When we originally designed and wrote Tessitura, there were some pieces of functionality that made their way into the system that I never really thought were fully formed or thought out. As a result these features tend to get very little use or confuse many users.
One such feature is constituency-based security. This feature allows you to define rights to one or more constituent functions (i.e. editing addresses) based on the highest ranking constituency of that constituent.
Development stories concerning constituencies are starting to come into view and we need to explore whether this security paradigm is worth continuing.
In my opinion, the whole idea of constituency-based security loses a bit of its shine as soon as you realize that it's all based on the highest ranking constituency only. In addition, the concept was put in place well before Control Groups was ever thought of and we might have thought twice about it if Control Groups were in the original plan. It's not that Control Group functionality replaces constituency-based security, but rather that sometimes you have to step back and wonder whether there aren't too many layers of complexity. Especially if one of those layers is not often used--a survey of Network implementation consultants seemed to show that very few sites ever implement this functionality, at least initially.
Another factor prompting this thread is that several times our internal discussion on on how we might better use constituencies going forward has been hampered when someone says "yeah, but don't forget about constituencies and security".
We've tried to model out what would happen if we changed the model so that security could be based on "any" constituency instead of "highest ranking" constituency. But that always creates problems. What if a constituent has both constituency 1 and constituency 2. Constituency 1 says they're allowed to edit addresses and constituency 2 says that they are not. What to do then?
So some help here, please. How many sites use this functionality now and how passionate about it are you?
As always, thanks in advance for the feedback!
Andrew - We use it to restrict order processing in organization records. On the consortium level, it was decided that orders would only go into Organizational Contact records and not the organization records themselves. So to prevent orders from going into those types of records, we created a consortium wide constituency and for that constituency removed A/D/E/V rights to Ticketing Orders Module for all the organization ticketing groups.
_________________________________
Rebecca Harriman
Tessitura Operations Pittsburgh Consortium
412.325.2230
harriman@pgharts.org
From: Tessitura Next Generation Forum [mailto:forums-nextgeneration@tessituranetwork.com] On Behalf Of Andrew Recinos Sent: Thursday, February 18, 2010 6:37 PM To: Harriman, Rebecca Subject: Re: [Tessitura Next Generation Forum] RE: Constituency Based Security
Hi Rebecca,
Can you elaborate on how you use it, what specific business need are you satisfying by using Constituency based Security?
Thanks!
Andrew
From: Rebecca Harriman <bounce-rebeccaharriman7413@tessituranetwork.com> Sent: 2/18/2010 5:21:20 PM
Chuck – We do use it here in Pittsburgh on the consortium level and have found it very useful.
When we first looked at using it, we found it frustrating that it was based by the highest ranking constituency. We had to do a bit of finagling for the consortium wide constituency to be sure it would have the highest rank. So far it’s worked very well, but we’ve kept it relatively simple. Without ranking, I would think some other rule would need to be in place, but wonder if that would make it more complicated.
From: Tessitura Next Generation Forum [mailto:forums-nextgeneration@tessituranetwork.com] On Behalf Of Chuck Reif Sent: Thursday, February 18, 2010 2:42 PM To: Harriman, Rebecca Subject: [Tessitura Next Generation Forum] Constituency Based Security
You were sent this message automatically by www.tessituranetwork.com because you subscribed to the Tessitura Next Generation forum email notifications. You may reply to this message or visit the site to reply to the post above. If replying via email, please consider deleting the previous message text before sending to help with readability on the site. Thank you!
We use it in our consortium to make certain records read only for specific staff members. So, for example, if a customer is on the leadership council of one of our consortium members, staff members at other organizations would not be able to update his or her address directly.
Although it is in use here, I don't think that we are particularly attached to the constituency security functionality as it exists today, especially given its limitations. More important for us is the general ability to limit which users (by user group or control group or some other mechanism) can take specific actions on a given account, based on some piece of information that is specific to the customer.
