Canadian Crown Corporation: TM1 Security

Attain Insight Security 4X
Canadian Crown Corporation



TM1 security is complex to configure. For large-scale TM1 applications, addressing security reliably across multiple Cubes, Dimensions, Elements, and Memberships is an extraordinary challenge.  Additionally, large organizations are typically required by audit or regulation to assure that key data is secure.

As an example, a Canadian Crown Corporation (CCC) has 200-300 "Contributor Users", with about 75-80 GL accounts used in the planning process and about 180 to 200 expense accounts / RC's.  CCC have manually set up user groups for the RC's in a Cognos TM1 namespace, securing TM1 elements with their corresponding RC groups in the Cognos TM1 namespace. Security for Contributor Users is driven by the security in TM1, including project groupings, comprising selected RC's (which change frequently).

In a typical organization, dedicated BI administrators would be responsible for administering and adding users to groups.  At CCC, as with many organizations, TM1 Administrators are also the BI developers, responsible for moving the organization forward with new projects.  Administering user security removes them from development projects.  Clearly, offloading user administration to the business will improve developer productivity.

However, adding users to groups isn’t always straight forward with TM1, since user changes often require adjustments, such as which costs are part of a group.  Currently, this can only be changed in TM1-- a change that must be administered in the development environment and subsequently republished to production.  Also application administrators and BI developers move-on with new projects, initiatives, and organization changes. Clearly, a much simpler administration process is required for day-to-day operation.

The scenario at CCC is typical for many TM1 implementations.  Fortunately, Attain Insight Security 4X resolves these issues, streamlining security configuration tasks across the entire TM1 environment, enabling administrators to confidently and securely deploy TM1 applications.

Accurate security is critical for financial applications

Security 4X removes the administrative burden of:
a)    applying and managing security in TM1 cubes;
b)    managing security between TM1 environments (development, test and production) etc.;
c)    providing a simply way to do group administration, add / remove groups and change the cost centres in a group;
d)    providing an easy way for the business administrators or SME's to add / remove users to groups;
e)    Providing audit and compliance reporting.

Provable Compliance

Security 4X provides provable compliance regarding key changes to security policies, membership changes, and current security configurations.  All of which are elusive without the right software tools.

Security 4X improves user administration, compliance and BI developer productivity by:
  • Addressing governance policies comprehensively;
  • Addressing ongoing organizational changes;
  • Providing provable compliance;
  • Cost effectively managing security;
  • Providing a repeatable process for implementing security;
  • Enabling audibility of key access points within Cognos;
  • Relieving BI developers of the burden of user administration.