Security Reports

Download the security reports to assess data security and determine which areas of the solution a user can access.

Overview

We recommend that you conduct regular audits of your permissions to ensure your data security is configured correctly. You can download the following security reports to help you assess your data security and determine which areas of the solution your users can access:

Permission Definitions: Examine your security definitions and see how your permissions have been configured in detail.
User Permission Report: See which permissions have been assigned to each user.
Data Security Report: Examine the populations and properties that a user has access to in detail.
Content Security Report: See the metrics, dimensions, and concepts that are visible or not visible for the user.
Security Impact Report: Examine how the security changes you made in the project change a user's access.

Tip: Create a pivot table to analyze the data included in the security reports.

Permissions Definition

Download the Permissions Definition to examine your security definitions in detail. Although you can't directly see what data a specific user has access to from this report, you can still get a detailed understanding of the data and property values that are accessible across each permission.

Note: This feature is also available through Visier's public APIs. For more information, see Users API.

In a project, on the navigation bar, click Security > Permissions.
Click Download Permissions in the upper-right corner of the Permissions room.
Result: The report is generated as an .xlsx file and automatically begins downloading.

The report contains the following tabs and information:

Permission Summary Profiles

Breakdown of the analytic object and property access for each permission.

Column	Description
Permission Display Name	The name of the permission.
Permission Description	An optional statement that explains what the permission is and how to use it.
Analytic Object Type	Analytic object types include subject, event, overlay, and related object.
Parent Analytic Object Name	The name of the subject that an event is associated with. This column is only populated when the permission defines data security for an event or related object.
Analytic Object Name	The name of the subject, event, overlay, or related object that data security is being defined for.
Inherited Unique Population Access	The population access inherited from the subject listed in the Parent Analytic Object Name column.
Inherited Shareable Population Access	The population access inherited from the subject listed in the Parent Analytic Object Name column. This column is populated when the population access for the Parent Analytic Object is set using a saved security filter.
Custom Unique Population Access	The population access that is manually set.
Custom Shareable Population Access	The population access that is manually set using a saved security filter.
Path to Property	The subject reference path that shows how two analytic objects are linked.
Shareable Property Set Name	The name of the data access set used in the permission.
Property	The name of the property that data security is being defined for.
Has Data	Shows whether or not data has been loaded for the property. 1 indicates Yes/True and 0 indicates No/False.
Access Level	The level of access granted to the property and property values. 0 indicates None, 1 indicates Aggregate, and 2 indicates Detailed.
Full Access	Indicates whether full access to all data is granted by the permission. 1 indicates Yes/True and 0 indicates No/False.

Capability Profiles

Breakdown of the capability access for each permission.

Column	Description
Permission Display Name	The name of the permission.
Permission Description	An optional statement that explains what the permission is and how to use it.
Capability	The name of the capability.
Has Access	Indicates whether access to the capability is granted by the permission. 1 indicates Yes/True and 0 indicates No/False.
Full Access	Indicates whether access to all capabilities is granted by the permission. Indicates whether full access to all data is granted by the permission. 1 indicates Yes/True and 0 indicates No/False.

Content Packages

Visibility settings for analyses, metrics, dimensions, and key groups for each content package. See a list of permissions where the content package is currently being used.

Column	Description
Permission Display Name	The name of the permission.
Permission Description	An optional statement that explains what the permission is and how to use it.
Content Package Name	The name of the content package.
Visier Blueprint	Indicates whether the analysis is provided by Visier. 1 indicates Yes/True and 0 indicates No/False.
Content Type	Content types include analysis, dimension, key group, and metric.
Content Name	The display name of the content.
Object Name	The unique identifier of the content.
Enabled/Visible	Indicates whether the content is available in Guidebook or Explore. 1 indicates Yes/True and 0 indicates No/False.
FilterBy	Indicates whether the dimension or key group can be used to filter data in Explore. 1 indicates Yes/True and 0 indicates No/False.
GroupBy	Indicates whether the dimension or key group can be used to group data in Explore. 1 indicates Yes/True and 0 indicates No/False.
Excluded Paths	The hidden subject reference paths for the dimension or key group. A subject reference is a link between two analytic objects. Hiding paths will reduce the number of attributes that can be used to filter and group by. For example, if the path Requisition > Hiring Manager is excluded for the Age dimension, users will not be able to filter or group data by the Hiring Manager's age when analyzing a Requisition metric.

