Control Groups

Chuck,

 

Story 1:

Joe an IT manager is looking at his list of control groups.  He has not been with the organization that long as is trying to figure out how control groups are being used.  In Next Generation Tessitura he presses a button when looking at Control Groups and is shown what is going on.  I’m not clear exactly what he is shown.  But he needs to know what people or groups have access to a particular control group.  (He can assign control groups to individuals.) He also needs to know what rights are being added to group by users that get the control group access.  And the cool thing about how the new security system works regarding control groups is that there is one place that an administrator can go to see all this information in a consolidated way.

 

Story 2

Sadie a marketing intern has been asked by her boss to develop a set of marketing lists and extractions containing some sensitive information.  Sadie is good at set theory and does a great job doing the extractions and list building.  However, she can never remember to make sure that control groups are set on the lists.  One day her boss Dave happens to be sitting with Trish a development managers and discovers that Trish is seeing the sensitive data that Sadie has been generating.  Dave hits the roof.  He does not want to fire Sadie because she is doing a great job with the lists and extractions.  Therefore, he goes to the new IT manager Joe and say fix it.  Joe says OK I can make Sadie default Control group for List and extractions be the Control group for the marketing sensitive data control group.  Joe is a hero.  Sadie keeps her job and Dave and Trish can keep their secrets from each other.

 

Non Stories about control groups.

Control groups have to be assigned to groups.  This can cause us to add a new group from many individual users who do not fall into existing rolls.  This leave a large number of groups in the system that were needed at one point to meet a particular set of business needs.  It would be nice to have the ability to assign control groups to users and to groups in the same way attributes can be assigned an many different levels in active directory.

 

That’s all for now.

 

--Tom

 

 

Be warned:  As we ramp up Next Generation Project planning and development, we’ll be coming to the community for more and more feedback and advice.  This is one of the easiest ways in which you can shape the future of your software—if you have thoughts on a particular topic and the time to respond, join the discussion.

Andrew asked some questions last week on Postal Addresses; I’m here to ask about Control Groups. 
Control Groups have an interesting history in Tessitura.  Implemented originally in v3.2, they were an attempt to solve the problem of how to limit the visibility of certain parts of the data.  For example, how can I let a user see some contributions, but not all contributions?  What started as a test of the concept (Attributes was the first entity to get Control Groups) has grown in Tessitura to cover almost all aspects of the application and has been quite successful.

We’ve been mulling over how to deal with Control Groups in the new software and have sort of come down on the side of keeping them more or less like they are now--tied to user groups and then tied to certain entities in the database.  If we were only doing a service layer on the data, then we might implement the data filtering in the service itself.  But we are also planning on having a separate reporting database that is available for reporting, analysis, list building, etc. and this reporting database can be accessed by any number of outside applications and data access methods.   For this reason filtering the data in the database itself (as we do now) seems to make sense to us.

But this is not a totally settled decision and here is where we need your feedback.  So it’s basically the same questions again on a new topic:

What are some challenges that you have surrounding Control Groups today?
Do you know of future business needs that could impact Control Group use in the future?
What do you like about Control Groups functionality in existing Tessitura? 
What would you like to see changed/improved about Control Group functionality?

You were sent this message automatically by www.tessituranetwork.com because you subscribed to the Tessitura Next Generation forum email notifications. You may reply to this message or visit the site to reply to the post above. If replying via email, please consider deleting the previous message text before sending to help with readability on the site. Thank you!

Three  quick comments before lunch

Control Groups as a way to achieve record-level security are fabulous – subtle, flexible, and powerful. My main change would be to have them on almost everything. (And Tom’s story about Joe’s need for a useful toolset to look at the current setup in)

 

I like the idea of being able to add control groups to individuals…BUUT… I really, really, really like the ability in current Tess to logon as  a specific User Group, and get only that User Group’s permissions and access. It’s extremely handy for checking security. I’d be very sorry to lose that ability, so I guess if we can allocate control groups at individual level, we might also need to be able to impersonate a specific user, rather than just a specific User Group, when we log on to check that we’ve set the right security option.

 

And a usability thing -  our users currently get a bit confused about ‘Control Group’ vs ‘User Group’.  We’re always getting requests for one when they mean the other. I think the main reason for that is that they’re  called Control GROUPS, which makes people think that it’s something to belong to, rather than a tag for a particular set of data. While we’re rebuilding fundamentals, maybe they could be rechristened ‘Control Sets’, or something that makes it clearer how it works.

