File Security Options

Setting file security options

Omniscope files are not only more compact and visually communicative than other report data files (e.g. spreadsheet files and web tables), they also have many more layers of security options to prevent unauthorised access to, and potential re-use of, the data within the files or web tables.

Most of these options are accessed from the Save/Export dialog, under the IOK tab, on the right in the Security section (with the exception of text scrambling under the Data > menu, and 'walled gardens' which are implemented via special groups of activation keys). Open the Save/Export dialog by choosing File > Save as or alternatively File > Export > Export file(s). Some options are also available under File > File security.

Server-based permissioning (Enterprise Edition only 2.6+)

Enterprise Editions can be used to add server-based authorisation/permissioning to files. Initially controlling just file open, this functionality will soon be expanded to permissioning personalised on-demand 'datamarts' and populating empty template files on opening, among other directory look-up features. More information on server-based permissioning

Password protect files

Tick 'password protect' and enter a password to protect the file. If you have already set a password, the Change option will let you change it. Note that if you do not add additional layers of security, anyone with the password can open the file and save a copy with a new password, or none at all.

Prevent data save/export ("Owner-locked")

This copy-protection feature prevents even cut-and-paste copying from Omniscope, as well as saving or exporting the data in any way. This is an all-or-nothing setting, designed primarily to prevent recipients of your file from extracting, modifying or plagiarising your data and Omniscope configuration. Only the Owner (i.e. the Omniscope installation that created the file) can be used to disable this setting. The Owner can also edit and save the file even with this setting enabled. Effectively, a file opened on a different PC with this setting enabled will operate in "view & explore" mode only; extracting data and/or saving changes will not be permitted, just as if you were opening the file in the free Viewer. This setting is only available in licensed installations, and not the free trial. This setting does not protect file B from being overwritten when opening file A, choosing Save as and saving over file B. In order to prevent overwrites , you should use operating system-level options such as setting the file as Read only in the Windows Explorer file properties.

Note: this setting was known as "Protect data from editing or copying" in earlier versions.

Write-protected ("Warning on save")

This option is a safeguard against accidentally saving changes to an important file. It is a little like the "lock" slider on a removable disk. While the option is turned on, you will be warned if you try to save the file.

As with Prevent data save/export, this option does not protect file B from being overwritten when opening file A, choosing Save as and saving over file B. To prevent this, you should use operating system-level options such as Read only in the Windows Explorer file properties. Omniscope's Write-protect option merely warns you if you inadvertently press Ctrl+S while an important file is open.

Time-limited files (Enterprise Editions only)

This option can be used to ensure that stale, un-refreshed copies of files are not used. Ticking this option displays a settings dialog which enables you to specify the exact date/time the file will expire, whether or not an external Internet time-check will be required (if so, the file will not work offline), an option to specify an "out-of-date please refresh" notice yet still allow access, and the message to display if recipients try to open an expired file. 

For time limiting to be enforceable, you must also tick "Prevent data save/export" (see above).

Domain Locking (Enterprise Edition only)

Domain locking is a powerful and effective access-restriction and revenue protection feature. Omniscope .IOK/.IOM files are normally free-standing and easily transferred (by e-mail, posting/downloading from blogs and websites, etc.). Adding domain-locking to an .IOK/.IOM file imposes the restriction that the file must be opened directly from the originating (generally password-protected and secure) website. This option enables organisations to restrict access to current employees with valid web credentials, and enables commercial data publishers to ensure that only current subscribers have access to their data, and ensures that potentially stale, unrefreshed copies of files saved locally will not open. More information on Using domain locking.

For domain locking to be enforceable, you must also tick "Prevent data save/export" (see above).

'Walled gardens' (Enterprise Edition only)

The option to designate a group of specific Omniscope installations able to create and share files only within the group is referred to as a 'walled garden'. Those Omniscope installations with are members of the group are defined by specifically-created activation keys. Files created by installations within in 'walled gardens' can be set to open only in other Omniscope installations activated by keys from the same 'walled garden' list. Privileges for each installation can be set individually to Read-only or Read/Write/Create capabilities for 'walled garden' and non-'walled-garden' .IOK files. Installations can belong to more than one 'walled garden', with different privileges in each 'walled garden'. For more information on implementing Omniscope in high-security settings, please contact us.

Text Scrambling (improved in 2.6)

Introduced in version 2.5 in Data > Scramble, this feature permits text column values to be 'scrambled' such that the text values cannot be read. This security feature is initially intended to permit us to assist you with files containing confidential information, but will be further developed to support selective scrambling for out-sourcing some aspects of workflow and data quality while maintaining some columns of data, e.g. names on the payroll, credit card numbers, etc. in scrambled format.