/
How to Secure Data in Kyvos Reporting

How to Secure Data in Kyvos Reporting

Applies to: Kyvos Reporting

Kyvos Reporting provides robust data security by allowing administrators to restrict users' access to data using data restriction parameters. Users can view only the data they are authorized to see, based on values configured at the organization and user levels.

This document explains how to configure data restriction in Kyvos Reporting using parameters and how it applies to both Query Objects and Analytical Objects.

What is Data Restriction?

Data Restriction in Kyvos Reporting ensures that:

  • Users can only select parameter values assigned to them.

  • Reports and dashboards display data based on those restricted values.

When running a report with user parameters, users must choose from the restricted set of values. This helps maintain row-level security across the platform.

Example Scenario: Query Object-Based Data Restriction

Business Use Case

You have:

  • Two floor managers, each responsible for a different set of sales representatives.

  • A store manager who oversees both teams.

Objective:
Allow each floor manager to view only their team's sales data, while the store manager can view data for all representatives.

Step 1: Create a Data Restriction Parameter

  1. Go to Navigate > Repository > Report Objects > Parameter
    or
    Navigate > Design > Parameter Object.

  2. Create a parameter, for example: prm_REP_name.

  3. Select the Data Restriction checkbox.

  4. Save the parameter.

image - 2026-04-22T123208.436.png

Step 2: Apply Restriction at the Organization Level

  1. Go to Navigate > Administration > Manage Users > Organization.

  2. Select the organization and click Modify.

  3. Open the Data Restriction tab.

  4. For prm_REP_name, select Restrict To Values and assign representative names.

  5. Optionally, add Additional Values.

  6. Click Save.

image - 2026-04-22T123810.521.png

Step 3: Apply Restriction at the User Level

  1. Go to Navigate > Administration > Manage Users > User/Role.

  2. Expand the organization and select the user (e.g., Floor Manager 1).

  3. Click Data Restriction.

  4. For prm_REP_name, assign the relevant representatives.

  5. Click Save.

image - 2026-04-22T123952.022.png

Repeat for Floor Manager 2 and assign the appropriate values.

image - 2026-04-22T124126.683.png

Similarly, for the Store Manager, assign values of all representatives.

Step 4: Use the Parameter in a Query Object

Define prm_REP_name in a Query Object to fetch data based on assigned values.

image - 2026-04-22T124421.658.png

When users log in:

  • Floor Manager 1 sees only their team’s representatives.

    image - 2026-04-22T125132.070.png

  • Floor Manager 2 sees theirs.

    image - 2026-04-22T125328.797.png

  • Similarly, Store Manager sees the complete list.

Copyright Kyvos, Inc. 2026. All rights reserved.