View in Presenter Mode for Discussion Points & Transition Control 1 December 2014 v9.1 Security Framework Dan Gallagher Hewlett-Packard Project & Portfolio Management The Five Levels of Effective Security Management • Resource Configuration • Request Access Controls • Request Status Dependencies • Field Level Controls • Request Rules
14
Embed
View in Presenter Mode for Discussion Points & Transition Control 1 December 2014 v9.1 Security Framework Dan Gallagher Hewlett-Packard Project & Portfolio.
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
View in Presenter Mode for Discussion Points & Transition Control
1
December 2014 v9.1
Security Framework
Dan Gallagher
Hewlett-PackardProject & Portfolio
Management
The Five Levels of Effective Security
Management• Resource Configuration• Request Access Controls• Request Status Dependencies• Field Level Controls• Request Rules
View in Presenter Mode for Discussion Points & Transition Control
2
Resource Set-up
Resources
Added to Directory for selection (LDAP, XMLS, Manual)
$ Time Management (Entry & Approval)
$$ Demand (Requests, SP & FS)
$$$ Project Management (Work plans)
$$$$ Program Management
Proposals, Projects, Consolidation
$$$$$ Portfolio Management
Proposal, Projects Demand Management
$$$$$$ Administration; Configuration
License
High Level Functional Capability.Annual Maintenance Cost.
Members with a Common Functional or Security Need.
Security Group
• Time Sheet Functions• Request Processing Functions• Project Management Functions• Resource Management Functions• Cost Management Functions• Program Management Functions• Portfolio Management Functions• PMO Management Functions• System Administration Functions• System Configuration Functions
• Contact Information• Organizational Membership• Manager• Time Sheet Approver & Policy• Project Role and Skills• Calendar and Assignments• Resource Pool Associations
HP-PPM Security Framework
View in Presenter Mode for Discussion Points & Transition Control
3
Security Groups
The Functionality
• Security Groups Provide Specific Capabilities to it’s members through Access Grants. These Grants are the tools of the Group.
• You must have both the License and Associated Security Group to execute your stakeholder role.
View in Presenter Mode for Discussion Points & Transition Control
11
Request Field Level Security
These settings will determine what users can View and\or Edit a field on a Request.
• Level 4– Every Field is defined for Access & Edit Security
HP-PPM Security Framework
View in Presenter Mode for Discussion Points & Transition Control
12
Field Attributes
A No on Enabled over-rides all higher level settings. If the field is Enabled, but the Display is NO, you’re left to wonder if it is being utilized or not. Difficult to determine. We would call that a Hidden Field.
• Display: Yes or No.
HP-PPM Security Framework
• Display Only: Yes or No A Yes here would indicate that the field is not editable through the User Interface, and is therefore populated based on a Rule or some other mechanism. Often utilized for data from other data sets that is related.
• Who Can See the Field?Anyone that has the appropriate License (Demand); Security Group (Demand for functionality); Security Group membership that may be involved in cloaking the specific field or Request (Project Organization today, but applied at a higher level (Request).
• Who Can Edit the Field?
This is defaulted to All Users in the OOTB “Best Practice” Requests. It is most effective from an End User Experience and Control , as well as a system maintenance and support perspective, to set this field as the token value of a field which is displayed on the Request itself. By giving the Request Owner (or PMO, or Finance) edit capability over the identified field, then that person, associated with the particular Request, now has control over who can do what with THEIR Request. This requires a complete understanding and integration of the 5 levels of Security.
View in Presenter Mode for Discussion Points & Transition Control
13
Status Dependencies
• In the “New” Step Status the “Contact Name” field is Editable and required.
• Field definitions, behavior, security and population considerations should be clearly defined in the on-line field HELP.
HP-PPM Security Framework
View in Presenter Mode for Discussion Points & Transition Control
14
Request RulesHP-PPM Security Framework
• Every Time the Business Unit field is changed, all of these fields are updated based on the new Business Unit value.
• When the Proposal moves out of the Defining Proposal Status, the two fields are set to Required.