12.5. Securing the Data
Now that we've done the basics, we come to the most interesting part of the security plan: securing the data while making it available for users to query.
12.5.1. Providing Open Access for Internal Users
We strongly encourage you to develop a data access policy that is fairly open for corporate users. The best approach is to start from the position that all data should be available to internal users; any exceptions should be justified.
We've worked with organizations that approach the problem from the other direction. Even internally, these folks' natural reaction is to make data available only on a "need to know" basis. They say that the sales manager in one region cannot see sales numbers for other regions. The problem with this mindset should be obvious: A sales manager can't assess her region's performance outside the context of the rest of the company. She may think a 10 percent growth in sales is a great number, until she realizes that all other regions saw 15 percent. The more information you hide, the less valuable your DW/BI system is going to be.
UNEXPECTED VALUE OF OPEN ACCESSOne of our clients had an enlightened data access policy—or perhaps, as a tech startup, they hadn't gotten around to drafting a more restrictive policy. At any rate, they experienced the power of open access. A Customer Care agent—a kid out of high school—was poking around the data and uncovered a trend. A certain kind of trouble ticket was associated with a specific ... |
Get The Microsoft® Data Warehouse Toolkit: With SQL Server™ 2005 and the Microsoft® Business Intelligence Toolset now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
