Security: Key Concepts

Capture Analytics security enables you to control the following:

  • Ability to run Capture Analytics (user authentication)

  • Access to the analytics tabs

  • Access to data based on organization

  • Access to data based on an alternate security field

  • Access to Capture Analytics from the designer and developer tools

The most common approach is to base security on user groups. You set up user groups, specify the access you want each group to have, and assign each individual user to the appropriate group.

If you decide to provide access to Capture Analytics data for some users based on an alternate field, you specify that access on a user-by-user basis.

No security information is extracted from GovWin Capture Management. You set up the user groups and users for Capture Analytics by entering them in Microsoft® Excel spreadsheets.

In this topic

Ability to Run Capture Analytics

Access to Analytics Tabs

Access to Data Based on Organization

Access to Data Based on an Alternate Field

Ability to Modify Capture Analytics

Security During Capture Analytics Implementation

Security Setup

Keeping Security Data Secure

Security for Capture Analytics Configuration

Ability to Run Capture Analytics

Capture Analytics fully supports “single sign on” authentication with Microsoft® Windows® Active Directory Services (ADS). Currently, the product does not support single sign on with directory services other than ADS. It also does not support any authentication other than single sign on.

When you set up Capture Analytics security, you provide each user’s network user ID. Then, when someone runs Capture Analytics, the system confirms that network user corresponds to a user set up in Capture Analytics. If that is the case, Capture Analytics opens without requiring an additional log-on procedure.

If Capture Analytics cannot find a user with a matching network user ID, that person cannot open Capture Analytics.

Access to Analytics Tabs

For each user group, you can do either of the following:

If your firm does not want to monitor one of the analytic areas that Capture Analytics provides, you can essentially remove that area by denying all groups access to the corresponding tab. Capture Analytics does not display a tab to which the user does not have access.

Access to Data Based on Organization

If you assign opportunities to organizations, you can control access to data in Capture Analytics by specifying the organizations for which each user group can view data.

For each user group, you can do either of the following:

Access to Data Based on an Alternative Field

Because Capture Analytics is primarily intended for executives, the default way to control access to the analytic data is based on the organizations to which opportunities are assigned. However, some firms want to provide Capture Analytics to managers and supervisors for whom security based on organization may not provide the necessary access. For example, you may want a project manager to have access to data for the opportunities assigned to him or her, but those opportunities may be assigned to more than one organization. In addition, some firms do not assign opportunities to organizations, or do so inconsistently, making organization-based security unworkable.

In these cases, you can specify an opportunity field other than organization on which you want to base security for some or all Capture Analytics users. For more information on this option, see Security Based on an Alternate Field: Key Concepts and related topics.

Ability to Modify Capture Analytics

Capture Analytics is designed to be modified to provide the analysis that your firm needs. However, you need to control carefully the users who are allowed to add or modify analytical objects and tabs. To do that, you specify for each user group whether or not members of that group have modification rights.

Security During Capture Analytics Implementation

During implementation of Capture Analytics, as you are loading data and verifying that the product is functioning as you want it to, having security in place can slow that process. You have two options for disabling or partially enabling security to facilitate implementation:

Deltek strongly recommends that you implement single sign on user authentication when you are ready to make Capture Analytics generally available to your users. Deltek does not recommend or support making the analytics available without single sign on authentication.

Security Setup

The standard procedure for setting up security during implementation of Capture Analytics commonly involves the following basic steps:

  1. Edit the security setup files to provide the users and user groups with the access that you want them to have.

  2. Use the security-related configuration options to activate security in Capture Analytics.

  3. Run an update process to apply the access specified in the security setup files to Capture Analytics.

For detailed instructions, see Set Up Security.

Keeping Security Data Secure

To control access to the security information, be sure you take the steps necessary to secure the following files:

Security for Costpoint Analytics Configuration

Capture Analytics provides no internal security for the configuration applications and related files. Be sure that only the appropriate persons have access to the network folders in which you installed Capture Analytics.