• Replies 29 replies
  • Subscribers 360 subscribers
  • Views 160 views
  • Users 0 members are here
Related

Constituency Based Security

Chuck Reif
$organization

When we originally designed and wrote Tessitura, there were some pieces of functionality that made their way into the system that I never really thought were fully formed or thought out.  As a result these features tend to get very little use or confuse many users.

One such feature is constituency-based security.  This feature allows you to define rights to one or more constituent functions (i.e. editing addresses) based on the highest ranking constituency of that constituent.

Development stories concerning constituencies are starting to come into view and we need to explore whether this security paradigm is worth continuing.

In my opinion, the whole idea of constituency-based security loses a bit of its shine as soon as you realize that it's all based on the highest ranking constituency only.  In addition, the concept was put in place well before Control Groups was ever thought of and we might have thought twice about it if Control Groups were in the original plan.  It's not that Control Group functionality replaces constituency-based security, but rather that sometimes you have to step back and wonder whether there aren't too many layers of complexity.  Especially if one of those layers is not often used--a survey of Network implementation consultants seemed to show that very few sites ever implement this functionality, at least initially.

Another factor prompting this thread is that several times our internal discussion on on how we might better use constituencies going forward has been hampered when someone says "yeah, but don't forget about constituencies and security".

We've tried to model out what would happen if we changed the model so that security could be based on "any" constituency instead of "highest ranking" constituency.  But that always creates problems.  What if a constituent has both constituency 1 and constituency 2.  Constituency 1 says they're allowed to edit addresses and constituency 2 says that they are not.  What to do then?

So some help here, please.  How many sites use this functionality now and how passionate about it are you?

As always, thanks in advance for the feedback!

Parents
  • $organization
    At the Met, it is very important that a user group owns the ability to change Name/Address information.  In death and divorce, renewing subscription ownership decisions are left up to a few staff members and this prevents an inbound rep from changing such without proper channels being notified.  Also in the instance of high level donors, the address information is thoughtfully maintained using this feature.  These constituents are maintained by our major gift/patron departments.  This means though most met staff can view an address, they all cannot change them.  But I will say that it has been a bit cumbersome to maintain and get a true picture of a user's rights.  There is room for revision/improvement here as long as there is the ability for a select group of staff to control revisions on particular records.
     
Reply
  • $organization
    At the Met, it is very important that a user group owns the ability to change Name/Address information.  In death and divorce, renewing subscription ownership decisions are left up to a few staff members and this prevents an inbound rep from changing such without proper channels being notified.  Also in the instance of high level donors, the address information is thoughtfully maintained using this feature.  These constituents are maintained by our major gift/patron departments.  This means though most met staff can view an address, they all cannot change them.  But I will say that it has been a bit cumbersome to maintain and get a true picture of a user's rights.  There is room for revision/improvement here as long as there is the ability for a select group of staff to control revisions on particular records.
     
Children
  • $organization in reply to Julie Carmody (Past Member)
    At Florida Grand Opera, we have used security by constituency since we started with Tessitura. There are four constituencies that can affect who can do what to accounts: two of them refer to different major donor groups; one to members of our board; and one artists. Certain user groups have view but not edit rights to many parts of these constituent records. Here are two examples:

    Our telemarketing reps made calls from lists created for them via extraction. They kept all ticketing call notes in CSI's and telefunding notes in a special solicitation. They could also add attributes (so that they could, for instance, mark a patron as Spanish-speaking--important in Miami). They could see the General tab, Names tab, Addresses tab, ticket and subscription history, and contribution history for anyone who would be pulled on a list for them. A particular rep sold a particular patron a good subscription order that came in with a contribution that, when the membership was applied, gave this patron a constituency that automatically (in a scheduled procedure) set the "No Telemarketing" phone restriction. This phone setting in turn generated a constituency of "No Telemarketing" (another scheduled procedure), which meant that the rep could no longer see any screens in the record except the CSI screen (allowing him to see his own notes, if there was something he needed to follow up on).

