Exposing all Tableau information to all users isn’t a great idea. For privacy and confidentiality, organizations should only expose the information that a particular user should see. That’s why it’s important to restrict how data is accessed in Tableau workbooks. Tableau Row Level Security is the solution. It helps Tableau users to restrict how data is accessed in Tableau workbooks. In this article, you will be discussing Tableau Row Level Security in detail.
Prerequisites
To implement the Tableau Row Level Security you need to meet the following requirements:
- Basic understanding of Tableau.
- Tableau Server.
What is Tableau?
Tableau is a popular Data Visualization and Business Intelligence tool among businesses and individuals. It helps its users to visualize their data to make it easy to understand for all people. Tableau users can create different types of visualizations and combine them into dashboards. These dashboards can then be accessed by different users from various geographic locations.
Key Features of Tableau
Let’s explore some of the amazing features offered by Tableau:
- Users can deploy interactive models and dashboards with Tableau.
- Tableau supports different data sources for connecting & importing data from a wide range of external sources.
- Tableau users can collaborate with their teams easily for collaborative work or review.
- Users can also share the dashboard to the cloud, making it available from anywhere.
- Tableau offers 200+ connectors to allow users to securely connect to other data sources.
While Tableau manages secure access, Hevo streamlines your data migration, ensuring your data is always ready and up-to-date for secure analysis. Combine the power of both for efficient and secure data management! Here’s how we simplify the process:
- Seamlessly pull data from HubSpot and over 150+ other sources with ease.
- Utilize drag-and-drop and custom Python script features to transform your data.
- Efficiently migrate data to a data warehouse, ensuring it’s ready for insightful analysis in Tableau.
Experience the simplicity of data integration with Hevo and see how Hevo helped fuel FlexClub’s drive for accurate analytics and unified data.
Get Started with Hevo for Free
What is Tableau Row Level Security?
Tableau Row Level Security involves restricting data in Tableau workbooks to certain users. Note that it’s different from Tableau permissions which grant or deny access to content. With permissions, you can only control who can view or edit a workbook. Row-level Security allows users with similar permissions to access different data. For example, one user may see data from America while another user may see data from Asia.
By default, Tableau users with access to a workbook can see all the data in a view. When you apply Tableau Row Level Security, you will be able to specify the rows that each person can view once signed into the server. It applies to both data sources with live connections and extracts sources with tables stored as multiple tables.
Next, you will be discussing how to implement this Tableau Row Level Security feature in Tableau.
Tableau Row Level Security Options Comparison
| RLS option | Useful when | Pros | Cons |
|---|
| Manual user filter | You are doing a proof of concept or testing user filtering functionalityYou are creating a static workbook to use with an unchanging group of usersYou understand the data security risk of having the permissions set incorrectly | Simple at small scalesEasy to understand mappingGood for testing | High-maintenanceNeed to update filter and republish as user base changesPermissions must be secured to prevent users from seeing unfiltered dataMust be replicated in every workbook |
| Dynamic user filter | You don’t have a Data Management licenseThe data contains information you can use to filter itYou understand the data security risk of having the permissions set incorrectly | Relatively easy to set up | Permissions must be secured to prevent users from seeing unfiltered dataMust be replicated in every workbook or data source |
| Data policy | You have a Data Management licenseThe data contains information you can use to filter itEase of data security is a significant concern | CentralizedSecureLow-maintenanceResponsibilities for security and analytics can be separated | Data Management license required |
| RLS in the database | Your database has an existing RLS security built into the databaseYou aren’t using extracts | Might already be built into your organization’s databasePolicies can be applied to database clients other than Tableau | Must use live queriesMight have limitations or requirements. Your IT team can identify them |
How to Implement Tableau Row Level Security?
Tableau provides different ways to implement row-level security. Let’s discuss them:
1) User Filter with Manual Mapping
Suppose you have the following data showing the percentage of fully vaccinated individuals in different countries.
