Today’s enterprise class systems need to provide robust security in order to meet the varied and dynamic needs of modern organizations. A system that starts at the departmental level with no data security may suddenly need to be deployed globally with strict and maintainable row- level security. An internal, intranet based analytic application may need to be shared externally with partners or even customers in order to grow or sustain business. For this reason, organizations of any size should seek a Business Intelligence platform vendor that easily meets their security needs with easy to deploy, easy to grow, worry free applications.
As an enterprise Business Intelligence Platform, Tableau Server provides comprehensive and robust solutions for all aspects of security. Tableau balances a variety of sophisticated security requirements with ease of use and ease of implementation. The result is a solution that is quick and easy to deploy, while requiring zero customization, scripting or coding in Tableau Desktop or Tableau Server.
There are 4 main components to enterprise applicationsecurity:
- Authentication – Access Security
- Permissions – Object Security
- Data – Data Security
- Network – Transmission Security
Together, these capabilities provide a complete security package that allows a single report or dashboard to serve the needs of a broad and diverse user base, whether internal to your organization or external on the Internet.
Tableau Server has what it takes to fulfill your Business Intelligence needs while delivering the highest security. Tableau Server has passed the stringent security requirements of customers in the financial services, government, and higher education sectors. Banks and investment firms deliver sensitive investment information directly to their clients. Colleges and Universities leverage Tableau Server to deliver personalized reports directly to students and faculty. Tableau Server is deployed by all branches of the military and other government agencies. The rest of this document describes how the n-tier Tableau Server provides comprehensive security.
Authentication - Access Security
The first level of security is to establish the user’s identity. This is done to prevent unauthorized access and to personalize each user’s experience. This process is typically referred to as ‘authentication’. It should not be confused with ‘authorization’ which is covered in the section titled ‘Permissions – Object Security’. Tableau Server supports 3 types of authentication : Active Directory, Local, and Trusted in addition to an option to allow anonymous (un-authenticated) access to the system.
For all authentication methods, Tableau Server ensures the security of credentials – even if SSL is not enabled. For more details see the Network – Transmission Security section of this document.
Like most modern systems, Tableau Server provides a personalized experience for users. For example, users can save changes to views, set defaults and add comments. Publishers can construct views that restrict data based on a user’s identity. For this reason, Tableau Server must retain information about a user so the personalized experience is repeatable. Tableau does
this by creating an account for each named user of the system.
When customers choose to use Active Directory for authentication, all usernames and passwords are managed by Active Directory. Tableau passes credentials to the Active Directory server, but it does not participate in the authentication process. Tableau supports the ability to automatically login users based on their current windows credentials (the credentials
they used to login to the machine they are using). Note that this means that the user’s credentials are being passed from their local machine, not from another system or portal that they may have logged in to.
For example, if a user logs into their local machine as ‘MSmith’ and then logs into a SharePoint portal as ‘Mary’, the credentials passed to the Tableau Server will be for ‘MSmith’. In order to use the credentials from the SharePoint site (‘Mary’) for automatic login, the SharePoint portal must use the Tableau web part with Trusted Authentication.
Even though users and groups are managed by Active Directory, Tableau stores usernames and groups in its repository. Tableau does not store passwords when configured for Active Directory authentication. Users and groups can be synchronized with active directory either manually by an administrator or programmatically using the Tabcommand (Tabcmd) client.
Tableau Server provides a built-in user management and authentication service called Local Authentication for organizations not using Active Directory or when deploying externally. When using Local Authentication, the Tableau Server is responsible for managing users, groups, passwords and the entire authentication process. User lists can easily be imported to the
Tableau Server and most user management functions can be performed programmatically via Tabcmd. This means that provisioning Tableau users can be part of your automated provisioning process. Users can either manually login by entering their credentials when prompted or, when accessing content in a portal, via transparent Trusted Authentication.
Tableau enables a simple and robust mechanism for external authentication that requires zero customizations to Tableau called Trusted Authentication. This method is far easier to implement than the complex and fragile Single Sign On (SSO) integrations. Trusted authentication simply means that you have set up a trusted relationship between Tableau Server and one or more web servers. For example, you may have your corporate wiki use Trusted Authentication to show dashboards to employees already signed onto the wiki, without requiring another sign on. When Tableau Server receives requests from these trusted web servers it assumes that the web server has already handled whatever authentication is necessary. The Tableau Server simply receives the request with a redeemable token or ticket and presents the user with a personalized view which takes into consideration the user’s role, permissions and data restrictions.
To prevent invalid requests for tickets, The Tableau Server only accepts requests for tickets from trusted
IP addresses. The request simply includes the username that has already been authenticated by the trusted system – this means that tickets will only be issued for licensed users. Each ticket can only be redeemed once by a web browser. And, that ticket
must be redeemed within a specified amount of time. By default tickets are only valid for navigating to views. This prevents users from navigating to other parts of the Tableau Server such as content listings and administration. All errors in this process will receive the same return code value of -1. This makes it even more difficult for untrusted systems to retrieve a ticket.
For deployments behind the firewall these measures are typically enough to provide adequate security. Many customers have found this mechanism to be so secure that they are comfortable disabling the limitation of tickets to only access Views. These
customers choose to implement Tableau’s unrestricted tickets capability. This allows their users to navigate through all the content they have access to during a session.
For external deployments or where security requirements are high, an additional restriction can be added to tickets: they can be redeemed only by a specified IP address. This means that the request for a ticket from the trusted web server must include the IP address of the client (web browser). The Tableau Server will consider the ticket valid only if it is being redeemed by the correct client IP address.
Setting up Trusted Authentication is straightforward. Customers typically have Trusted Authentication working in their environment within an hour or two. Several examples are provided for common application server frameworks as part of the Tableau Server installation. More details are provided in the Tableau Server Administrators Guide.