Solving the Online GIS Security Conundrum

Solving the Online GIS Security Conundrum

When making business decisions, your data is your most precious asset. It's what ensures your competitive edge, and if outsiders are able to access your data, then you’ve delivered them the advantage. 

We often think of cyber attack as the most common vector for industrial espionage, but it’s far more common that we simply leave the doors wide open and let people walk away with our data.

Ideally, your online GIS mapping system should have the ability to both distribute maps and datasets publically, but more critically, it should offer the ability for authorized users to access maps and data they have permission to view - hidden from the public eye.

Problem is, it’s often not so simple as it should be to properly assign and control a broad range of access permissions.

So how do you serve all your users and stakeholders, while maintaining tight control over who can see, modify, and edit maps and datasets?

Securing web map access with users and groups - Mango

Photo by Matt Artz on Unsplash

Like most businesses and organizations, your mapping needs serve users, guests, and stakeholders both within and outside your organization.  

At the outset, you’ve got to ensure that only the authorized guests can open the doors they’re allowed to open.

Think of a hotel. On check-in you are handed a keycard. This lets you access your room and, if you’re lucky, other hotel amenities like the gym or pool.

The housekeeping staff have keycards too. Theirs lets them into all the rooms, including yours, along with staff-only areas. Hotel security have master keycards, that work everywhere.

Your web GIS portal is much the same. Once authorized users are inside 'the building', each user needs access to specific maps and datasets, and must be restricted by their clearance level.

A great online GIS will offer a range of user types that can be managed and organized with access appropriate to their role in your organization, and their role within mapping and data collection projects.

Solving the Security Conundrum

Providing a range of security access controls ensures your data remains safe in your hands while offering a wide and flexible range of security options to allow free flow of open data and maps, and easy access for your internal users.

Let's take a look at the different levels of privacy and access restriction available in Mango.

Private Maps

Mango’s private map access options provide the first level of defense, offering three simple but effective methods to restrict visibility of web maps:

  • Standalone map
  • Hidden map; and
  • Password Protected map

These three privacy options are designed to restrict access by obfuscating the map URL or visibility, which is ideal for maps that may contain some sensitive information, but only need basic access restriction.

A Standalone map does not appear on your public portal, but will appear in the portal for all signed-in organizational users.

Accessing Standalone maps does not require a password, but users outside your organization must know the map URL to access it.

Hidden maps offer enhanced privacy, with a 32 character randomized hash URL, with a probability of 1 in 103 trillion that someone outside your organization could feasibly guess the hashed URL.A hashed url of a hidden Mango web mapPassword protected maps, while also visible to your organization users in their portal, are only accessible to external public users with a unique password that is set by the map creator.

A password protected map login page

Internal security - Users & Groups

In larger organizations with a need for teams of viewers, administrators and data editors, a flexible users and groups model allows for a customizable heirarchy of access control to suit individual business needs.

Internal access controls ensure that underlying data is not exposed to unauthorized external users, but is easily accessible to internal users with sufficient security clearance via their internal web map and data portal.

The Mango portal is dynamic, displaying maps and data based on each user's authorization level - external users see only public maps and datasets, while signed-in internal users see all public map and data, and the restricted maps and data they have been granted permission to view or edit.

Group access policies allow you to ensure granular security and maintain strict access controls, while providing the flexibility needed to offer a range of access permissions to a wide range of users.

Access Levels

View: Groups can be assigned view access to maps and datasets. View access provides only the ability to view the map or dataset, and offers no administrative controls, regardless of user role.

Modify: Modify access for maps can be granted to Groups. Administrators within a group with Modify access to a map can manage the map, but Data Editors and Private Viewers in the group cannot perform any actions.

Edit: Edit access can be granted to Datasets. Data Editors and Administrators in a Group assigned to Edit access to a dataset can edit the attribute and geometry of the dataset. Private Viewers in the same group will have only view access.

Controlling Access with User Roles

At the lowest access level, users that need only to view maps and datasets can be invited to the account as Private Viewers. The Private Viewer role provides access to all maps they have permission to view in their web map portal, but has no edit or modify rights to any maps or datasets.

This is ideal for managers and decision makers who aren't involved in the creation and maintenance of maps and spatial data, but use those maps to make crucial data driven decisions that chart the course for your organization.

The Private Viewer role is ideal for managers and external clients that need view only webmap access

Photo by Paul Bence on Unsplash

 

For presentation and discussion, managers may need view-only access to all maps, while an external client is likely to need view-only access to map visualizations relevant to their project, but not the original datasets.

External clients and stakeholders outside the organization might also need access. In such cases, they can be invited into the account with the Private Viewer role, safe in the knowledge that they will never see data beyond their permissions. Creating a group of external viewers also ensures secure, sandboxed sharing of data, and also allows for simple and immediate removal of privileges when a project is complete - delete the access group, and users within the group's permissions are immediately rescinded.

However, a common pain point for online GIS platforms is cost per seat. With Mango, the private viewer role is completely free. You can also add an unlimited number of Private Viewers.

Similarly, maps can be restricted via a simple password entry for all external users, but available to view by any internal user.

 

Photo by rawpixel.com on Unsplash

 

Next we have the core GIS team, the boots on the ground troops who do the heavy lifting in creating and maintaining your spatial data.

Often their requirements are straightforward: editing and updating data. The Data Editor role provides full edit access to datasets with edit permissions - when a group containing data editors is given edit access to a dataset, they have full rights to modify attributes and geometry within Mango, directly within all maps they have permissions to view. Any dataset in a map that they don't have edit permission rights to will render on the map, but will not be editable.

 

Photo by rawpixel.com on Unsplash

 

Finally, the administrator role allows GIS team managers to create maps and datasets, and manage data uploads and map deployments. They can also be assigned view or modify access to maps and datasets created by other administrators and the account owner.

By inviting users as administrators, it's possible to create a teams that can create maps and data, but still sandbox users within their spheres of responsibility.

As well as managing the maps and data they create, administrators can be given permission to manage other maps and data.

With Mango’s Users & Groups security policies, each signed in user can only view maps and data they have been specifically granted permission to access, and still then only perform actions within their user role. For example, Private Viewers only have view privileges for assigned maps and datasets, even if they are in an access group with edit rights. They can’t modify maps, or edit datasets.

 

Users only see maps they are authorized to see, and can only interact with maps based on their view or edit permissions, and their user role.

 

As the account owner, you have full control - the master keys to the whole building. This means full control of access permissions. Creating groups takes seconds, and rescinding access is as simple as removing a user from a group, or demoting their user role.

Thousands of hours of blood, sweat - and probably some tears - have gone into collecting, classifying, and organizing your data. You need a robust yet flexible online GIS and workflows that keep your data secured.

If you would like to learn more about online GIS security, download our book detailing Mango’s security infrastructure and user permissions.

Ready to deploy secure web maps?

Sign up for a 30-day free trial of Mango’s enterprise features.

 

Maximum Security, Minimum Effort (PDF)

It’s simple for a GIS professional to deploy a single map containing all the public datasets, and keep private data private.

But does that provide the best outcome for the users of your maps and data?

Download our security sheet for detailed information on how Mango provides maximum security with minimum effort.
 




Share this!
Chris Brown is the founder and CEO of Mango (simple online web GIS for everyone).