Data Access Sets

Breakdown of the property access for each saved data access set. Includes a list of permissions where each saved data access set is currently being used. Good for auditing data access set usage.

Column	Description
Analytic Object Type	Analytic object types include subject, event, overlay, and related object.
Data Access Set Object	The name of the subject.
Data Access Child Object	The name of events and related objects associated with the subject listed in the Data Access Set Object column.
Shareable Property Set Name	The name of the property set.
Path to Property	The subject reference path that shows how two analytic objects are linked.
Property	The name of the property that data security is being defined for.
Has Data	Shows whether or not data has been loaded for the property. 1 indicates Yes/True and 0 indicates No/False.
Access Level	The level of access granted to the property and property values. 0 indicates None, 1 indicates Aggregate, and 2 indicates Detailed.
Number of Permissions Using	The total number of permissions using the data set.
Permission List	The name of the permissions where the data set is being used.

Security Filters

Breakdown of member filters defined for each saved security filter. Includes a list of permissions where each security filter is currently being used.

Column	Description
Filter Display Name	The name of the security filter.
Analytic Object Name	The name of the subject, event, overlay, or related object that data security is being defined for.
Hierarchy/Dimension	The name of the hierarchy or dimension which the security filter is based.
Path	Shows the link between the analytic objects.
Member	For member filters, this column shows the attribute values that define the population. For dynamic filters, this column shows the mapping between the user attribute and a property in your data.
Is Dynamic	Indicates whether the security filter is a dynamic filter. 1 indicates Yes/True and 0 indicates No/False.
Included	Indicates whether access is granted to the attribute values listed in the Member column. This column is only populated if a member filter is used. 1 indicates Yes/True and 0 indicates No/False.
Number of Permissions Using	The total number of permissions using the security filter.
Permission List	The name of the permissions where the security filter is being used.

User Permission Report

Download the User Permission Report to get a summary of the permissions your users have been assigned and see how each permission is being used across your user base.

Note: This feature is also available through Visier's public APIs. For more information, see Users API.

To download the User Permission Report:

Do one of the following:
Option Do this
In the global workspace
On the global navigation bar, click Tenant, and then click the Users tab.
In a project
On the navigation bar, click Security > Users.
Click the More button > User Permission Report in the upper-right corner of the Users room.
Result: The report is generated as an .xlsx file and automatically begins downloading.

Option	Do this
In the global workspace	On the global navigation bar, click Tenant, and then click the Users tab.
In a project	On the navigation bar, click Security > Users.

The report contains the following tabs and information:

User Permissions

Breakdown of the permissions assigned to each user.

Column	Description
Username	The email of the user.
Name	The full name of the user.
Permission Display Name	The name of the permission.
User Group	The name of the User Group where the data access comes from. Assigned Directly indicates that data access was granted through an assigned permission and not through the membership in a User Group.
Full Access	Indicates whether full access to all data is granted by the permission. 1 indicates Yes/True and 0 indicates No/False.

Permission Usage

Breakdown of the permissions and the number of users and User Groups that have been assigned to each permission.

Column	Description
Permission Display Name	The name of the permission.
Users Using Permission	The total number of users assigned this permission.
User Groups Using Permission	The total number of User Groups using this permission.

Data Security Report

Download the Data Security Report for a specific user to see which populations and properties they have access to as a result of the permissions assigned to them.

Note: This feature is also available through Visier's public APIs. For more information, see Users API.

To download the Data Security Report:

Do one of the following:
Option Do this
In the global workspace
On the global navigation bar, click Tenant, and then click the Users tab.
In a project
On the navigation bar, click Security > Users.
Select a user in the Users list.
Click the Download Data Security Report in the User Details area.
Result: The report is generated as an .xlsx file and automatically begins downloading.

