# Security {% hint style="info" %} Data security is crucial for protecting sensitive and conﬁdential information, and for maintaining the integrity and availability of data. PDQ security helps protect sensitive and conﬁdential information from unauthorized access, use, disclosure, disruption, modiﬁcation, or destruction. Data security can be achieved through a combination of physical, technical, and administrative controls. By selecting the Security under the settings tab, the user can view all the users across the organization and their permissions levels within the platform. {% endhint %}

There are 3 feature options: {% tabs %} {% tab title="User" %} {% hint style="info" %} Manage users across the organization and their permission levels for the portal. It provides the details of Total users, Active Users, and Inactive Users. You can also invite Users from this section by providing the Email and Role details. The different default roles in PDQ are as follows: ● Admin: Admins are responsible for the overall administration of the platform ● User - Users can read all discovered properties and metrics ● Steward - Stewards are responsible for managing asset connections and discovered properties ● QA User - Custom deﬁnition for your control and use {% endhint %} 1. Invite a User and select a Role.

{% hint style="info" %} An admin user also possesses the following controls within the Security page: 1. Add/Modify the First Name of the user 2. Add/Modify the Last Name of the user 3. Add/Modify the Title of the user 4. Assign speciﬁc Domains to the user 5. Assign speciﬁc Applications to the user 6. Change the Roles of a user 7. Enable/Disable the access to a user using the Active section 8. Delete a User 9. Trigger a password reset link via email 10. Reset password for other users from the settings page {% endhint %} {% endtab %} {% tab title="Roles" %} {% hint style="info" %} Under the Roles tab, an admin user can create new custom roles and modify their privileges as per their need. Under the features section, there are 3 different access options for various features within the platform: ● N - None ● V - View only ● E - Edit {% endhint %}

{% endtab %} {% tab title="Activity" %} {% hint style="info" %} As the name indicates, this section collects logs of the user activity and displays them for tracing back one's activities. Information such as: User name Last login details No. of audit logs Duration statistics Session start time Session end time IP address Audit information {% endhint %} 1. Click on the Activity tab.

{% hint style="info" %} ● The admin/privileged user can also push the user sessions and user activity tables to the metadata repository ● The admin/privileged user will be able to view the following options on the user activity page under the settings > General> Reporting: ○ Run now ○ Schedule ● The admin/privileged user will be able to delete/update the existing schedule and should be able to see the next run date time ● The admin/privileged will be able to view the following metadata properties in the target table based on the setup in the Reporting settings {% endhint %} #### User Activity

Metadata	Description
ATTRIBUTE_ID	The unique identiﬁer of the attribute in PDQ. Used to join USER_METADATA.
ATTRIBUTE	The name of the attribute/column against which the user acts PDQ
AUDITTYPE	The type of action that the user performs against the asset, can be the update of metadata properties, adding a dataset, deleting a dataset, etc. There are currently 19 unique options being catalogued.
NOTIFICATION_TEXT	The alert/notiﬁcation text that is generated in the PDQ platform for the user's actions.
CREATED_DATE	he timestamp at which the user performed the respective action. I believe this is UTC.
USERNAME	The name of the user in the PDQ platform
USER ROLE	The role of the user assigned in PDQ
ASSETS	Name of the data source/dataset/attribute in which the action has been performed by the user in PDQ.
CONNECTION_ID	The unique identiﬁer of the data source. Use to join to USER_METADATA DATASOURCE_ID.
USER_ID	The unique identiﬁer of the user in PDQ. unique to PDQ - does not correspond to Employee ID.

#### UserSessons

Metadata	Description
MAX_SESSION_TIME	The highest duration a user has been logged into the platform.
MIN_SESSION_TIME	The lowest duration a user has been logged into the platform.
TOTAL_LOGIN_COUNT	The number of times a user has logged into the PDQ platform.
USER_ID	Auto Generate ID assigned to a user in PDQ.
USERNAME	Name of the user provided in PDQ.
USER ROLE	The role of the user is assigned in PDQ, and every role is assigned a set of permissions.
AUDITS_COUNT	Number of actions a user performed in PDQ.
AVG_SESSION_TIME	The average time spent on PDQ by a user.
LAST_LOGGED_IN	The recent login time of the user in PDQ

x x x {% endtab %} {% endtabs %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://academy.pentaho.com/data-quality-en/pentaho-data-quality/pdq-settings/security.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.