Any pros and cons between the two?
Currently we have a security setup by limiting what groups have access to the packages via Cognos Connection. The packages in the FM have no security at all b/c they were published before any security was applied. ??? Is this going to be a problem?
Could I somehow make a copy of the existing packages and then set security and publish and delete the old package? Or am I ok w/ just having package security set via access permissions w/in CC?
I do this the same way as you. I find it easier to update the object security in Cognos Connection than to go to FM and need to republish to update security. I know of no negatives to this way.