SlideShare a Scribd company logo

IBM Cognos 10.2 Security Best Practices

PerformanceG2, Inc. , profile picture
PerformanceG2, Inc.

The document discusses IBM Cognos security best practices. It begins with an overview of Cognos security concepts like authentication, authorization, namespaces and the Cognos Application Firewall. It then lists several best practices for securing a Cognos implementation, such as disabling anonymous access, removing default permissions, and thoroughly testing user access. The document also provides examples of different permission levels and how they control user actions in the Cognos system.

TechnologyNews & Politics
Related topics:
Performance Management Business IntelligenceBusiness Analytics
1 of 11
1
2
3
4
5
6
7
8
9
10
11
IBM Cognos® Security Best Practices   Wisconsin User Group, March 2014 Kirk Wiseman PerformanceG2, Inc.
Agenda !   Authentication versus Authorization !   Overview Cognos Security !   Best Practices !   Questions
Authentication vs Authorization !    Cognos  security  is  based  on  authen2ca2on  and  authoriza2on   !    Authen2ca2on  -­‐-­‐    You  are  who  you  say  you  are.   !    Authoriza2on  –  What  you  can  or  cannot  do.   !    Authen2ca2on  is  handled  by  a  3rd  party  security  tool  such  as  Ac2ve  Directory  LDAP  or    OpenLDAP   !    Authoriza2on  is  handled  through  Cognos  using  groups,  roles,  capabili2es  and    permissions    
Cognos Security Overview !    Namespaces   !    External  Authen2ca2on  providers  are  set  up  as  namespaces  in  Cognos   !    Cognos  Namespace     !  A  built-­‐in  namespace  that  provides  pre-­‐defined  security  entries,  including:    groups,  roles,  data  sources,  distribu2on  lists  and  contacts   !    Cannot  be  deleted   !    Cognos  groups  and  roles  are  op2onal   !    Cognos  Applica2on  Firewall  (CAF)   !    Acts  as  a  smart  proxy  for  the  gateways  and  dispatchers   !    Analyses,  Modifies  and  validates  HTTP  and  XML  requests   !    Prevents  Malicious  code  from  being  inserted   !    Turned  on  by  default  –  LEAVE  IT  ON!    
Cognos Security Best Practices !    Immediately  aVer  install  and  configura2on:   !  Turn  off  anonymous  access  and  enable  an  external  authen2ca2on  provider   !    Add  at  least  two  groups  of  administrators  to  the  Cognos  System  Administrator    group.   !    Remove  the  Cognos  Everyone  Group  from  Everything   !    Plan  your  security  sooner  rather  than  later   !    Plan  it  out  on  paper,  excel,  etc.  first   !    Decide  whether  you  are  going  to  u2lize  the  op2onal  Cognos  Groups  and  Roles,  Your    Authen2ca2on  provider’s  groups  or  a  combina2on  of  both.   !    Set  up  capabili2es  early   !    Create  your  folder  structure  early  and  set  permissions  using  allow   !    Use  DENY  sparingly,  if  at  all!!     !      Set  up  test  users  and  test  each  and  every  scenario.    
Cognos Security Best Practices !    If  se]ng  up  Single  Sign-­‐on  do  it  aVer  all  other  tes2ng  has  been  accomplished   !    If  access  is  to  be  given  outside  of  the  company’s  firewall  then  set  up  SSL   !    Set  the  Valid  domains  op2on   !    Maintain  a  security  process  document  for  your  organiza2on  
A little bit about Permissions !    Read   !    View  all  proper2es  of  an  entry,  including  report  specs,  report  output,  etc.   !    Write   !    Modify  proper2es  of  a  report   !    Delete  an  entry   !    Create  entries   !    Modify  reports   !    Create  new  outputs   !    Execute   !    Reports,  agents,  etc  can  be  run.       !    Data  Sources  can  retrieve  data.   !    Set  Policy   !    Read  and  modify  security  se]ngs   !    Traverse   !  The  ability  to  see  through  an  object  to  its  children.      
Permission Examples Ac#on   Permissions  Required   Add  an  entry   Write  permissions  for  a  parent  entry   Query  the  entry  proper#es   Read  permissions  for  an  entry   View  the  children  of  the  entry   Traverse  permissions  for  an  entry   Update  an  entry   Write  permissions  for  an  entry   Delete  an  entry   Write  permissions  for  an  entry,  and  write  permissions  for  a   parent  entry   Copy  an  entry   Read  permissions  for  an  entry  and  any  child  entries,  traverse   permissions  for  all  of  the  children,  and  write  and  traverse   permissions  for  the  target  parent  entry   Move  an  entry   Read  and  write  permissions  for  an  entry,  write  permissions   for  both  the  source  parent  entry  and  the  target  parent  entry,   and  traverse  permissions  for  the  target  parent  entry  
9/2/09   Questions?
Connect with us !  Call us: 877.742.4276 !    Email us: training@performanceg2.com, info@performanceg2.com !    Visit our web site: performanceg2.com !    Watch our Cognos videos at: youtube.com/performanceg2 !    Follow us: twitter.com/performanceg2 !    Read our blog !    Upcoming events !  Upcoming training
Thank you for attending! training@performanceg2.com  