Option	Do this
In the global workspace	On the global navigation bar, click Tenant, and then click the Users tab.
In a project	On the navigation bar, click Security > Users.

The report contains the following tabs and information:

User Properties

Breakdown of the properties and population a user has access to. Includes a list of permissions that allows you to identify where the access comes from.

Column	Description
Username	The email of the user.
Name	The full name of the user.
Property	The name of the property that data security is being defined for.
Access Level	The level of access granted to the property and property values. 0 indicates None, 1 indicates Aggregate, and 2 indicates Detailed.
Analytic Object Name	The name of the subject, event, overlay, or related object that data security is being defined for.
Parent Analytic Object Name	The name of the subject that an event is associated with. This column is only populated when the permission defines data security for an event or related object.
Path to Property	The subject reference path that shows how two analytic objects are linked.
Population Access	The population of the analytic object that can be accessed.
Permission Display Name	The name of the permission where the data access is defined.
User Group	The name of the User Group where the data access comes from. Assigned Directly indicates that data access was granted through an assigned permission and not through the membership in a User Group.

Content Security Report

Download the Content Security Report for a specific user to see which metrics, dimensions, and concepts are visible or invisible as result of the permissions assigned to them.

To download the Content Security Report:

Do one of the following:
Option Do this
In the global workspace
On the global navigation bar, click Tenant, and then click the Users tab.
In a project
On the navigation bar, click Security > Users.
Select a user in the Users list.
Click the Download Content Security Report in the User Details area.
Result: The report is generated as an .xlsx file and automatically begins downloading.

Option	Do this
In the global workspace	On the global navigation bar, click Tenant, and then click the Users tab.
In a project	On the navigation bar, click Security > Users.

The report contains the following tabs:

Metrics Access
Dimensions Access
Concepts Access

Each tab contains the following information:

Column	Description
Symbol Name	The unique object name of the object.
Display Name	The display name of the object.
Overall Visible in App	Whether or not the object is visible to the user. For this value to be true, the following columns must also be true: Flagged as Visible Visible by Content Package Data Loaded Data Accessible You can filter this column to "false" to view all the invisible objects for the user.
Flagged as Visible	Whether or not the toggle "Visible in Analytics" is on or off for the object. You can filter this column to "false" to view all the objects that are not flagged as visible in the solution.
Visible by Content Package	Whether or not the object is made visible due to its assignment to a Content Package. You can filter this column to "false" to view all the objects that are not visible through a Content Package.
Data Loaded	Whether or not the object has data loaded. You can filter this column to "false" to view all the objects that do not have data.
Data Accessible	Whether or not the user can access the data for the object. For this value to be true, the Property Data Accessible column must be true for all its data properties. You can filter this column to "false" to view all the objects that the user does not have permission to access.
Property Symbol Name	The unique object name of the data property.
Property Display Name	The display name of the data property.
Property Data Loaded	Whether or not the property has data loaded.
Property Data Accessible	Whether or not the user can access the data for the property.

Security Impact Report

Download the Security Impact Report for a specific user after making security changes in a project to see which metrics, dimensions, concepts, and properties the user will lose or gain access to as result of the project changes.

To download the Security Impact Report:

In a project after making security changes, on the navigation bar, click Home.
In the upper-right corner, click the More button > Download Security Impact Report.
In the Download Security Impact Report dialog, hover over the user whose report you want to download.
In the Actions menu, click the Download Report button .
Result: The report is generated as an .xlsx file and automatically begins downloading.

The report contains the following tabs:

Metrics
Dimensions
Concepts
Properties

Each tab contains the following information:

Column	Description
Username	The user's Visier username.
Name	The full name of the user.
Content Name	The name of the content that the security access is defined for.
Production Access Level	The level of access granted to the user in production.
Project Access Level	The level of access granted to the user as a result of the security changes in the project. If you publish the project to production, the project access level replaces the production access level.