Skip to main content
Announcements
Have questions about Qlik Connect? Join us live on April 10th, at 11 AM ET: SIGN UP NOW
cancel
Showing results for 
Search instead for 
Did you mean: 
jonathandienst
Partner - Champion III
Partner - Champion III

Securing intellectual property on an app deployed on a client site

We have a new requirement and that is to deploy prebuilt solutions to client servers. These solutions contain ip in the load script that needs to be protected. I know how to do that in a Qlikview Enterprise environment. I would like to answer some questions for Qlik Sense Enterprise:

  • Can any one else see the apps in my workspace and especially the load script? Assume that the client has QS admin(s) and network admin(s) with the normal admin rights.
  • Is the load script removed from the published app?
  • Presumably a user with rootadmin access would be able add themselves to the stream and duplicate the app into their own workspace. Is there any way to prevent them from seeing the load script?
  • Are there other risks?

 

Logic will get you from a to b. Imagination will take you everywhere. - A Einstein
Labels (2)
6 Replies
agigliotti
Partner - Champion
Partner - Champion

very interesting topic also for me.
jonathandienst
Partner - Champion III
Partner - Champion III
Author

*Bump*

No-one?
Logic will get you from a to b. Imagination will take you everywhere. - A Einstein
kaushiknsolanki
Partner Ambassador/MVP
Partner Ambassador/MVP

I Was trying my hand using the Dropbox connector, to include the file from dropbox directly to script, but it seems I need to experiment more on that. 🙂

Regards,

Kaushik Solanki

Please remember to hit the 'Like' button and for helpful answers and resolutions, click on the 'Accept As Solution' button. Cheers!
Joan_MARTY_P3
Contributor III
Contributor III

data connection definition and security

IPs are stored into the dataconnection. Dataconnection read access can be managed with security rules.

So you can protect the details like that in qlik sense entreprise

Who can see my apps

Apps that are in your workspace are only visible by you and people that are having the content admin role.

This statment is true with default security rules and after it depends on the customisation you performed in the QMC.

Load Script visible in published app

One an app is published, load script, data manager and data model menu are no more available. The script is still inside but no more readable. Its only available while you are in your own work aera.

Rootadmin duplicate and see my script

Proposal should then be to completely put your scripts out of the application (see usage of qlik sense script files)

check for include statment in load scripts

 
jonathandienst
Partner - Champion III
Partner - Champion III
Author

Thanks. Can you clarify

>>IPs are stored into the dataconnection

The  problem is that the other part also has the rootadmin role, so they can change the security rules for the data connection. Or could you set up a security rule that only the owner could see the connection and only the owner could change the security rules?

Logic will get you from a to b. Imagination will take you everywhere. - A Einstein
Joan_MARTY_P3
Contributor III
Contributor III

In such case, you have to create dedicated security rule to create a new admin type at first.

then you create a set of security rules where you define what they can do.

Its not really easy to do so but manageable.

 

It's what I set up in the past for a big customer where we admin delegated a part of our role to community managers