Introduction
The Data Security Admin role in DvSum ensures secure access to data by defining user permissions, managing authentication settings, and enforcing compliance policies. This guide explains key security features, best practices, and how to configure data security settings.
What is the Data Security Admin Role?
A Data Security Admin in DvSum is responsible for managing data security settings, ensuring compliance, and controlling user access to sensitive information. They can:
- Assign user roles and permissions.
- Configure authentication settings.
- Monitor data security logs.
- Enforce data classification and masking policies.
Adding Data Security Admins
Account Admins can add Data Security Admins from the User Security tab in Account Settings.
- Navigate to Account Settings > User Security.
2. Select an active user from the dropdown list.
3. Ensure the user has "Admin" access to the catalog.
- If not, a warning will appear prompting an update to their permissions.
-
In this case, the user "Sarah Taylor" is in the list of Data Security Admins but actually not a Data Security admin until its permissions are not set to Catalog Admin. On clicking "Update User Role", the user settings will open from where permissions can be changed:
-
Now when the user is logged in from the Data Security Admin account there will be some extra options that will be available on the Data Dictionary and Field Dictionary:
1. Managing Tables and Columns Security
Data Security Admins have additional options in the Data Dictionary under More Action:
- Hide Table(s)
- Unhide Table(s)
- Delete Table(s)
Hiding Tables
- Select tables to hide.
- Click More Actions > Hide Table(s).
- Hidden tables are visible only when Show Hidden Tables is enabled.
Hidden columns appear greyed out and are not visible in:
- Table Dictionary
- Enterprise Search
- Exported Excel File
The selected tables can also be deleted and they will be removed from everywhere on the application:
Note: For the deletion of tables, users should have Catalog Admin permissions but they don't have to be necessarily Data Security Admin
Data Security Admins have additional options in the Field Dictionary under More Actions:
- Hide Columns
- Unhide Columns
- Data Classification
- Delete Columns
Hiding Columns
- Navigate to Field Dictionary.
- Select columns and click More Actions > Hide Column(s).
- Hidden tables are visible only when Show Hidden Tables is enabled.
-
Hidden columns appear greyed out and are not visible in:
- Field Dictionary
- Rules Creation Form
- Rule Detail Page - Data Tab
- Rule Detail Page - Definition Tab
- Exported Excel File
Data Classification
Data Security Admins can apply Data Classification tags to columns:
The following 4 tags can be seen on the "Data Classification":
- Internal
- Public
- Restricted
- Sensitive
The description of every tag can be seen on hover. For more information about the tags separately there is the link of the "Data Masking" article.
- Once any tag is assigned to column(s), they can be seen on the listing view:
2. Deleting Tables and Columns
- Tables and columns can be deleted from the Data Dictionary and Field Dictionary.
- Only users with Catalog Admin permissions can delete data, but they do not need to be Data Security Admins.
- Only tables or columns with the status "Deleted" can be permanently removed.
Note: For the deletion of columns, users should have Catalog Admin permissions but they don't have to be necessarily Data Security Admin
Managing Data Classification Tags
As a Data Security Admin, you are responsible for applying classification tags (such as Confidential, PII, etc.) to data assets like columns, tables, and glossary terms.
Tagging behavior depends on how the Custom Tagset is configured in the system.
Single vs Multiple Tags
Each tagset has a setting: “Only Single Value Allowed”. This determines whether you can assign only one tag or multiple tags from that tagset to a single asset.
If checked, you can apply only one classification tag per asset.
If unchecked, you can apply multiple classification tags to the same asset.
This allows more flexibility in labeling data that falls under more than one classification (e.g., both Internal and Confidential).
0 Comments