Spreadsheet Security and Role Mining

Print Version

The application of spreadsheet security (i.e. using preventive controls to minimize potential loss of business integrity) is one of the first steps in establishing a spreadsheet management framework.  Security may be applied at multiple levels. These range from permissions at the server/folder or document repository level through to single file access controls, usually passwords. For more granular controls, permissions must be defined at sheet, range or cell level.

Effective spreadsheet security requires three areas of functionality:

  • Detecting the current level or absence of existing security (e.g. role mining)

  • Enabling the rapid application of appropriate security

  • Real time reporting on lapses in security

Most critical, however, is the ability to maintain this environment without compromising business deadlines or spreadsheet stability. These factors commonly lead to security lapses when business pressure grows, such as the adoption of non-secure workarounds.

ClusterSeven solves all these problems. Our risk assessment capabilities can detect the absence of file, VBA and cell level protection. In addition, ClusterSeven allows the rapid, visible application of protection at all these levels allowing users to receive instant feedback as to whether protection settings have been adequately implemented.



Those in charge of multiple spreadsheets can be alerted to changes in protection settings and Access Control Lists via email or dashboard traffic lights.  Changes to protected content can also be rapidly ‘red-flagged’ with a simple drill-down to interrogate potentially anomalous activity.

Print Version

“We are impressed with the positive effects of ClusterSeven’s technology on our operations and our culture. We now have a fully-automated and systematic set of business controls and processes that encourage our spirit of innovation while ensuring best practice in terms of operational risk and FSA compliance. Important business spreadsheets can be identified, managed and then prioritised for migration into our central applications.”

Don Simpson, MD of Operations and Technology, MUSI (ClusterSeven client)

“The main area of difficulty with spreadsheets is the change control process. Having built them and gone through a rigorous testing process, they are left exposed to errors, and, over time, they can eventually corrupt.”

Stephen Ashton, Head of IT business management, Dresdner Kleinwort (ClusterSeven client)