More Related Content

PDF
Andriod Pentesting and Malware Analysis
n|u - The Open Security Community
 
PPTX
Android pen test basics
OWASPKerala
 
PPTX
3. backup file artifacts - mazin ahmed
Rashid Khatmey
 
PPTX
Pentesting Android Apps
Abdelhamid Limami
 
PPTX
Web application Security tools
Nico Penaredondo
 
PPTX
Presentation on Top 10 Vulnerabilities in Web Application
Md Mahfuzur Rahman
 
PDF
Penetration testing web application web application (in) security
Nahidul Kibria
 
PDF
WordPress Security Best Practices
Jason Yingling
 
Andriod Pentesting and Malware Analysis
n|u - The Open Security Community
 
Android pen test basics
OWASPKerala
 
3. backup file artifacts - mazin ahmed
Rashid Khatmey
 
Pentesting Android Apps
Abdelhamid Limami
 
Web application Security tools
Nico Penaredondo
 
Presentation on Top 10 Vulnerabilities in Web Application
Md Mahfuzur Rahman
 
Penetration testing web application web application (in) security
Nahidul Kibria
 
WordPress Security Best Practices
Jason Yingling
 

What's hot (20)

PPTX
2 . web app s canners
Rashid Khatmey
 
PPTX
4 . future uni presentation
Rashid Khatmey
 
PDF
Android Security & Penetration Testing
Subho Halder
 
PDF
Owasp top 10 web application security hazards part 2
Abhinav Sejpal
 
PPTX
Web application security: Threats & Countermeasures
Aung Thu Rha Hein
 
PDF
Identity theft: Developers are key - JFokus 2017
Brian Vermeer
 
PPTX
Bypass Security Checking with Frida
Satria Ady Pradana
 
PDF
My Null Android Penetration Session
Avinash Sinha
 
PPTX
Web tools ppt
Tamara Pia Agavi
 
PPTX
From Reversing to Exploitation
Satria Ady Pradana
 
PDF
Web application security & Testing
Deepu S Nath
 
PDF
Web App Security Presentation by Ryan Holland - 05-31-2017
TriNimbus
 
PDF
Attacking android insecurity
Godfrey Nolan
 
PPTX
Pentesting Android Applications
Cláudio André
 
PDF
Owasp top 10 web application security hazards - Part 1
Abhinav Sejpal
 
PDF
10 Mistakes Hackers Want You to Make
Joe Kutner
 
PDF
Bulletproof
Godfrey Nolan
 
PPT
Using Proxies To Secure Applications And More
Josh Sokol
 
PPTX
[Wroclaw #1] Android Security Workshop
OWASP
 
PDF
Intro to Wordpress Security
Chris Dodds
 
2 . web app s canners
Rashid Khatmey
 
4 . future uni presentation
Rashid Khatmey
 
Android Security & Penetration Testing
Subho Halder
 
Owasp top 10 web application security hazards part 2
Abhinav Sejpal
 
Web application security: Threats & Countermeasures
Aung Thu Rha Hein
 
Identity theft: Developers are key - JFokus 2017
Brian Vermeer
 
Bypass Security Checking with Frida
Satria Ady Pradana
 
My Null Android Penetration Session
Avinash Sinha
 
Web tools ppt
Tamara Pia Agavi
 
From Reversing to Exploitation
Satria Ady Pradana
 
Web application security & Testing
Deepu S Nath
 
Web App Security Presentation by Ryan Holland - 05-31-2017
TriNimbus
 
