Qlik Community

QlikView Management

Discussion Board for collaboration on QlikView Management.

Highlighted
datanibbler
Esteemed Contributor

Data security issue with further rollout of QlikView


Hi,

I have a preliminary question (it's not acute yet as we are not at that point of the rollout, it is still in planning; We have to present the possibilities to the Management now and I just like to know the details beforehand)

=> One alternative way of designing the germany-wide rollout of QlikView that we are planning (and the one that we're probably going
     to decide for) is to do everything centrally here.
    => That implies that
          - The development_team here is going to draw variable amounts of data, from Excel_lists or from the databases
             at the other branches.
          - The other branches are often (if not permanently during office_hours) going to access the Apps on our server.

=> My question is: What options do I have to optimally protect that data in transit (in both directions)
     => I know that one option is to password-protect the apps, but I don't really want to do that because the managers are supposed to
          be able to open every app via document_chaining without the need to enter some logon_data every time.
          <=> If in doubt, I would always put security first, so if passwords are the easiest way, so be it ...

Thanks a lot!

Best regards,

DataNibbler

Tags (1)
2 Replies
MVP & Luminary
MVP & Luminary

Re: Data security issue with further rollout of QlikView

You should really get hold of a network security consultant to discuss the options and pro and cons. If you want to secure the network traffic between the branches you could create VPN connections between them. That way all the data going over the VPN will be encrypted. The Access Point can be configured to allow only https requests so the data exchanged between the users browser and the Access Point will be encrypted. You could even use client certificates to add an additional layer of security. Users can be authenticated against an Active Directory so they won't need to use a login screen to access the Access Point. I think that does mean that all the users (from all branches) would have to be part of the same domain, but I could well be wrong. I don't really know enough about this to say for sure.


talk is cheap, supply exceeds demand
datanibbler
Esteemed Contributor

Re: Data security issue with further rollout of QlikView

Hi Gysbert,

that seems very reasonable.

VPN connections do look like a good option.

The entire thing will have to be discussed with our IT.

(I guess that, in the end, it will be like always, ease_of_use and comfortability will trump security, but let's see...)

Thanks a lot!

Best regards,

DataNibbler