Trio Sharing Service Technical Overview
Sharing Capabilities of Trio: Background
Trio v8.5 and above allow simple ‘read-only’ sharing of reports and dashboards either as one-off items or with the automation of scheduling. These are sent as special ‘sharing links’ which contain a unique code for the report to be shared and will return a web page that cannot be changed, but is interactive.
‘Real-World’ Issues Customers may Experience
The sharing page is designed to be accessed by anyone who has network access to the Trio system, but in practice for many organisations this can be challenging for some users to meet depending on how the system is configured and hosted.
- Some people or groups have not historically had network access to Trio due to network partitioning for load or security reasons
- Other countries or regions may not have network access to Trio
- Adding users requires a Change Request which can take time to process and is frustrating/error-prone
- VPN solutions can be clumsy and/or suffer from same network firewall problems
- Cannot access when out of office/travelling/on client site
- External recipients are often excluded altogether as persons outside the network (i.e. from the internet) do not have access to Trio service
Solving the Network Problems – Trio Sharing Service
The Trio Sharing Service is designed to resolve the common issues described above and allow safe sharing to anyone you care to share with without network configuration issues traditionally associated with managing this.
It permits the access to Trio via a common Triometric-hosted gateway that ensures only sharing pages can be accessed. No data is stored by this proxy service – requests are simply validated and forwarded for further processing by the Trio server in the normal way.
In the same way as current sharing, so long as the owner possess a valid sharing link they will be able to view the shared page (but not access Trio). Note that link timeouts (max 30 days) still apply as normal.
Business Benefits of Trio Sharing Service
The Sharing Service has significant benefits to two distinct groups:
- Share with internal groups – Share with internal groups that do not normally have access to Trio. No need to reconfigure firewalls each time a new user requires access (no more Change Requests!)
- Share with suppliers, clients and other external parties – want to send a partner their performance data? Just create the report and them the share link (or schedule it!)
How does it work?
- Sharing links are now pointed to a common internet service hosted by Triometric (so all link now start with https://trio-sharing.com/…)
- The sharing service examines the request to determine which customer it is for and forwards it appropriately (or drops it if malformed or otherwise breaks security rules)
- The request is validated and processed by the local Trio server in the normal way, and returns the page if valid
- The sharing server routes the returned page back to the original requester
The effect of all this is that the Trio server only ever ‘talks’ to the sharing server, so the customer firewall only needs to be opened to a single, trusted place (IP address). The sharing server also masks the Trio servers and provides an additional layer of security protection for them.
What do I need to do as an organisation/Trio system owner?
These are the technical requirements for the service, most of which Triometric will handle – but likely come down to a single change to your external firewall(s):
- Allow inbound access from the Trio Sharing Service (a fixed IP address in AWS) on port 443 (i.e. HTTPS) to your Trio Reporter server (this may be a local server or cloud server). This may be NAT’d if desired.
- Your Trio server must use HTTPS (it may already be configured to do this – if not we will do this for you).
- Your Trio system will need to be v8.7 or higher with the sharing mode switched to use the Sharing Service – our support team will do this for you, and if necessary, we will arrange an upgrade time free of charge within your normal support agreement.
What does it cost?
The service is included in the existing service fees for all current subscribers.
Does it work with both physical and cloud installations?
Yes, the service works equally well with either physical or cloud installations. Cloud installations can benefit very much from removal of the network overhead and removal of the need to expose the Trio web server directly to the internet (i.e. it provides a secure buffer).
Can I access the Trio system pages other than shared pages?
No – only shared pages can be accessed via this system. It is not possible to access other types of Trio functions.
What security protection is there on the service?
The service is protected in the following ways:
- Firewall, alerting and intrusion detection systems run on the system.
- No user data is ever stored on the system.
- The system uses HTTPS on both sides of the connection to ensure data is always encrypted end to end.
- Bandwidth and connection attempts are limited to prevent any potential abuse.
Are there any end-user requirements to use the service?
The end user of the sharing link requires normal internet access and a standard browser that meets Trio’s normal requirements. There are no other requirements beyond this.
Ready to take advantage of the Trio report sharing service? Ugrade your system to Trio version 8.7 today.
Also Recommended (and new)
Share reports or entire dashboards with colleagues or departments – without the need to be logged in. Read more