Attacking android insecurity
Godfrey Nolan
 
Pentesting Android Applications
Cláudio André
 
Owasp top 10 web application security hazards - Part 1
Abhinav Sejpal
 
10 Mistakes Hackers Want You to Make
Joe Kutner
 
Bulletproof
Godfrey Nolan
 
Using Proxies To Secure Applications And More
Josh Sokol
 
[Wroclaw #1] Android Security Workshop
OWASP
 
Intro to Wordpress Security
Chris Dodds
 
Ad

Similar to IBM Cognos 10.2 Security Best Practices (20)

PDF
Ibm cognos bi administrator
bispsolutions
 
PDF
Ibm cognos-administration
Amit Sharma
 
PDF
Cognos 11 installation step by step and notes
Carlos Castro Rodríguez
 
DOCX
Business intelligence Cognos Workspace Advance step by step guide
bilal khan
 
PDF
Installing IBM Cognos 10: Tips and Tricks from the Trenches
Senturus
 
PDF
The Benefits of Upgrading
Anthony D'Ugo
 
PPTX
Lawson Security
Nogalis Inc
 
DOCX
Ibm cognos to the next level
Kumaran Pillai
 
PPTX
Cognos Performance Inteligencia de negfocios
ericklozada6
 
PDF
Automating Security Management in PBCS!
Dayalan Punniyamoorthy
 
PDF
Cognos
Srinivas - SAP Consultant
 
PPT
Business intelligent
Migrant Systems
 
PDF
The Dangers of Elevated IBM i Authorities and How to Manage Them
Precisely
 
PPTX
Admin Features Upgraded in Cognos 11.1
Senturus
 
PDF
Privileged Access Control & Task Automation: A Win Double of Security and Bus...
Digital Transformation EXPO Event Series
 
DOC
cognos_1
rao dpr
 
PPTX
Rohan s w2 - top 5 tools that help in monitoring compliance for pci dss and...
Rohan Singh
 
PDF
Cognos
mca_chandu
 
PPT
LUG 4 8 10
higdonla
 
PPTX
Week Topic Code Access vs Event Based.pptx
ArjayBalberan1
 
Ibm cognos bi administrator
bispsolutions
 
Ibm cognos-administration
Amit Sharma
 
Cognos 11 installation step by step and notes
Carlos Castro Rodríguez
 
Business intelligence Cognos Workspace Advance step by step guide
bilal khan
 
Installing IBM Cognos 10: Tips and Tricks from the Trenches
Senturus
 
The Benefits of Upgrading
Anthony D'Ugo
 
Lawson Security
Nogalis Inc
 
Ibm cognos to the next level
Kumaran Pillai
 
Cognos Performance Inteligencia de negfocios
ericklozada6
 
Automating Security Management in PBCS!
Dayalan Punniyamoorthy
 
Cognos
Srinivas - SAP Consultant
 
Business intelligent
Migrant Systems
 
The Dangers of Elevated IBM i Authorities and How to Manage Them
Precisely
 
Admin Features Upgraded in Cognos 11.1
Senturus
 
Privileged Access Control & Task Automation: A Win Double of Security and Bus...
Digital Transformation EXPO Event Series
 
cognos_1
rao dpr
 
Rohan s w2 - top 5 tools that help in monitoring compliance for pci dss and...
Rohan Singh
 
Cognos
mca_chandu
 
LUG 4 8 10
higdonla
 
Week Topic Code Access vs Event Based.pptx
ArjayBalberan1
 
Ad

More from PerformanceG2, Inc. (14)

PDF
Introduction to Simulation- Predictive Analytics
PerformanceG2, Inc.
 
