Open Text Corporation – Securing the Enterprise Budget

Overcoming the Clear and Present Danger of Unauthorized Access

About Open Text Corporation

Open Text Corporation (Ontario, Canada) is a market leader in providing Enterprise Content Management (ECM) solutions. ECM brings together people, processes and information together to facilitate managing unstructured information. Open Text's software seamlessly combines collaboration with content management, transforming information into knowledge that provides the foundation for innovation, compliance and accelerated growth. Open Text continues to expand with revenues of $414.8 million in Fiscal Year 2005 and is publicly traded on the NASDAQ exchange under OTEX and on the Toronto Exchange under OTEC. Open Text's software is successfully used by organizations such as Motorola, Nortel Networks and the US Army Reserve to search intranets, manage documents and workflows, collaborate on business projects, and conduct group scheduling tasks.

Background

Open Text implemented PowerPlay in 2005 for budgeting and actuals based reporting. Open Text realized during their Cognos implementation that they would face large data security challenges. They were concerned about not implementing security due to the risks of confidential information falling into the wrong hands. Further, an "authorized access security model" was required because of the highly confidential nature of the data. Upon investigation Open Text realized that implementing security manually was: time consuming, error prone, and expensive.

Furthermore, the confidential nature of Open Text's financial data and the highly distributed nature of their organization required a sophisticated security implementation. Open Text has hundreds Cognos users who require role appropriate views to information once that they receive system authentication. Open Text required an automated security model for accurately and reliably implementing a secure Power Play solution. Thus, Open Text began investigating security alternatives for their Cognos implementation and learned of ProTools for Cognos by FirstQuarter, Inc. Once they were introduced to FirstQuarter, their search was over. FirstQuarter is a Cognos consulting Partner that specializes in providing security solutions across the Cognos BI Suite.

Business Concerns

Addressing Open Text's Multi-Project Concerns was critical to this initiative. Their Cognos implementation would grow significantly after the initial deployment phase. Each project would require a flexible means for implementing complex security.

Providing Cross Functional Visibility to Cube Data. Open Text provides a comprehensive suite of Enterprise Document Management solutions across global geographic regions selling into industry verticals like pharmaceuticals, energy and government sectors. Open Text also owns a number of companies that market products under their own branding. Open Text divisions actively work together to bring their products to market as full service solutions. Therefore, there is a requirement within the company for cross-functional visibility of data for executives and business analysts. At the same time there is the need to protect sensitive information from employees who are not directly connected to the expenditures. On top of this, employees can move quickly inside the organization as they gain cross-functional experience. So how did we deal with this in our 'old' world?

Streamlining the Security Administration Process. The Business Intelligence team found that 15% percent of our operational resources were required to constantly update and maintain our security infrastructure. On top of this we found that for new projects the security design and implementation could consume 50% of our project efforts. We realized that we needed a comprehensive utility that would provide us with a standard methodology for implementing our security and at the same time automate much of the process.

The Solution

Open Text turned to Cognos Partner, FirstQuarter, Inc. to aid them in their security implementation. FirstQuarter provided its ProTools software and services to facilitate the implementation. ProTools is highly customizable security automation software that streamlines the security configuration process across the Cognos BI suite. ProTools can save administrators 95% or more time in implementing security.

Open Text successfully implemented their security solution on two distinct implementations in 1/10th of the time previously required.

The following is a list of accomplishments from the implementation.

  1. Less Than a Day To Implement Security – Flexible Means for Creating Security Groups.
    Building a flexible means to create security groups for a highly matrixed organization was a key concern. Open Text has just implemented six (6) cubes that contain security based on six (6) different management hierarchies. Once the design methodology was completed, it takes less then a day to implement the security settings from database load routines to implementation in the cubes and testing. This has greatly accelerated our development and allows us to accept new security parameters without trepidation.
  2. Accessible and secure meta-data repository.
    ProTools utilizes a database to store and maintain the Cognos security structure. It also exports LDAP namespaces to the database. This export can then be queried using SQL to report on users and their current access rules.
  3. Omitting key dimensions/measures based upon user role.
    With a few mouse-clicks Open Text can control what dimensions or measures a particular class 'tree' can see within any cube that consumes the class structure.
  4. Clean House, Generate Categories, Cleaning Up the Namespace
    Open Text can now set what dimensions get 'cleaned', which data sources generate categories, and can periodically clean our namespace. This last feature is especially useful when in the development stage.
  5. Securing Multi-Level and Multiple Dimensional Hierarchies
    Another cube just deployed includes an account type/business function/geographic/legal entity intersection matrix. Open Text can deploy multiple matrices within the same cube in a matter of minutes reducing the possibility that a 'union of classes' situation will allow users to see more data than they should.
  6. Generating All Security From a Single Application
    Open Text now designs and implements all Access Manager and Transformer security using a one stop approach.
  7. Streamlining The Process for Creating Memberships
    Open Text now manages user memberships and creates 'class groups' to speed user assignments from a single application.
  8. Nightly Refresh of Security
    ProTools automatically generates the batch commands that Open Text calls in their daily cube build routines. This allows Open Text to maintain the 'freshness' of the security implementation.

» Return to Case Studies