The Reporting and Analysis approach to data security is server based. Both the Interactive Reporting Web Client and EPM Workspace are designed to fully implement a secure data access platform. The non-server based clients do not participate in this security mechanism. Users of Interactive Reporting Studio need access beyond that of most users to effectively create the dashboards, and analytic reports required by the majority of the data consumers. In addition, the security information can be placed in a centralized location for the servers (the repository). For the desktop clients, it would in some cases need to be dispersed to multiple databases and maintained separately.
To effectively control access, the servers key off the user’s identification when connecting to it. This is the user’s logon name, used to establish a session with the Reporting and Analysis services.
Beyond this user name, the servers make no assumptions about the user’s place within the organization. A security system can be built entirely independent of any existing grouping of users. New groupings can be defined in lieu of existing ones. This is especially important where groups were not defined with data security as a primary goal. Row‑level security can also take full advantage of the existing structures where data security was built into the user and group structure. In many cases, row‑level security will work within existing database role definitions and third-party software security systems.