You want each country manager to access only their respective country, but not the vaccination percentage of other countries. You can create a user filter and map every user manually with the countries they should view. To create the user filter, follow these steps:
Step 1: Click the Menu Bar and choose “Server”.
Step 2: Choose “Create User Filter”. You will be presented with the list of available fields where you can create the user filter form. If you haven’t signed into your Tableau Online or Server account, you may be prompted to do so.
Step 3: Assign each user to the appropriate region.
This is a good approach to implementing Tableau Row Level Security if there is only a small number of users. However, if there are many users, you will spend too much time doing the mapping. Again, if a new user joins Tableau, you will have to edit the workbook to add the mapping.
2) Dynamic Filter using a Security Field
This approach to Tableau Row Level Security involves joining a data source and a security table. The security table contains the list of usernames and the countries they should access.
A join should then be created between the data and the users’ table.
The dynamic filter should be added by creating a calculated field. You should use the following formula:
The USERNAME() represents the name of the user signed into Tableau. You should then add the security filter and allow TRUE results only.
This approach to Tableau Row Level Security is appropriate when you are sure that users and groups will be added since there is no need for manual mapping. However, it has a terrible performance compared to the user filter because you must join the security table to the original data source.
3) Security Groups
You can also use Security Groups to implement Tableau Row Level Security. Tableau allows you to create groups and add users to them. The idea of this approach is to create one group for each country then map the groups to their respective countries.
You can create groups from the Groups tab of Tableau Server.
Open the Users tab and add users to the group. Once you’ve created the groups and users for all countries, you should create a user filter within the workbook. Just follow the steps given below:
Step 1: Click the Server tab.
Step 2: Choose “Create User Filter”.
Step 3: Select the dimension to be mapped to every group. In my case, the dimension will be “Country”.
Step 4: Move the filter to the Filters shelf.
In the previous example, mapping was done between users and countries. In this case, it will be between groups and countries. This should be done for every group that you have created.
You will have created a set of users who you can copy into other workbooks that have the Country dimension and avoid repeating the mapping process.
Although the Security Group approach is similar to the User Filter approach, it is very important if you will have to add new users. Instead of editing all workbooks where you have applied Tableau Row Level Security, you only have to add the users to the groups. Since the group is already mapped to one country, the mapping will be done automatically without the need to edit the workbooks.
These are the best approaches to implementing Tableau Row Level Security.
Conclusion
Implementing Tableau Row-Level Security (RLS) is crucial for maintaining data privacy while providing users with personalized access to the right information. RLS ensures that sensitive data is visible only to authorized individuals, enhancing security without compromising the user experience. By leveraging this feature, organizations can manage access control effectively and make data-driven decisions with confidence.
For seamless data management and migration, consider using Hevo to automate and streamline data workflows, ensuring that your data is always ready for analysis in the tools of your choice.
Want to optimize your data pipelines? Explore Hevo today by signing up for 14-day free trial!
Frequently Asked Questions
1. What is row level security in Tableau?
Row-level security (RLS) in Tableau restricts data access for specific users based on filters. It ensures that users only see the data they are authorized to view.
2. Is row Level security safe?
Yes, row-level security is safe when properly configured, as it limits data access at the user level, ensuring sensitive data is protected.
3. What does row level security do?
RLS in Tableau controls access to specific rows in a dataset based on user roles or attributes, enforcing data privacy and compliance within the visualization.
Nicholas Samuel is a technical writing specialist with a passion for data, having more than 14+ years of experience in the field. With his skills in data analysis, data visualization, and business intelligence, he has delivered over 200 blogs. In his early years as a systems software developer at Airtel Kenya, he developed applications, using Java, Android platform, and web applications with PHP. He also performed Oracle database backups, recovery operations, and performance tuning. Nicholas was also involved in projects that demanded in-depth knowledge of Unix system administration, specifically with HP-UX servers. Through his writing, he intends to share the hands-on experience he gained to make the lives of data practitioners better.
