In my previous post, I introduced a number of different ways that organizations can lock down databases and the applications that sit on top of them. A powerful tool that enables theoretically infinite customization is record-level security.
Today I'll discuss some analytics considerations of record-level security.
Record-level security: Implications
Let's say that you work for XYZ – a large organization that exclusively uses technologies from a single vendor for CRM, databases and reporting/analytics. Because XYZ is a one-vendor shop, its integration among technologies is relatively tight. That is, it need not stitch together disparate systems and applications via extract, transform and load processes.
XYZ's reliance upon a single vendor means that, all else being equal, everything "talks to one another" out of the box. Specifically, techies need not spend an inordinate amount of time configuring applications to ensure that Dolores sees information that she should not. Ideally, this should just happen.
To the extent that many large organizations rely upon multiple vendors, though, what are the odds that everything works the way that it should? In my career, I've seen people discover that they have the ability to view confidential information that they should not. This is possible because of the spaces or cracks among different applications, reporting tools and databases.
Adding to the complexity, consider newfangled concepts such as edge analytics. Generally speaking the technologies behind them are not mature. As such, are you willing to bet that everyone can see only what they should?
Beyond this question, record-level security poses additional analytics-related questions. Consider the following simple example of sales figures for XYZ:
Determining the average is pretty simple math. But what happens if Derek – the head of sales – cannot access Ian's information due to record-level security?
Note how the average sale is now artificially inflated. Of course, it wouldn't be hard to account for this (re: allow the value to exist in the reporting or analytics tool without individual attribution.) Still, it's a consideration that some may forget.
What's more, what happens if Derek knows the sales folks all too well? Can he impute Ian's sales figure much like those who pay attention to metadata can easily ascertain "hidden" figures?
Simon Says: Recognize the downside of complexity.
I don't profess to know all of the questions – much less all of the answers – here. I'm not Anton Chuvakin, but this much I do know. Coupled with complicated system setups, record-level security allows for all sorts of potential holes. Employees curious nosy about what their peers make constitute one type of issue. Throw in bad actors and data-sniffing bots and you magnify the potential for breaches and harm.
What say you?Download I Spy PII: How to Use SAS Data Management for Personal Data Protection