    Certain high-ranking managers, over time, have not had the computer skills to be trusted with a keyboard, much less the ability to edit anything in Tessitura. For them, we have a user group that allows full access to the screens they need for information, but they can't hurt anything. They can build new accounts and add research notes, but once constituencies are applied, addresses are uneditable.

    Lucie
    ================================
    Lucie Spieler
    IT Development and Training Manager
    Editor, Season Program
    Florida Grand Opera
    ---------------------------
    8390 NW 25th Street
    Miami, FL 33122-1504

    305-854-1643 x.1521 phone
    305-856-1042 fax
    800-741-1010 ticket office
    lspieler@fgo.org
    www.fgo.org

    P please don't print this e-mail unless you really need to.

    ________________________________

    From: Tessitura Next Generation Forum on behalf of Julie Carmody
    Sent: Thu 2/18/2010 8:42 PM
    To: Lucie Spieler
    Subject: Re: [Tessitura Next Generation Forum] Constituency Based Security


    At the Met, it is very important that a user group owns the ability to change Name/Address information. In death and divorce, renewing subscription ownership decisions are left up to a few staff members and this prevents an inbound rep from changing such without proper channels being notified. Also in the instance of high level donors, the address information is thoughtfully maintained using this feature. These constituents are maintained by our major gift/patron departments. This means though most met staff can view an address, they all cannot change them. But I will say that it has been a bit cumbersome to maintain and get a true picture of a user's rights. There is room for revision/improvement here as long as there is the ability for a select group of staff to control revisions on particular records.


    From: Chuck Reif
    Sent: 2/18/2010 1:37:18 PM


    When we originally designed and wrote Tessitura, there were some pieces of functionality that made their way into the system that I never really thought were fully formed or thought out. As a result these features tend to get very little use or confuse many users.

    One such feature is constituency-based security. This feature allows you to define rights to one or more constituent functions (i.e. editing addresses) based on the highest ranking constituency of that constituent.

    Development stories concerning constituencies are starting to come into view and we need to explore whether this security paradigm is worth continuing.

    In my opinion, the whole idea of constituency-based security loses a bit of its shine as soon as you realize that it's all based on the highest ranking constituency only. In addition, the concept was put in place well before Control Groups was ever thought of and we might have thought twice about it if Control Groups were in the original plan. It's not that Control Group functionality replaces constituency-based security, but rather that sometimes you have to step back and wonder whether there aren't too many layers of complexity. Especially if one of those layers is not often used--a survey of Network implementation consultants seemed to show that very few sites ever implement this functionality, at least initially.

    Another factor prompting this thread is that several times our internal discussion on on how we might better use constituencies going forward has been hampered when someone says "yeah, but don't forget about constituencies and security".

    We've tried to model out what would happen if we changed the model so that security could be based on "any" constituency instead of "highest ranking" constituency. But that always creates problems. What if a constituent has both constituency 1 and constituency 2. Constituency 1 says they're allowed to edit addresses and constituency 2 says that they are not. What to do then?

    So some help here, please. How many sites use this functionality now and how passionate about it are you?

    As always, thanks in advance for the feedback!




    You were sent this message automatically by www.tessituranetwork.com because you subscribed to the Tessitura Next Generation forum email notifications. You may reply to this message or visit the site to reply to the post above. If replying via email, please consider deleting the previous message text before sending to help with readability on the site. Thank you!
  • $organization in reply to Lucie Spieler
    Thank you for starting my Friday with a chuckle -- "certain high-ranking managers" are with us all.

