12.1. Identifying the Security Manager
The first thing you must do is to explicitly identify a team member who's responsible for the security of the DW/BI system. If no one owns the problem, it won't be addressed. Define the role in the organizational context: What security is the security manager responsible for? What tasks does the security manager do, and what tasks does he or she direct others to do? The security manager has to be involved in the architecture design and in verifying the actual setup and use of the DW/BI system. Every new component, upgrade, user group, indeed any system change, needs to be examined from a security perspective to make sure it doesn't compromise the system. Many organizations require a mandatory signoff by the security manager as part of the change deployment process.
We recommend that the security manager be part of the DW/BI team. The DW/BI security manager should have a formal relationship with any enterprise security office or Internal Audit. But to be effective, the security manager must be intimately familiar with the DW/BI system. In small organizations, the DW/BI team lead may play the role of the security manager. In any case, it needs to be someone fairly senior, with a broad understanding of the end-toend system.
Get The Microsoft® Data Warehouse Toolkit: With SQL Server™ 2005 and the Microsoft® Business Intelligence Toolset now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
