Skip to Main Content
IBM Data and AI Ideas Portal for Customers


This portal is to open public enhancement requests against products and services offered by the IBM Data & AI organization. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:


Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,


Post your ideas

Post ideas and requests to enhance a product or service. Take a look at ideas others have posted and upvote them if they matter to you,

  1. Post an idea

  2. Upvote ideas that matter most to you

  3. Get feedback from the IBM team to refine your idea


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

IBM Employees should enter Ideas at https://ideas.ibm.com


Status Not under consideration
Workspace Planning Analytics
Created by Guest
Created on Mar 21, 2023

Security in IBM Planning Analytics Workspace

Problem:

Currently IBM PAW has a vide security access. Consumers and Analysts have access to both tiles - Application and Plans and Reports and Analysis, therefore they are able to see the list of all plans (Application and Plans tile), books (reports) and folders in shared folder (Reports and Analysis tile).

The Set permission option allows an administrator to set permission to View only, Edit only and Full control – there is no option None. The security is mostly based on TM1 server, which means, for example, every time a user with no access to a particular cube, tries to enter the report with data from this cube, an error occurs. This cause raising an error and reporting that system does not work. 

Therefore, big companies are not willing to grant access to the greater amount of users, as it may be considered a security breach and potential data leaks. As well as it raise a lot of questions from end users to administrators about errors that occurs.

 

Solution:

1. Often big companies separates roles of Consumer and Analyst. Usually, the Consumer role should have access only to the tile of Application and Plans, when the Analyst should have access only to the tile of Reports and Analysis. Consumers and Analyst should not see each other’s tiles.

2. Option None should be added to Set permission option. By default, all Consumers should have None access to all Plans, and accordingly all Analysts should have None access to all books and folders in shared folder. Option None implicates not only lack of possibility to open, e.x. the book – an Analyst who has None access to the book, should not have possibility to see this book in shared folder.

 

Profits:

1. Strengthening the security in IBM PAW -> granting the access to the greater amount of end users -> purchase of more licenses.

2. Less questions from end users to administrators.

3. Creating intuitive and flexible security in IBM PAW.

 

 

Needed By Quarter
  • Admin
    Stuart King
    Reply
    |
    Jun 6, 2023

    This idea is not under consideration.

    Although we do not explicitly list a NONE type permission in Workspace, a user without View only or greater access will have NONE access on the object (folder, book. view, etc). It's already possible to disable access to content based on permissions to hide content from the user. Note that Workspace does have an Everyone group that is given greater than NONE access by default. In order to allow other user and group based permissions to work you must disable the everyone group.

    Access to the plans and application tiles are determined based on the user belonging to a group that is named as a contributor or reviewer in the app or plan.