Excel Add-In: Module Security/Restriction

Excel Add-In: Module Security/Restriction

When using the Excel Add-In, there is currently no way to restrict a module from being pulled into Excel if a user is provided access to that module.

 

We have multiple users whose roles require them to view confidential data within Anaplan, but they should not have the ability to export the data out of Anaplan. Within Anaplan’s dashboard settings, the ability to restrict a user from being able to export a module does exist and is necessary to prevent specific data from being accessed outside of Anaplan, such as a salary detail module used in our Budgeting model. If we allow users to use the Excel Add-In, we lose our ability to ensure users are not storing or accessing this data outside of the Anaplan interface and thereby lose our ability to maintain control over the security of the data.

 

We would like to see an additional security setting that allows us to “lock-down” specific modules to ensure that confidential information is not able to be exported outside of Anaplan via the Excel Add-In.

17 Comments
Group Leader - Employee

This should be included as a feature for Excel Add-In.

Community Manager
 
Status changed to: Your support is needed
Certified Master Anaplanner

Building off of this post a bit - if we are unable to restrict a particular module, then being able to restrict if the add-in can be used at all with a particular model would be helpful (although not ideal). 

Community Boss
 
Status changed to: Under Investigation
Community Boss
 
Status changed to: Considered for Future Roadmap
Occasional Contributor

Module security for the Excel add-in is a must. I also feel that when considering the solution to this the security of the saved views would also be a great addition.

Certified Master Anaplanner

We have same requirement and since there is not a way to manage around this yet, we are unable to allow the Add-in to be used within the organization.  This is unfortunate as it would be useful to help with other needs we have.

 

Any better feedback what the future of this requirement may be?

Certified Master Anaplanner

Thank you all for your interest in this functionality which is now considered for future roadmap. We will be investigating the levels at which we could provide this security setting (user, workspace, model, module or saved view) based on your feedback.

Certified Master Anaplanner

Chiming in to support this idea - I just came here to submit something similar myself. With restoration of the writeback functionality in Excel Add-In 3.3, this is extra important as users can overwrite data in areas they don't normally have access to through the model (bypassing filtered view on dashboard.) Right now I am building workarounds using DCA, but it is very clunky and fragile. 

 

Ideally, I would like to restrict Excel Add-In access down to the individual saved view level, but module level at a minimum.

Occasional Contributor

In addition to security settings for modules and module saved views it would also be a huge improvement to control how users access Anaplan and to prohibit the use of the Excel add-in completely. The new UX introduced a new role to allow modellers to build in the new UX. A role granted within TA to allow/deny the Excel Add-in (and powerpoint) would give administrators the ultimate level of control on how users access Anaplan.

Certified Master Anaplanner

Apparently this security issue will be the same when using the New UX which we have not been able to robustly review the New UX yet but had a call where it was mentioned that users when creating their own pages in the New UX will be able to get to the module detail.  This is a huge issues for us.

 

Certified Master Anaplanner

@jennifer_keefer as part of the New UX based on customer feedback we have added new functionality called My Pages that allows any user to create their own pages. This empowers the end user and gives the model more time to focus on value added activities rather than dashboard tweaks.

 

The creation of these pages respects the Anaplan security model consisting of DCA, selective access and Module level security. We have also added page level security for the New UX. However we are aware some customers are using filtering as security so we have added the capability to disable My Pages for models where the security model has not been implemented using the recommended mechanisms mentioned above.

 

There is a bit more info about disabling My Pages for models in this link 

https://community.anaplan.com/t5/New-UX-Updates/My-Pages-Coming-soon/ba-p/51767

 

Hopefully that gives you the tools required to tackle your current issue.

 

Certified Master Anaplanner

Thanks for the additional information @sprender Our preliminary testing shows this provides the security needed in the New UX.  If there was something similar for the Excel Add-in that would be great.

Certified Master Anaplanner

My organization is currently using the Excel add-in v. 3.2 as a reporting tool, which meets our organization's requirement to control the data in Anaplan (read only, not write-back).  My organization wants to keep the controls around data push/pull as is.  

 

I have just done some testing with v. 3.3 and it does the job that it needs to do, OTHER than the fact that I cannot see any way to disable the ability to create a Read/Write connection.  We need for future versions of the Excel add-in to allow control of this behavior either as a setting during install or a registry edit or a different version of the add-in (read/write vs. read only).  

 

As @helennie notes, there may be a DCA way to control this, but that causes extra work for the folks that administer the Anaplan environment and is not a solution.  The Excel add-in tool itself needs to be able to be configured.  

 

Thank you,

Stacey Gibbens

Certified Master Anaplanner

Agree with the posts above.  Would like the ability to restrict end users from accessing specific models when using excel add in.  Reason being, we have a model with restricted information.  Due to design requirements, filtering is used to limit users ability to access data within the model.  Additionally, due to the sensitive nature of the data, users do not have the ability to export data out of the model.  The excel add in gives users the ability to access any model they have access to.  It does not respect filtering managed in the model and gives users the ability to download data that is prevented from exporting in the model.  Due to these issues mentioned above, we have not been able to roll out the excel add in to our end users.

Group Leader - Employee

Will enable customers to manage their sensitive data better within their Anaplan domain, instead of other IT restrictions. Expliciet request of a customer.

Certified Master Anaplanner

Good news! We have prototypes of this feature and would like your feedback.

Sign up to the 30-minute call by joining our feedback group.

Users Online
Currently online: 117 members 412 guests
Please welcome our newest community members: