Tableau Server Case Study
Data Security in Tableau
There are 4 main components of data security in Tableau Server:
1. Authentication
2. Authorization and Permissions.
3. Data Security.
4. Network Security.
1. Authentication:
This feature in tableau is enabled while doing the installation of tableau server.
There will be two options of authentications available in Tableau server, they are:
1. Use Active Directory
2. Use Local authentication
At corporate level, it is suggested and best practice to use Active Directory (as this links the Tableau server to the company’s active directory). We can use Enable automatic logon option, so that the user who logged in system can directly access Tableau online without providing user id and password.
2. Authorization and Permissions: …show more content…
Client to Tableau Server: The client can be a web browser, Tableau Desktop, or the tabcmd utility.
A Tableau Server client can be a web browser, Tableau Desktop, or tabcmd commands. Communications between Tableau Server and its clients use standard HTTP requests and responses. Tableau Server can also be configured for HTTPS (see Configure External SSL). When Tableau Server is configured for SSL, all content and communications between clients are encrypted using SSL, and the HTTPS protocol is used for requests and responses.
Passwords are communicated from browsers and tabcmd to Tableau Server using 512-bit public/private key encryption. Tableau Server sends a public key to the browser, which uses the key to encrypt the password for transmission. Each encrypted transmission uses a key one time before it is discarded. This means that passwords are always secured regardless of the use of SSL. If SSL is enabled, SSL encryption is used in addition to the 512-bit public key encryption of passwords.
4.2. Tableau Server to your database(s): To refresh data extracts or handle live database connections, Tableau Server needs to communicate with your …show more content…
It uses native drivers to connect to databases whenever possible and relies on a generic ODBC adapter when native drivers are unavailable. All communications to the database are routed through these drivers. As such, configuring the driver to communicate on non-standard ports or provide transport encryption is part of the native driver installation. This type of configuration is transparent to Tableau.
When a user stores credentials for external data sources on Tableau Server, they are stored encrypted in Tableau Server's internal database. When a process uses those credentials to query the external data source, the process retrieves the encrypted credentials from the internal database and decrypts them in process.
4.3. Server component communication: This applies to distributed deployments only.
You can configure Tableau Server to use Secure Sockets Layer (SSL) for encrypted communications on all traffic between the Postgres repository and other server components. By default, SSL is disabled for communications between server components and the repository. For more information, see Configure Internal
There are 4 main components of data security in Tableau Server:
1. Authentication
2. Authorization and Permissions.
3. Data Security.
4. Network Security.
1. Authentication:
This feature in tableau is enabled while doing the installation of tableau server.
There will be two options of authentications available in Tableau server, they are:
1. Use Active Directory
2. Use Local authentication
At corporate level, it is suggested and best practice to use Active Directory (as this links the Tableau server to the company’s active directory). We can use Enable automatic logon option, so that the user who logged in system can directly access Tableau online without providing user id and password.
2. Authorization and Permissions: …show more content…
Client to Tableau Server: The client can be a web browser, Tableau Desktop, or the tabcmd utility.
A Tableau Server client can be a web browser, Tableau Desktop, or tabcmd commands. Communications between Tableau Server and its clients use standard HTTP requests and responses. Tableau Server can also be configured for HTTPS (see Configure External SSL). When Tableau Server is configured for SSL, all content and communications between clients are encrypted using SSL, and the HTTPS protocol is used for requests and responses.
Passwords are communicated from browsers and tabcmd to Tableau Server using 512-bit public/private key encryption. Tableau Server sends a public key to the browser, which uses the key to encrypt the password for transmission. Each encrypted transmission uses a key one time before it is discarded. This means that passwords are always secured regardless of the use of SSL. If SSL is enabled, SSL encryption is used in addition to the 512-bit public key encryption of passwords.
4.2. Tableau Server to your database(s): To refresh data extracts or handle live database connections, Tableau Server needs to communicate with your …show more content…
It uses native drivers to connect to databases whenever possible and relies on a generic ODBC adapter when native drivers are unavailable. All communications to the database are routed through these drivers. As such, configuring the driver to communicate on non-standard ports or provide transport encryption is part of the native driver installation. This type of configuration is transparent to Tableau.
When a user stores credentials for external data sources on Tableau Server, they are stored encrypted in Tableau Server's internal database. When a process uses those credentials to query the external data source, the process retrieves the encrypted credentials from the internal database and decrypts them in process.
4.3. Server component communication: This applies to distributed deployments only.
You can configure Tableau Server to use Secure Sockets Layer (SSL) for encrypted communications on all traffic between the Postgres repository and other server components. By default, SSL is disabled for communications between server components and the repository. For more information, see Configure Internal