:06 | Status of the acq-sig-topic stories and a quick update Dennis made to the implementers page | Dennis | - On the Acquisitions/Resource Management Implementers page, there is an update on how Acq SIG topics are tagged.
- Wanted to show how the groups discussions are being used by the development teams. Development teams are looking at this as they have time and need something to help continue to add value to the platform while other things may get blocked for some reason, or if someone has a little free time and need something that can be easily knocked out, this list is being looked at.
|
:13 | Implementers Topic #84 | John Banionis | - Implementers Topic # 84
- Specify credential access at the interface level
- Organizations - Currently, the ability to view interface credentials is all or nothing with permissions. Villanova University would like to be able specify at the interface level who has access to credentials. For example, for an organization, perhaps everyone can access the reports interface credentials, but only acquisitions managers should be able to access invoice/payment portal interface credentials for that same organization.
- Sara Colglazier (MHC/5C) 12:16 PM
Maybe also for Consoria - Dennis: Are there certain interfaces that have licensing or something that would resrtict you from from sharing a user ID and password with multiple people?
- John: This is just for library employee use.
- Aaron Nselin:
- During our migration we thought about this. We wished we could do it.
- Sara Colglazier: To add that organizations are not just vendors. We could add information pretaining to diferent colleges internal portal. We could limit it to just one college seeing their confidential information, rather than every college seeing it.
- Aaron: I beleive we can limit it by Acq teams, We would like to be able to do it by interface type.
- Dennis: I can see how Acq units help, but I see that if you are open with organization records you want to allow them to view the information but not edit.
- Sara: In ERM there is a similar problem.
- Dennis: What type of interfaces do you see that that is not a vendor but would be sensitive in this way?
- Sare: Dropbox, usually in password. Or agreements, using this as a centeral place to put information for your organization to log in. Maybe a platform like Highwire that is not a vendor, it's just a platform that all these other vendors use that we need to login too.
- Dennis: Does anyone create organization records for Donors?
- Not at this time, but if in the future we did it would be very private information
- Dennis: Interesting thought to add acquisitions units to interfaces.
- Dennis: Result: Create a story for this additional felxibiility, to limit access to interfaces based on typ of organization. This story would say only certain users can see the cresentials of certain interfaces. Where that is the case, is it important where users who can't see the user name/passord, to be able to see the rest of the information,,, like the interface details?
- At least be able to see there is an interface
- Dennis: To clearify - it's just the username and password we want to restrict?
- Sara: When someone leaves, you may be in a position to need to figure out what is there. We really don't want to hide more than is necessary. If we can see a portal is there, we can work on figuring out how to access it. As we leave behind so much information in our former systems, it's especially important to have as much information freely available to everyone as possible. The more you hide, the more complex it becomes.
- Dennis: To John - are you comfortable with me saying this is in progress? We will add more granularity to hide interface username and password for certain infaces for certain users, do these two things satisfy you?
- John, That is the right approach.
|