era4You was developed to provide the highest degree of security implemented at all levels: group and user, transmission, application and data.
Group & user level authentication and authorization. The application allows for three distinct user roles: Administrator, Power User and Report Receiver. Each role grants the user specific application rights, like access to application modules and functionalities. Therefore, users can be included in one or more groups, inheriting group-level defined rights. Expiration dates can also be configured for users, automating administrative tasks such as temporary user access.
era4You groups define access to data structures, based on organizational structure and policies. Access level can be easily configured at cell, dimension, or cube level. Based on group inclusion, users can perform their actions on specific data. This ensures information visibility at the desired level of granularity.
Transmission level is ensured via secured Internet connections using the SSL security protocol, which provides 2048-bit data encryption, server authentication, message integrity, and client authentication. 2048-bit SSL is the standard for large-scale online merchants, banks, brokerages, health care organizations, and insurance companies worldwide.
Application level security is ensured through a 3-tier architecture type, assuring clear separation of user interface, control and data presentation from the application logic and data. This guarantees a maximum security degree around access control, privileges and profiles.
era4You is fully deployed at the customer’s site where the original data is warehoused. Therefore no database connection over the Internet has to be established, eliminating any risk associated with remote database access.
Data level security filters can easily be configured within the application. This enables precise user access rights definition regarding data accessibility, starting from cube access down to dimensions, measures or cells.
An example would be regional data visibility at different levels of organizational roles: perhaps account executives only have access to their local data whereas regional managers have access to the complete information for all countries, states/provinces, and cities.
