"[Users] may have [sensitive] data on their PC in a spreadsheet, Access database or on an unprotected/shared workgroup server," Hostmann said. "It's often the company's most sensitive data, too."

Michael Hader, director of IT at Odom's Tennessee Pride Sausage Inc., said his company is tackling BI security at the desktop log-in function and with a tool that limits the changes that users can make to spreadsheets.

The Madison, Tenn.-based company uses Microsoft's Active Directory to ensure the security of its BI reports and spreadsheets. It is building portals, customized for partners and customers, that use directory services to determine which reports or spreadsheets can be accessed by specific external users. The portal was built using BI tools from Actuate Corp. in South San Francisco, Calif.

"Unless the report exists in their Actuate portal, they won't even know it exists, period," Hader said. "We even deploy spreadsheets in that manner -- that can be our first line of defense on a spreadsheet."

Preventing access