Qlik Sense’s security framework is centered on two key aspects – securing data and applications, and user management and access control. It employs a variety of protocols, encryptions, and authentications to ensure the security of data, while access rights and user roles govern who can see what data.
Data Security
Qlik Sense uses several layers of encryption to secure data:
Transport Layer Security (TLS): All communication between Qlik Sense services, and between the client and server, are encrypted using TLS.
Data Encryption at Rest: Data stored within Qlik Sense is encrypted to secure it from unauthorized access. This includes data within QVD (QlikView Data) and QVF (Qlik Sense App) files.
Data in Flight Encryption: Data transferred between Qlik Sense components is encrypted using secure algorithms, ensuring security in transit.
Data in Flight Encryption: Data transferred between Qlik Sense components is encrypted using secure algorithms, ensuring security in transit.
User Management and Access Control
User management in Qlik Sense is governed by a flexible security model that is highly customizable to fit various organizational needs:
Authentication: Qlik Sense supports a variety of authentication methods, including ticket-based authentication, header authentication, and JWT (JSON Web Token) authentication. Single Sign-On (SSO) can also be implemented via third-party security systems.
Authorization and Access Rights: Qlik Sense uses a granular, attribute-based access control model, known as Security Rules. Security Rules can be set on resources like apps, streams, and data connections, allowing highly granular control over who can access what.
Authorization and Access Rights: Qlik Sense uses a granular, attribute-based access control model, known as Security Rules. Security Rules can be set on resources like apps, streams, and data connections, allowing highly granular control over who can access what.
Access Rights Delimitation in Qlik Sense
Qlik Sense’s flexible access rights delimitation is based on its Security Rules framework. Here’s a deeper look:
User Roles: Qlik Sense defines several built-in roles, such as RootAdmin, ContentAdmin, and SecurityAdmin, each with its own predefined set of access rights. These roles can be assigned to users or groups.
Custom Rules: Beyond the predefined roles, Qlik Sense allows the creation of custom security rules. These rules can be defined based on user attributes and can control access to various resources.
Dynamic Data Reduction: Also known as Section Access, this feature allows the data within an application to be reduced based on user attributes. This way, even within a single application, different users can see different sets of data based on their access rights.
License Management: Qlik Sense also allows control over access to resources based on licenses. The type of license assigned to a user can determine the features and resources they have access to.
In summary, Qlik Sense offers a comprehensive security framework, ensuring that your data is well-protected while still providing the flexibility you need in managing access rights. By combining strong encryption, versatile user management, and customizable access rights delimitation, Qlik Sense gives you control over your data’s security and accessibility.