Topics Map > Applications & Software > Business Intelligence/EDW
Topics Map > Applications & Software > Tableau
Tableau - Information for publishers
Tableau Publisher Guidelines
When you have built your visualization in Tableau and are ready to share it with others, please review this document first. It will give you an overview of the process and help you understand the process in place.
Contents:
- Procedure
- Infrastructure
- Project Definition
- Managing Group Memberships
- Setting up Permissions
- Establishing Database Connections
- Sensitive Data
Procedure
- Design and test your dashboard on your workstation.
- Request your active directory administrator to create publisher and viewer groups for requesting project on Tableau server.
- Request your project on the QA/Test server (Server name: Tableau-Test).
- Publish your dashboard to your project on Tableau - Test.
- Have your testers including yourself, test the dashboard to verify it works as expected.
- Request creation of project in Production (Server name: Tableau) identifying the Active Directory groups that should have access.
- Publish your dashboard to your project on the production server Tableau.
You're done! The next few sections will give you more details on each of the areas.
Infrastructure
We have two servers available for publication. A QA/Test (Tableau-Test) server and Production (Tableau) server.
QA/Test (Tableau-Test)
This is the platform for you to create your project, define publisher/user groups and test your dashboard. Members of the user group will be able to view your dashboard and interact with it as normal. As this is the test server availability can be degraded due to other users testing activities.
Production (Tableau)
When you are satisfied with testing on the test server, this is the platform to make your dashboard available to your audience. Populate your active directory group with the viewers who should be able to view the dashboard and they will be able to visit the site and view your dashboard. Group memberships and permissions for the Project must be established to publish to this server.
Project Definitions
A project defines the security of the dashboard and there can be multiple dashboards in one project. Only those in the viewer group assigned to a project will be able to view the dashboards within. All dashboards within a project must have the same security. If you are creating a new dashboard that is outside the audience of your existing project, then a new project will be required. (We ask that you minimize the number of projects to allow for more streamlined administration.)
Here is an example of where two projects would be useful: If you have two audiences, department administration and department faculty/staff. While the department administration has access to all dashboards, the department faculty/staff may only need access to a subset of the dashboards. Create two Projects, one for the common dashboards and the other for the restricted dashboards. Department administration will be granted access to both projects but faculty/staff will only have access to the one project.
Managing Group Memberships and Permissions
Permissions to view Tableau visualizations and dashboards are managed by setting up each project with a group membership and allowing permissions to the group.
Setting Up Group Membership
Groups are imported from Active Directory (AD) onto the Tableau Server. You have the option of using an existing AD group or creating a new AD group. The group can also be a distribution list. AD groups are managed by campus IT units. If you have any questions on how to utilize this service please check with you IT administrator or one of the organizations below based on your affiliation.
- Technology Services (Urbana-Champaign)
- ACCC (Chicago)
- ITS (Springfield)
Once you have the groups created and shared that with us, we have schedule running the synchronization of those AD groups daily twice at noon and midnight on the Tableau server. New members or removed members are updated accordingly.
Standard Permissions
Permissions are assigned by group to each project. There are two standard permission types; Publisher and Viewer
Publisher (includes Viewer permissions)
- Must have a licensed copy of Tableau Desktop
- Can publish workbooks to the Tableau Server
- Can move workbooks from one project to another
- Can delete workbooks from a project
- Can download workbooks to local Tableau Desktop
- Includes all Viewer permissions
Viewer
- Ability to view a dashboards
- Ability to change filter values if filters are provided as part of the dashboard
- Can export images of the dashboard to PNG or PDF
- Can view summarized (aggregated) data used to generate the chart
Additional Permissions
Additional permissions can be added to allow additional flexibility to the user.
- Add and View Comments (displayed below the dashboard)
- View and Export underlying detail data (rows of data from the query, not aggregated)
- Web Edit allows the ability to edit the dashboard and change the display
- Web Edit also allows a user to change dimensions to others included in the original query and change the chart type
Establishing Database Connections
When dashboards are published, by default they will prompt the user for database credentials to run the query. The user may choose to save these credentials and Tableau Server will not prompt in the future. This prompt ensures that only authorized users may see the data. If the account is used to control the rows returned, this will allow a single dashboard to deliver uniquely-suited information to each user. The dashboard may also be published and assigned a specific account and password to use for the database connections. This does not require every dashboard user to have an account in the source database. This specific account should not be a personal account. Use an application/service account assigned to the Unit.
Sensitive Data
Do not share confidential and sensitive information with anyone, including colleagues, unless there is a business reason and they are an authorized viewer of the data.
- Secure reports containing confidential and sensitive information (e.g., FERPA, EEO, or HIPAA protected data).
- Regarding FERPA, the University of Illinois maintains individual records and information about students for the purpose of providing educational, vocational, and personal services to its students. It is University policy to comply fully with federal statutes and regulations regarding the confidentiality of student educational records. As required by the Family Educational Rights and Privacy Act (FERPA) of 1974, as amended, University policy outlines procedures covering the privacy rights of students. The policy is intended to ensure the confidentiality of student education records, to establish the right of students to inspect and review their education records, and to provide guidelines for the correction of inaccurate or misleading data. For additional information, review the entire University FERPA policy, or find out how you can complete required FERPA training.
- For more information about the University policies governing data security and privacy, review the entire University of Illinois Information Security Policy.
- Always use the Confidentiality Indicator object/column when reporting on Student information for public distribution to ensure that FERPA sensitive information is excluded from your report where appropriate.
- Do not include UIN or SSN whenever possible. This practice will mitigate the risk that sensitive personal information may be improperly distributed. For more information about the University policies governing use of and access to Social Security Number and University ID Number information, see the University's SSN website.
- Be aware of Human Subjects data confidentiality. Specifically, Finance Accounts Payable data contains confidential information on payments to human subjects along with information on research topics. Retrieve reports quickly, shred unneeded paper reports and only provide appropriate access to the information.
- Please note that the security state of the data 'travels' with the data. That is, data that is highly restricted in a system like Banner or the Data Warehouse is just as confidential when it is used downstream in a report, back-end database, or local application. You are responsible for maintaining the confidentiality of data in reports or systems you create and manage.
Help with Tableau
Tableau has many resources on their website to help you use the desktop tool. Additionally LinkedIn Learning offers classes to help you learn more.
Tableau Server Assistance
If you have questions about Tableau server, please contact the AITS Service Desk at servicedeskaits@uillinois.edu or call them at (217) 333-3102. Additional information and the form for requesting a project is also available here: