For people who have a business glossary for their organization, I have a question regarding user access. We are utilizing IBM InfoSphere product, and I'm curious how other organizations handle the log in process. I'm trying to pursue a "universal" log in, that way not every person has to maintain individual log on credentials (we have a TON of applications here so it can be cumbersome). However, our Privacy & Security office wants everyone to have their own individual log in, which requires supervisor approval. Can anyone chime in on what they do in their organization?
We are not in production yet with Information Governance Catalog (formerly named Business Glossary) and are testing what will work best in our environment.
The IBM InfoSphere software supports multiple types of user registries. We are currently in the process of switching from local operating system accounts to single-sign on with LDAP.
We have also experimented with enabling IGC anonymous access, which disables the login screen and essentially makes the glossary accessible just like any other web site. Here is a link you can review and share with your administrator.
The idea is to make the default access read-only as a Glossary Basic User, then grant Author access/Workflow roles (if you have workflow enabled) to a select few people or small teams.
Another option is to take the same question to your IBM sales rep.
Sheila Embree, CIMP
Hi Jessica. We use the "universal" login feature, which bypasses the formal login process. It is set up as a "look but don't touch" account, which means the user can see everything that has been published, but cannot see anything in process and cannot make any changes. Our administrators, data governance team, and data stewards have individual accounts with their own logins to do the work they need to do behind the scenes.
The one drawback to this approach is there isn't any way (that we have found) to monitor who exactly is using the tool and how often. So it will be difficult to measure adoption.
We use ADFS SAML 2.0 authentication - this enables folks to use the same login they use to login for Active Directory plus we get user stats
Kate Carruthers[All DATAVERSITY Members] @ Sep 28, 2019 - 05:15 PM (Australia/Sydney)