Home
TeamSite
Security Model
rwinterpacht
I'm curious to know what kind of security model some organizations have out there to manage >100 users with hundreds of category/data-types.
How many groups do you have defined for the content? Is there a group associated with each business group? How granular is security established on assets? Branch level? Workarea? Category level?
We're going back and forth on how to establish a good security model, which also needs to have a respective process in place for publishing (which is basically the approval for production.)
Hopefully it doesn't sound too vague, and it's not exactly developer-specific, but that's why it's in CM forum.
Thanks!
Raf Winterpacht
Find more posts tagged with
Comments
Migrateduser
My first TS implementation I did define groups for each business group. This allowed a reasonable degree of separation of content through directories having read & execute permissions for only owner and group (750). Though I wouldn't call it great security - I doubt anybody tried to breach it.
When the CEO started doing things he didn't want me or my assistant to be able know about, he asked me to provide a mechanism to further secure his documents. For that I sent him PGP (IIRC since taken over by Net.Assoc.); so he could encrypt his work in place, and e-mail either links or the document to whoever he included in the public keys for the encryption.
