Get startedGet started for free

Using column security to govern sensitive data

1. Using column security to govern sensitive data

Good job adding parameters. Before we close with a case study, let's discuss one more feature of data models: column-level security.

2. Sensitive data and PII

Lots of data is sensitive, and should only be viewed when absolutely necessary. The most common example of this is personally identifiable information, or PII. PII is data that uniquely identifies an individual in a dataset, like their name, address, or birth date.

3. Sensitive data and PII

Responsibly managing PII is critical for both ethical and legal reasons. One tool to secure this information in Sigma is column-level security, or CLS.

4. What is column-level security?

Column-level security lets us limit who can view a column in a data model. By governing this from a data model, you can ensure that appropriate permissions are applied each time the data model is used.

5. What is column-level security?

CLS can be used to limit visibility in the following ways. It can restrict access for all users, specific users or teams, or based on the value of a user attribute in your Sigma organization. CLS is Sigma's recommended way to secure data. Other features, like hiding a column from a table, are not security features like CLS.

6. What is column-level security?

For example, let's consider Oakmark Bank's Customers table. It has valuable information, which many analysts need. They might use it to find trends based on annual income, state, join date, and more.

7. What is column-level security?

However, that doesn't mean they should get access to customer's personal information.

8. What is column-level security?

In this case, we could apply CLS to the columns for first name, last name, email, and birth date, and restrict visibility to a handful of administrators, like the leadership of our data team. That way, when analysts use the table, customer data remains private.

9. Demo

Let's walk through adding CLS to a table in a data model.

10. Demo

We want to make this data model of customer data available to analysts. Before we can do that, we need to hide PII.

11. Demo

Select the customers table. In the Editor panel, under modeling, click Add column security…. The column security popover appears.

12. Demo

In the Restricted columns section, select the columns that need security. In this case, that includes first name, last name, email address, and date of birth.

13. Demo

In the Criteria section, select who should be able to view the data, if anyone. In this example, we restrict access to specific users and teams, and limit access to a team of administrators.

14. Demo

Note that this team was previously configured in the Sigma organization shown in the demonstration. To make the most of column-level security, configure a team, or create and assign user attributes to manage CLS at scale.

15. Demo

When a user who is not in the team views this data model element, or uses it in a workbook, they can't see the columns with security.

16. Let's practice!

Now you try!

Create Your Free Account

or

By continuing, you accept our Terms of Use, our Privacy Policy and that your data is stored in the USA.