See the following scenario depicting how to implement a security model to control user access to BI content.
After creating a new group, you can add users, add subgroups, or specify group membership.
Subgroups give more levels of organization, so they’re useful when you set object permissions (rights) to control other user access to your BI platform content.
It's useful to create subgroups when you want to further classify groups of users. For example, you can be grouped by location (such as European), and then further divide by group according to their department (such as the European Finance Team).
There are groups that are built-in in the BI platform. The following groups are available by default:
Every user belongs to the Everyone group. This means that any rights that are assigned to the Everyone group apply to every user account in your BI Platform. The Everyone does not have subgroups.
The Administrators group is granted Full Controlto all objects in the BI Platform. This means that members of this group have the right to perform almost any task in the BI Platform - including assigning rights to others.
The administrator account is a member of the Administrators group. By default, the administrator (user account) is the owner of everything in the BI Platform that is not created by another user. This concept of ownership is important in managing security. We will discuss details about rights and security in the next unit.