Restricting Access to IBM Cognos Software

You may not want all users that exist in an authentication source to have access to IBM® Cognos® software.

To secure IBM Cognos software, configure the product so that only users who belong to a specific group or role in your authentication source, or in the Cognos namespace, are allowed access.

We recommend using the Cognos namespace because it contains pre-configured groups and roles that help you to secure IBM Cognos software quickly. One of the pre-configured groups is Everyone. By default, the group Everyone belongs to several built-in groups and roles in the Cognos namespace. If you decide to use the Cognos namespace, you must remove the Everyone group from all built-in groups and roles and replace it with groups, roles, or users authorized to access IBM Cognos software.

To restrict access to IBM Cognos software, do the following:

In IBM Cognos Configuration, enable the required properties to restrict access.
For more information, see the IBM Cognos Business Intelligence Installation and Configuration Guide.
In IBM Cognos Administration, remove the Everyone group from all built-in groups and roles.
Replace it with groups, roles, or users that are authorized to access the different functional areas of IBM Cognos software. For more information, see Initial security.
In IBM Cognos Connection, set up access permissions for individual entries, such as folders, packages, reports, pages, and so on. For more information, see Access Permissions and Credentials.

For more information about the security concepts implemented in IBM Cognos software, see Security Model.