PDF
Predictive Analytics Modeling
PerformanceG2, Inc.
 
PDF
An Introduction to Predictive Analytics- An Executive's Guide for Informed De...
PerformanceG2, Inc.
 
PDF
IBM Cognos Insight the Book - An In Depth Presenation by Author Sanjeev Datta
PerformanceG2, Inc.
 
PDF
IBM Cognos 10 - An Introduction
PerformanceG2, Inc.
 
PDF
Business Intelligence for Government - Clark County Family Services Departmen...
PerformanceG2, Inc.
 
PDF
PerformanceG2 Company Profile
PerformanceG2, Inc.
 
PDF
PerformanceG2 Cognos Training Course Catalog 2011
PerformanceG2, Inc.
 
PDF
Performance Management: An Investment in Enterprise Success
PerformanceG2, Inc.
 
PDF
PG2 Multi Dimensional Reporting using Report Studio
PerformanceG2, Inc.
 
PDF
Cognos TM1 for Advanced Users
PerformanceG2, Inc.
 
PDF
PG2 Cognos Express 101
PerformanceG2, Inc.
 
PDF
PG2 Cognos TM1: An Introduction to Design, Maintenance and Performance Tuning
PerformanceG2, Inc.
 
PDF
PG2 Creating Effective Dashboards In Cognos 8
PerformanceG2, Inc.
 
Introduction to Simulation- Predictive Analytics
PerformanceG2, Inc.
 
Predictive Analytics Modeling
PerformanceG2, Inc.
 
An Introduction to Predictive Analytics- An Executive's Guide for Informed De...
PerformanceG2, Inc.
 
IBM Cognos Insight the Book - An In Depth Presenation by Author Sanjeev Datta
PerformanceG2, Inc.
 
IBM Cognos 10 - An Introduction
PerformanceG2, Inc.
 
Business Intelligence for Government - Clark County Family Services Departmen...
PerformanceG2, Inc.
 
PerformanceG2 Company Profile
PerformanceG2, Inc.
 
PerformanceG2 Cognos Training Course Catalog 2011
PerformanceG2, Inc.
 
Performance Management: An Investment in Enterprise Success
PerformanceG2, Inc.
 
PG2 Multi Dimensional Reporting using Report Studio
PerformanceG2, Inc.
 
Cognos TM1 for Advanced Users
PerformanceG2, Inc.
 
PG2 Cognos Express 101
PerformanceG2, Inc.
 
PG2 Cognos TM1: An Introduction to Design, Maintenance and Performance Tuning
PerformanceG2, Inc.
 
PG2 Creating Effective Dashboards In Cognos 8
PerformanceG2, Inc.
 

Recently uploaded (20)

PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
PPTX
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
PPTX
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
PDF
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PDF
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
PPTX
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
PPTX
Spectroscopy.pptx food analysis technology
nawahassan45
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PDF
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
PPT
Teaching material agriculture food technology
LiaRayya
 
PPTX
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
Spectroscopy.pptx food analysis technology
nawahassan45
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
Teaching material agriculture food technology
LiaRayya
 
