Hiding columns is just for making them not visible via the front end tools. They could still be queried in MDX or DAX with no restriction.
Securing their use via Roles would mean they could not be accessed at all.
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Per this website:
The ability to hide columns is not intended to be used for data security, only to simplify and shorten the list of columns visible in the model designer or reports. To secure data, you can define security roles. Roles can limit viewable metadata and data to only those objects defined in the role. For more information, see Roles.
Perspectives I could see not being security -since one can connect to any perspective.
But say our Timesheet table - if the Employee column were hidden, then it wouldn't be personally identifiable, thus we'd achieve our security objectives (or so my initial take goes).
One could still see the column if they connected to the Cube via SSMS as an admin, but admins are fine to see everything.
Why wouldn't that be security? I could certainly add a column level security to every role, hiding that column. But what would be the difference security-wise?
Hiding columns is just for making them not visible via the front end tools. They could still be queried in MDX or DAX with no restriction.
Securing their use via Roles would mean they could not be accessed at all.
They could still be queried in MDX or DAX with no restriction.
But unless one has admin rights, they can't see anything in SSMS when connecting to the Cube, and can't query anything at all that way.
What am I missing?