 

 

 

 

Chuck,

 

Story 1:

Joe an IT manager is looking at his list of control groups.  He has not been with the organization that long as is trying to figure out how control groups are being used.  In Next Generation Tessitura he presses a button when looking at Control Groups and is shown what is going on.  I’m not clear exactly what he is shown.  But he needs to know what people or groups have access to a particular control group.  (He can assign control groups to individuals.) He also needs to know what rights are being added to group by users that get the control group access.  And the cool thing about how the new security system works regarding control groups is that there is one place that an administrator can go to see all this information in a consolidated way.

 

Story 2

Sadie a marketing intern has been asked by her boss to develop a set of marketing lists and extractions containing some sensitive information.  Sadie is good at set theory and does a great job doing the extractions and list building.  However, she can never remember to make sure that control groups are set on the lists.  One day her boss Dave happens to be sitting with Trish a development managers and discovers that Trish is seeing the sensitive data that Sadie has been generating.  Dave hits the roof.  He does not want to fire Sadie because she is doing a great job with the lists and extractions.  Therefore, he goes to the new IT manager Joe and say fix it.  Joe says OK I can make Sadie default Control group for List and extractions be the Control group for the marketing sensitive data control group.  Joe is a hero.  Sadie keeps her job and Dave and Trish can keep their secrets from each other.

 

Non Stories about control groups.

Control groups have to be assigned to groups.  This can cause us to add a new group from many individual users who do not fall into existing rolls.  This leave a large number of groups in the system that were needed at one point to meet a particular set of business needs.  It would be nice to have the ability to assign control groups to users and to groups in the same way attributes can be assigned an many different levels in active directory.

 

That’s all for now.

 

--Tom

 

 

Be warned:  As we ramp up Next Generation Project planning and development, we’ll be coming to the community for more and more feedback and advice.  This is one of the easiest ways in which you can shape the future of your software—if you have thoughts on a particular topic and the time to respond, join the discussion.

Andrew asked some questions last week on Postal Addresses; I’m here to ask about Control Groups. 
Control Groups have an interesting history in Tessitura.  Implemented originally in v3.2, they were an attempt to solve the problem of how to limit the visibility of certain parts of the data.  For example, how can I let a user see some contributions, but not all contributions?  What started as a test of the concept (Attributes was the first entity to get Control Groups) has grown in Tessitura to cover almost all aspects of the application and has been quite successful.

We’ve been mulling over how to deal with Control Groups in the new software and have sort of come down on the side of keeping them more or less like they are now--tied to user groups and then tied to certain entities in the database.  If we were only doing a service layer on the data, then we might implement the data filtering in the service itself.  But we are also planning on having a separate reporting database that is available for reporting, analysis, list building, etc. and this reporting database can be accessed by any number of outside applications and data access methods.   For this reason filtering the data in the database itself (as we do now) seems to make sense to us.

But this is not a totally settled decision and here is where we need your feedback.  So it’s basically the same questions again on a new topic:

What are some challenges that you have surrounding Control Groups today?
Do you know of future business needs that could impact Control Group use in the future?
What do you like about Control Groups functionality in existing Tessitura? 
What would you like to see changed/improved about Control Group functionality?

You were sent this message automatically by www.tessituranetwork.com because you subscribed to the Tessitura Next Generation forum email notifications. You may reply to this message or visit the site to reply to the post above. If replying via email, please consider deleting the previous message text before sending to help with readability on the site. Thank you!

You were sent this message automatically by www.tessituranetwork.com because you subscribed to the Tessitura Next Generation forum email notifications. You may reply to this message or visit the site to reply to the post above. If replying via email, please consider deleting the previous message text before sending to help with readability on the site. Thank you!

Please consider the environment before printing this email.
=====This message is intended for the addressee(s) named and may contain confidential information.
If you are not the intended recipient, please delete it and notify the sender.
Views expressed in this email are those of the individual sender and are not necessarily the views of the Sydney Opera House Trust=====

Three  quick comments before lunch

Control Groups as a way to achieve record-level security are fabulous – subtle, flexible, and powerful. My main change would be to have them on almost everything. (And Tom’s story about Joe’s need for a useful toolset to look at the current setup in)

 

I like the idea of being able to add control groups to individuals…BUUT… I really, really, really like the ability in current Tess to logon as  a specific User Group, and get only that User Group’s permissions and access. It’s extremely handy for checking security. I’d be very sorry to lose that ability, so I guess if we can allocate control groups at individual level, we might also need to be able to impersonate a specific user, rather than just a specific User Group, when we log on to check that we’ve set the right security option.