We have just started to use constituency-based security. I was recently asked by our Director of Development to restrict the viewing of staff contribution records to a few select senior Finance and Development staff members. User group security restricts the Contributions tab from a number of groups. However since the contributions tab is accessible by all development user groups that share other development control group securities and we want to restrict access to staff contributions to just a couple of the user groups I have set up restrictions such that any contributions tab in a record with the STA constituency is accessible only by the two selected user groups.
So thanks for all the great feedback. Using Duane's comment as an example, is STA your highest ranking constituency? If not how will you deal with the fact that a constituent with an STA constituency might also have a higher ranking one, say VIP?
Or do those of you that use constituency-based security just accept that as a limitation and deal with it?
We do not use constituency security at McCarter, and while we have considered using it, we don't have a pressing need for it as far as restricting editing or viewing rights goes. We can manage this quite effectively using user groups and/or control groups.
There is one possible application of constituency based security/ranking that I always thought would be cool to implement - build a web application that would allow patrons with specific ranked constituencies access to online ticket inventory allocations available only in certain modes of sale. The idea would be to enable online vip ticketing services.
Hi Chuck,
In Yale's case, I would say we just deal with the limitations. We are trying to manage too many groups and constituencies to have a setup that ensures that the most applicable constituency will always be ranked the highest.
We have communication and notification strategies in place so that if someone does make a change to an important constituent, all of the appropriate staff members are aware of it.
We do use Constituencies for security, but it is very limiting. As already pointed out in many of the replies, you have the issue of only the highest ranking constituency being used to determine security, and of course, you have to make sure that the appropriate constituency is applied to the customer in the first place.
What we would find far more useful is something more logic-based, where we could define rules that automatically apply to customers, and as customers data changes, the correct rules automatically apply. We really need more elements exposed than just constituency for determining permissions.
For instance, the ability to create a rule such as:
Customer is a Subscriber for more than 2 years and a Donor over Level XXX, and has a value of YYY for Attribute ZZZ, then
User Group 1 can edit,
User Group 2 can view-only,
User Group 3 can see name in a list but no other details.
We us this feature very little. It is only used regarding who has access to change high level donors in our patron services department.
--Tom
From: Tessitura Next Generation Forum [mailto:forums-nextgeneration@tessituranetwork.com] On Behalf Of Julie Carmody Sent: Thursday, February 18, 2010 8:42 PM To: Thomas Brown Subject: Re: [Tessitura Next Generation Forum] Constituency Based Security
At the Met, it is very important that a user group owns the ability to change Name/Address information. In death and divorce, renewing subscription ownership decisions are left up to a few staff members and this prevents an inbound rep from changing such without proper channels being notified. Also in the instance of high level donors, the address information is thoughtfully maintained using this feature. These constituents are maintained by our major gift/patron departments. This means though most met staff can view an address, they all cannot change them. But I will say that it has been a bit cumbersome to maintain and get a true picture of a user's rights. There is room for revision/improvement here as long as there is the ability for a select group of staff to control revisions on particular records.
From: Chuck Reif <bounce-chuckreif3941@tessituranetwork.com> Sent: 2/18/2010 1:37:18 PM
I agree with Charlotte about the potential interests in using Constituent Based Security for Allocations on the web. But we have not tried to do this to date.
From: Tessitura Next Generation Forum [mailto:forums-nextgeneration@tessituranetwork.com] On Behalf Of Charlotte Hussey Sent: Friday, February 19, 2010 1:11 PM To: Thomas Brown Subject: Re: [Tessitura Next Generation Forum] Constituency Based Security
In general, I do see organizations dabbling in security based on constituencies. However, I have really never seen an organization implement it successfully based on the current structure.
To my knowledge, one of the most important requirements (and reasons for use) is that the licensees want to implement limitations on who can edit very important constituents and their account information. The limitations are for those elite few that are “locked down”. The majority of accounts are open to whomever for editing.