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 

IBM Cognos 10.2 Security Best Practices

  • 1. IBM Cognos® Security Best Practices   Wisconsin User Group, March 2014 Kirk Wiseman PerformanceG2, Inc.
  • 2. Agenda !   Authentication versus Authorization !   Overview Cognos Security !   Best Practices !   Questions
  • 3. Authentication vs Authorization !    Cognos  security  is  based  on  authen2ca2on  and  authoriza2on   !    Authen2ca2on  -­‐-­‐    You  are  who  you  say  you  are.   !    Authoriza2on  –  What  you  can  or  cannot  do.   !    Authen2ca2on  is  handled  by  a  3rd  party  security  tool  such  as  Ac2ve  Directory  LDAP  or    OpenLDAP   !    Authoriza2on  is  handled  through  Cognos  using  groups,  roles,  capabili2es  and    permissions    
  • 4. Cognos Security Overview !    Namespaces   !    External  Authen2ca2on  providers  are  set  up  as  namespaces  in  Cognos   !    Cognos  Namespace     !  A  built-­‐in  namespace  that  provides  pre-­‐defined  security  entries,  including:    groups,  roles,  data  sources,  distribu2on  lists  and  contacts   !    Cannot  be  deleted   !    Cognos  groups  and  roles  are  op2onal   !    Cognos  Applica2on  Firewall  (CAF)   !    Acts  as  a  smart  proxy  for  the  gateways  and  dispatchers   !    Analyses,  Modifies  and  validates  HTTP  and  XML  requests   !    Prevents  Malicious  code  from  being  inserted   !    Turned  on  by  default  –  LEAVE  IT  ON!    
  • 5. Cognos Security Best Practices !    Immediately  aVer  install  and  configura2on:   !  Turn  off  anonymous  access  and  enable  an  external  authen2ca2on  provider   !    Add  at  least  two  groups  of  administrators  to  the  Cognos  System  Administrator    group.   !    Remove  the  Cognos  Everyone  Group  from  Everything   !    Plan  your  security  sooner  rather  than  later   !    Plan  it  out  on  paper,  excel,  etc.  first   !    Decide  whether  you  are  going  to  u2lize  the  op2onal  Cognos  Groups  and  Roles,  Your    Authen2ca2on  provider’s  groups  or  a  combina2on  of  both.   !    Set  up  capabili2es  early   !    Create  your  folder  structure  early  and  set  permissions  using  allow   !    Use  DENY  sparingly,  if  at  all!!     !      Set  up  test  users  and  test  each  and  every  scenario.    
  • 6. Cognos Security Best Practices !    If  se]ng  up  Single  Sign-­‐on  do  it  aVer  all  other  tes2ng  has  been  accomplished   !    If  access  is  to  be  given  outside  of  the  company’s  firewall  then  set  up  SSL   !    Set  the  Valid  domains  op2on   !    Maintain  a  security  process  document  for  your  organiza2on  
  • 7. A little bit about Permissions !    Read   !    View  all  proper2es  of  an  entry,  including  report  specs,  report  output,  etc.   !    Write   !    Modify  proper2es  of  a  report   !    Delete  an  entry   !    Create  entries   !    Modify  reports   !    Create  new  outputs   !    Execute   !    Reports,  agents,  etc  can  be  run.       !    Data  Sources  can  retrieve  data.   !    Set  Policy   !    Read  and  modify  security  se]ngs   !    Traverse   !  The  ability  to  see  through  an  object  to  its  children.      
  • 8. Permission Examples Ac#on   Permissions  Required   Add  an  entry   Write  permissions  for  a  parent  entry   Query  the  entry  proper#es   Read  permissions  for  an  entry   View  the  children  of  the  entry   Traverse  permissions  for  an  entry   Update  an  entry   Write  permissions  for  an  entry   Delete  an  entry   Write  permissions  for  an  entry,  and  write  permissions  for  a   parent  entry   Copy  an  entry   Read  permissions  for  an  entry  and  any  child  entries,  traverse   permissions  for  all  of  the  children,  and  write  and  traverse   permissions  for  the  target  parent  entry   Move  an  entry   Read  and  write  permissions  for  an  entry,  write  permissions   for  both  the  source  parent  entry  and  the  target  parent  entry,   and  traverse  permissions  for  the  target  parent  entry  
  • 10. Connect with us !  Call us: 877.742.4276 !    Email us: training@performanceg2.com, info@performanceg2.com !    Visit our web site: performanceg2.com !    Watch our Cognos videos at: youtube.com/performanceg2 !    Follow us: twitter.com/performanceg2 !    Read our blog !    Upcoming events !  Upcoming training
  • 11. Thank you for attending! training@performanceg2.com