 

And a usability thing -  our users currently get a bit confused about ‘Control Group’ vs ‘User Group’.  We’re always getting requests for one when they mean the other. I think the main reason for that is that they’re  called Control GROUPS, which makes people think that it’s something to belong to, rather than a tag for a particular set of data. While we’re rebuilding fundamentals, maybe they could be rechristened ‘Control Sets’, or something that makes it clearer how it works.

 

 

 

 

Chuck,

 

Story 1:

Joe an IT manager is looking at his list of control groups.  He has not been with the organization that long as is trying to figure out how control groups are being used.  In Next Generation Tessitura he presses a button when looking at Control Groups and is shown what is going on.  I’m not clear exactly what he is shown.  But he needs to know what people or groups have access to a particular control group.  (He can assign control groups to individuals.) He also needs to know what rights are being added to group by users that get the control group access.  And the cool thing about how the new security system works regarding control groups is that there is one place that an administrator can go to see all this information in a consolidated way.

 

Story 2

Sadie a marketing intern has been asked by her boss to develop a set of marketing lists and extractions containing some sensitive information.  Sadie is good at set theory and does a great job doing the extractions and list building.  However, she can never remember to make sure that control groups are set on the lists.  One day her boss Dave happens to be sitting with Trish a development managers and discovers that Trish is seeing the sensitive data that Sadie has been generating.  Dave hits the roof.  He does not want to fire Sadie because she is doing a great job with the lists and extractions.  Therefore, he goes to the new IT manager Joe and say fix it.  Joe says OK I can make Sadie default Control group for List and extractions be the Control group for the marketing sensitive data control group.  Joe is a hero.  Sadie keeps her job and Dave and Trish can keep their secrets from each other.

 

Non Stories about control groups.

Control groups have to be assigned to groups.  This can cause us to add a new group from many individual users who do not fall into existing rolls.  This leave a large number of groups in the system that were needed at one point to meet a particular set of business needs.  It would be nice to have the ability to assign control groups to users and to groups in the same way attributes can be assigned an many different levels in active directory.

 

That’s all for now.

 

--Tom

 

 

Be warned:  As we ramp up Next Generation Project planning and development, we’ll be coming to the community for more and more feedback and advice.  This is one of the easiest ways in which you can shape the future of your software—if you have thoughts on a particular topic and the time to respond, join the discussion.

Andrew asked some questions last week on Postal Addresses; I’m here to ask about Control Groups. 
Control Groups have an interesting history in Tessitura.  Implemented originally in v3.2, they were an attempt to solve the problem of how to limit the visibility of certain parts of the data.  For example, how can I let a user see some contributions, but not all contributions?  What started as a test of the concept (Attributes was the first entity to get Control Groups) has grown in Tessitura to cover almost all aspects of the application and has been quite successful.

We’ve been mulling over how to deal with Control Groups in the new software and have sort of come down on the side of keeping them more or less like they are now--tied to user groups and then tied to certain entities in the database.  If we were only doing a service layer on the data, then we might implement the data filtering in the service itself.  But we are also planning on having a separate reporting database that is available for reporting, analysis, list building, etc. and this reporting database can be accessed by any number of outside applications and data access methods.   For this reason filtering the data in the database itself (as we do now) seems to make sense to us.

But this is not a totally settled decision and here is where we need your feedback.  So it’s basically the same questions again on a new topic:

What are some challenges that you have surrounding Control Groups today?
Do you know of future business needs that could impact Control Group use in the future?
What do you like about Control Groups functionality in existing Tessitura? 
What would you like to see changed/improved about Control Group functionality?

You were sent this message automatically by www.tessituranetwork.com because you subscribed to the Tessitura Next Generation forum email notifications. You may reply to this message or visit the site to reply to the post above. If replying via email, please consider deleting the previous message text before sending to help with readability on the site. Thank you!

You were sent this message automatically by www.tessituranetwork.com because you subscribed to the Tessitura Next Generation forum email notifications. You may reply to this message or visit the site to reply to the post above. If replying via email, please consider deleting the previous message text before sending to help with readability on the site. Thank you!

Please consider the environment before printing this email.
=====This message is intended for the addressee(s) named and may contain confidential information.
If you are not the intended recipient, please delete it and notify the sender.
Views expressed in this email are those of the individual sender and are not necessarily the views of the Sydney Opera House Trust=====