Securely Access and Analyze All of Your Data with Data Connect for Tableau Cloud

Candice Vu

In today’s data and AI-driven world, it’s important to have the right tools to navigate and analyze vast data sources. Data Connect is a new add-on offering designed to empower IT teams to scale on-premises and virtual private cloud data access in Tableau Cloud while reducing the burden on IT. Data Connect offers a streamlined and remotely-operated approach to connecting to your on-prem data. This blog introduces Data Connect, sharing how it works and explaining the shared responsibility model it operates on to reduce the operational overhead associated with managing data access clients. 

What is Data Connect?

To bring data from private data sources into Tableau Cloud and maintain a live connection or keep it fresh with extract refreshes, Tableau customers use a client software called Tableau Bridge. They install the client on two or more physical or virtual machines behind the organization’s firewall. With Bridge, Tableau Cloud can securely access on-premises and virtual private cloud data through an established outbound connection.

Before Data Connect, IT teams or Tableau admins were responsible for deploying, managing, and maintaining Bridge. While Bridge remains a viable option for some customers, Data Connect provides a new choice for those who prefer not to manage Bridge themselves. With Data Connect, Tableau takes on the responsibility of remotely operating, monitoring, and maintaining the software client, while the organization’s team provides and manages the physical or virtual hardware.

Understanding the shared responsibility model

Data Connect operates on a shared responsibility model, where Tableau customers and Tableau share the responsibility of managing the customer’s Bridge deployment. The customer provides the compute resources and network connectivity, retaining ultimate control over access to their data. Tableau does the heavy lifting for customers, deploying and updating the agent software, then remotely operates and monitors the cluster to detect issues like lost connections or other failures.

This shared responsibility model allows organizations to choose and control the environment that best suits their performance requirements while letting Tableau handle the operation of workloads in that environment. Tableau deploys and runs agents in a set of containers distributed across the allocated machines. These agents are responsible for running live queries and extract refreshes via secure communication across the firewall within the organization.

What do you get with Data Connect? Tableau provides these services:

  • Configuration and operation: Tableau handles the initial setup of the cluster and software client as well as the ongoing configuration changes required to optimize Data Connect to your deployment’s unique usage characteristics. 
  • Maintenance updates: Tableau will remotely update the software client running on your compute resources without any action from your team.
  • Monitoring and alerting: Tableau will monitor the available resources like CPU, RAM, storage, and network availability of the machine the software client is running on and will alert you when limits of those resources are being approached so you can take action to prevent issues. Tableau will monitor the health of the cluster and software client to take appropriate action if they are in an unhealthy state. 

Robust data protection of Data Connect

Data Connect ensures robust data protection by securely linking Tableau Cloud and private network data sources. It establishes a secure WebSocket connection via an outbound request and encrypts data in transit. All users are authenticated and authorized, preventing cross-site WebSocket hijacking. Data Connect and Tableau Cloud streamline updating extracts, managing data freshness, and safeguarding against interception by securely storing credentials and returning only requested data for secure storage.

Data Connect is designed with the principle of least privilege, where Tableau is granted the minimum level of access necessary to operate the agents. Organizations retain control over the machines and network connectivity, ensuring that the agents can only access data sources explicitly allowed by the organization. Tableau cannot gain additional access to the private network, and the agents communicate only with Tableau Cloud, bypassing any administrative or operational tools used to manage the cluster. Trust is our #1 value, so we take measures to protect and secure the data you trust us with every step of the way. 

Want to learn more?

To learn more about Data Connect, please contact Sales for enterprise pricing or to discuss how it can enhance your Tableau deployment.

To access product documentation and learn more,  see the Data Connect for Private Network Data section of Tableau Cloud Help.

 

Go to Source

Author: Sanjeev Verma