Data Security in Kyvos

Kyvos Offers high-class, enterprise-level security through its built-in security model and support for standard security frameworks and protocols. It integrates with enterprise security infrastructures, along with support for strong authentication and single sign-on. It works seamlessly with Big Data platforms to ensure data governance and security. It is certified with Cloudera and Hortonworks, including certifications on their security frameworks. Kyvos offers support for Kerberos and provides APIs for integrating with custom security frameworks.
Kyvos enables easy integration with third-party encryption tools to ensure the security of data at rest. It offers KMS
support and has the capability to read and write data within the encryption zone. Kyvos' security model ensures that the same security model is maintained on on-premises deployments as well as in the cloud.

Kyvos Three-Tiered Security Architecture

Besides supporting the existing security infrastructure, Kyvos has its own native three-tiered security architecture that ensures high-class security at multiple levels.

Open

Authentication

The first layer of security consists of the user authentication module that ensures that only authenticated users can access the application. Kyvos offers native authentication for users created in Kyvos. It integrates with enterprise directory services such as LDAP and Active Directory and imports users and groups from the directory services. Kyvos also integrates with single sign-on models such as Okta, SiteMinder, and the Windows Authentication Service.

Authorization

The second layer of security defines fine-grained access control so that users only access what they are authorized to access. Users are assigned read and write rights in Kyvos. The access rights can be granted at the user level or at the group level.

Data Security

The third layer of the Kyvos Security model is the data security layer. Kyvos offers row and column level security at the group and user levels. It provides the option to control access by dimension or measure.

Column level security makes it possible to hide a dimension or measure for a set of users. For example, a sales team may have access to sales data but not to the finance data.

Row level security provides the option to hide specific rows. For example, the sales team can only see data for
their own region.

Read More:

• Data security for semantic models

• Kyvos SSO Authentication Types

• Custom Data Security Configurations

• Managing Users, Groups, and Roles