7 Replies Latest reply on Jun 18, 2018 2:14 PM by 2819644

    Data Security

    Teresa Modesta




      I have a cost centre and employee dimension.


      There is security applied on the cost centre dimension on a top down basis.


      We do not block users seeing data at the highest level on cost centres.


      All Cost Centres ¬  (read only all security groups)

                                    Regular Cost Centres (inherited security) ¬

                                    Senstive Cost Centres (No Access to most groups)¬



      But the end users want to restrict users viewing employee's salaries in cost centres they do not have access to.


      But because you can view at the highest level, they current can.


      I can see how to solve this by structuring employees under a pseudo-cost centre structure and replicating the security on this layer. But this strikes me as very resource intensive on maintenance, as the organisation restructures regularly.


      Is there any other way to achieve this?