    -----Original Message-----
    From: Tessitura Next Generation Forum [mailto:forums-nextgeneration@tessituranetwork.com] On Behalf Of Lucie Spieler
    Sent: Friday, February 19, 2010 12:26 AM
    To: McKinley, Leslie
    Subject: RE: [Tessitura Next Generation Forum] Constituency Based Security

    At Florida Grand Opera, we have used security by constituency since we started with Tessitura. There are four constituencies that can affect who can do what to accounts: two of them refer to different major donor groups; one to members of our board; and one artists. Certain user groups have view but not edit rights to many parts of these constituent records. Here are two examples:

    Our telemarketing reps made calls from lists created for them via extraction. They kept all ticketing call notes in CSI's and telefunding notes in a special solicitation. They could also add attributes (so that they could, for instance, mark a patron as Spanish-speaking--important in Miami). They could see the General tab, Names tab, Addresses tab, ticket and subscription history, and contribution history for anyone who would be pulled on a list for them. A particular rep sold a particular patron a good subscription order that came in with a contribution that, when the membership was applied, gave this patron a constituency that automatically (in a scheduled procedure) set the "No Telemarketing" phone restriction. This phone setting in turn generated a constituency of "No Telemarketing" (another scheduled procedure), which meant that the rep could no longer see any screens in the record except the CSI screen (allowing him to see his own notes, if there was something he needed to follow up on).

    Certain high-ranking managers, over time, have not had the computer skills to be trusted with a keyboard, much less the ability to edit anything in Tessitura. For them, we have a user group that allows full access to the screens they need for information, but they can't hurt anything. They can build new accounts and add research notes, but once constituencies are applied, addresses are uneditable.

    Lucie
    ================================
    Lucie Spieler
    IT Development and Training Manager
    Editor, Season Program
    Florida Grand Opera
    ---------------------------
    8390 NW 25th Street
    Miami, FL 33122-1504

    305-854-1643 x.1521 phone
    305-856-1042 fax
    800-741-1010 ticket office
    lspieler@fgo.org
    www.fgo.org

    P please don't print this e-mail unless you really need to.

    ________________________________

    From: Tessitura Next Generation Forum on behalf of Julie Carmody
    Sent: Thu 2/18/2010 8:42 PM
    To: Lucie Spieler
    Subject: Re: [Tessitura Next Generation Forum] Constituency Based Security


    At the Met, it is very important that a user group owns the ability to change Name/Address information. In death and divorce, renewing subscription ownership decisions are left up to a few staff members and this prevents an inbound rep from changing such without proper channels being notified. Also in the instance of high level donors, the address information is thoughtfully maintained using this feature. These constituents are maintained by our major gift/patron departments. This means though most met staff can view an address, they all cannot change them. But I will say that it has been a bit cumbersome to maintain and get a true picture of a user's rights. There is room for revision/improvement here as long as there is the ability for a select group of staff to control revisions on particular records.


    From: Chuck Reif
    Sent: 2/18/2010 1:37:18 PM


    When we originally designed and wrote Tessitura, there were some pieces of functionality that made their way into the system that I never really thought were fully formed or thought out. As a result these features tend to get very little use or confuse many users.

    One such feature is constituency-based security. This feature allows you to define rights to one or more constituent functions (i.e. editing addresses) based on the highest ranking constituency of that constituent.

    Development stories concerning constituencies are starting to come into view and we need to explore whether this security paradigm is worth continuing.

    In my opinion, the whole idea of constituency-based security loses a bit of its shine as soon as you realize that it's all based on the highest ranking constituency only. In addition, the concept was put in place well before Control Groups was ever thought of and we might have thought twice about it if Control Groups were in the original plan. It's not that Control Group functionality replaces constituency-based security, but rather that sometimes you have to step back and wonder whether there aren't too many layers of complexity. Especially if one of those layers is not often used--a survey of Network implementation consultants seemed to show that very few sites ever implement this functionality, at least initially.

    Another factor prompting this thread is that several times our internal discussion on on how we might better use constituencies going forward has been hampered when someone says "yeah, but don't forget about constituencies and security".

