Vista Analytics Best Practices: Don’t Forget Security

When you create Vista Analytics, you decide what data is returned to the person using it. If you are designing analytics for others, make sure that you’ve secured them so they’re only available to the people who should see them. Furthermore, make sure those people can only see the data they should be seeing.

Your first safeguard should be assigning a Vista security option to your analytic. Then, only grant access to that option to the appropriate security group(s). You can either use one of the predefined security options for the different analytics groups (payroll, HR, benefits, etc.), or you can create your own options to enforce stricter controls.

Next, consider securing your analytics parameter inputs (analytics “keywords”). For example, if you have multiple pay companies and different people are only allowed to access specific ones, then define your keyword parameter values using PDS Field Definitions that automatically limit the available choices to those that the current user is allowed to see.

Finally, and most importantly, don’t forget to define your analytics data (your Analytics SQL) to limit the data returned based on the logged-in user. The easiest way to do this it to just incorporate the Vista [SECURE_xxx] markers in your queries, so the system can handle this for you.

This article is part of the Vista Analytics Best Practices series. If you missed our last post, click here to read tips on simplifying your data access. Or, skip ahead to our next post on aesthetics.

Marco Padovani
Senior Development Manager | PDS