My two cents.
Cindy
From: Tessitura Next Generation Forum [mailto:forums-nextgeneration@tessituranetwork.com] On Behalf Of Chuck Reif Sent: Thursday, February 18, 2010 2:42 PM To: Cindy Emig Subject: [Tessitura Next Generation Forum] Constituency Based Security
Thanks for all the feedback.
For those of you that use constituency-based security now, could the business value be achieved if you were able to put restrictions on the constituent as a whole? So instead of saying "this user group can't edit ADDRESSES where the highest ranking constituency is x" you would say "this user group can't edit ANYTHING on a constituent if they have this restriction code"
Obviously this needs to be fleshed out a bit more but in general is something like this worth thinking about some more?
Hi Chuck
We don't use constituency-based security at all. [In fact i still remember a long session in front of a whiteboard in our implementation project office when you talked through all of the Tess security options and convinced us that it wouldn't be useful and we could safely ignore it]
If it was made more flexible as Alan suggests, or even just specific-constituency-based (being able to put a control group on a constituency, for example, which would lock you off from editing anyone with that constituency if you didn't have that control group), I could see it enabling various stories about how we don't want specific constituents being edited at random.
On the other hand, I could also see it enabling turf wars between departments and organisations about "owning" particular constituents, which we're just getting away from, and severely disabling our progress towards the nirvana of one individual-one constituent - If Gina the ticket seller has to sell a ticket to Julie Hotshot-Lawyer and she can't access her constituent record, what's she going to do? Well, obviously, she'll create a new record so she can complete the sale - Hullo... duplicate problem even worse.
And on the third hand, it might be useful to enable locking of specific bits of a constituent record - we have a long-standing enhancement request in to be able to lock off the gen sal for specific constituents - ones with strong preferences for very non-standard salutations, basically, who require eternal vigilance to stop people taking the liberty of switching them back to the standard version.
But that's a much more fine-grained version of constituent security, and going very far down that track probably leads to getting lost forever in the Forest Of Administrative Complexity? Si?
Actually that would not work for our use of this item today, we want the call center/box office or education department to be able to edit to the address or personal information, but not be able to sell a contribution (membership) to the child record. So we need to be able to do one thing but not the other, which in this case this security option works great!
Jeanette Boudjouk
Database Analyst
Science Museum of Minnesota
651-265-9846
jboudjouk@smm.org
Omnifest 2010 brings five giant screen films to the Omnitheater for six short weeks from January 29 through March 11. Members see it free! View this year's films and trailers at www.smm.org/omnifest. The Dead Sea Scrolls: Words That Changed the World exhibition opens March 12. Witness authentic 2,000-year-old manuscripts, including the earliest biblical writings. Spiritually significant. Scientifically stunning. Visit www.smm.org/scrolls.
From: Tessitura Next Generation Forum [mailto:forums-nextgeneration@tessituranetwork.com] On Behalf Of Chuck Reif Sent: Monday, February 22, 2010 2:47 PM To: jboudjouk@smm.org Subject: Re: [Tessitura Next Generation Forum] RE: Constituency Based Security
From: Cindy Emig <bounce-cindyemig9904@tessituranetwork.com> Sent: 2/22/2010 7:43:01 AM
Spam Not spam Forget previous vote
Chuck - I think we could live with your option, we lock down board addresses with constituency security. As long as a others could transact on the account, perhaps add a shipping address, CSI or whatever that would probably work well enough. If these addresses can't be locked down then the various boards start their own official lists they can monitor and control and ignore tess, we don't want to go back to that. We would also want to allocate seats to a group, I'm not sure if we really care if it done by constituency.The constituency issue gets more interesting when the group account structure comes into play. If my spouse is a board member is my address changeable but not hers? What about the address on the joint account? If only she gets access to the prime seats I might be offended since I buy our seats on my account. How would this work?