    We've tried to model out what would happen if we changed the model so that security could be based on "any" constituency instead of "highest ranking" constituency. But that always creates problems. What if a constituent has both constituency 1 and constituency 2. Constituency 1 says they're allowed to edit addresses and constituency 2 says that they are not. What to do then?

    So some help here, please. How many sites use this functionality now and how passionate about it are you?

    As always, thanks in advance for the feedback!




    You were sent this message automatically by www.tessituranetwork.com because you subscribed to the Tessitura Next Generation forum email notifications. You may reply to this message or visit the site to reply to the post above. If replying via email, please consider deleting the previous message text before sending to help with readability on the site. Thank you!


    You were sent this message automatically by www.tessituranetwork.com because you subscribed to the Tessitura Next Generation forum email notifications. You may reply to this message or visit the site to reply to the post above. If replying via email, please consider deleting the previous message text before sending to help with readability on the site. Thank you!
  • $organization in reply to Julie Carmody (Past Member)

    We us this feature very little.  It is only used regarding who has access to change high level donors in our patron services department.

     

    --Tom

     

    From: Tessitura Next Generation Forum [mailto:forums-nextgeneration@tessituranetwork.com] On Behalf Of Julie Carmody
    Sent: Thursday, February 18, 2010 8:42 PM
    To: Thomas Brown
    Subject: Re: [Tessitura Next Generation Forum] Constituency Based Security

     

    At the Met, it is very important that a user group owns the ability to change Name/Address information.  In death and divorce, renewing subscription ownership decisions are left up to a few staff members and this prevents an inbound rep from changing such without proper channels being notified.  Also in the instance of high level donors, the address information is thoughtfully maintained using this feature.  These constituents are maintained by our major gift/patron departments.  This means though most met staff can view an address, they all cannot change them.  But I will say that it has been a bit cumbersome to maintain and get a true picture of a user's rights.  There is room for revision/improvement here as long as there is the ability for a select group of staff to control revisions on particular records.

     

    From: Chuck Reif <bounce-chuckreif3941@tessituranetwork.com>
    Sent: 2/18/2010 1:37:18 PM

    When we originally designed and wrote Tessitura, there were some pieces of functionality that made their way into the system that I never really thought were fully formed or thought out.  As a result these features tend to get very little use or confuse many users.

    One such feature is constituency-based security.  This feature allows you to define rights to one or more constituent functions (i.e. editing addresses) based on the highest ranking constituency of that constituent.

    Development stories concerning constituencies are starting to come into view and we need to explore whether this security paradigm is worth continuing.

    In my opinion, the whole idea of constituency-based security loses a bit of its shine as soon as you realize that it's all based on the highest ranking constituency only.  In addition, the concept was put in place well before Control Groups was ever thought of and we might have thought twice about it if Control Groups were in the original plan.  It's not that Control Group functionality replaces constituency-based security, but rather that sometimes you have to step back and wonder whether there aren't too many layers of complexity.  Especially if one of those layers is not often used--a survey of Network implementation consultants seemed to show that very few sites ever implement this functionality, at least initially.

    Another factor prompting this thread is that several times our internal discussion on on how we might better use constituencies going forward has been hampered when someone says "yeah, but don't forget about constituencies and security".

    We've tried to model out what would happen if we changed the model so that security could be based on "any" constituency instead of "highest ranking" constituency.  But that always creates problems.  What if a constituent has both constituency 1 and constituency 2.  Constituency 1 says they're allowed to edit addresses and constituency 2 says that they are not.  What to do then?

    So some help here, please.  How many sites use this functionality now and how passionate about it are you?

    As always, thanks in advance for the feedback!




    You were sent this message automatically by www.tessituranetwork.com because you subscribed to the Tessitura Next Generation forum email notifications. You may reply to this message or visit the site to reply to the post above. If replying via email, please consider deleting the previous message text before sending to help with readability on the site. Thank you!