on an app deployed on a client site

kaushiknsolanki — Fri, 07 Dec 2018 05:41:39 GMT

I Was trying my hand using the Dropbox connector, to include the file from dropbox directly to script, but it seems I need to experiment more on that. 🙂

Regards,

Kaushik Solanki

Re: Securing intellectual property on an app deployed on a client site

Joan_MARTY_P3 — Tue, 11 Dec 2018 15:41:41 GMT

data connection definition and security

IPs are stored into the dataconnection. Dataconnection read access can be managed with security rules.

So you can protect the details like that in qlik sense entreprise

Who can see my apps

Apps that are in your workspace are only visible by you and people that are having the content admin role.

This statment is true with default security rules and after it depends on the customisation you performed in the QMC.

Load Script visible in published app

One an app is published, load script, data manager and data model menu are no more available. The script is still inside but no more readable. Its only available while you are in your own work aera.

Rootadmin duplicate and see my script

Proposal should then be to completely put your scripts out of the application (see usage of qlik sense script files)

check for include statment in load scripts

Re: Securing intellectual property on an app deployed on a client site

jonathandienst — Tue, 29 Jan 2019 13:12:09 GMT

Thanks. Can you clarify

>>IPs are stored into the dataconnection

The problem is that the other part also has the rootadmin role, so they can change the security rules for the data connection. Or could you set up a security rule that only the owner could see the connection and only the owner could change the security rules?

Re: Securing intellectual property on an app deployed on a client site

Joan_MARTY_P3 — Tue, 29 Jan 2019 14:38:51 GMT

In such case, you have to create dedicated security rule to create a new admin type at first.

then you create a set of security rules where you define what they can do.

Its not really easy to do so but manageable.

It's what I set up in the past for a big customer where we admin delegated a part of our role to community managers