Would it be possible, and make sense to everyone if we treated permissions for the new data management tool similar to the way we manage data load config (ability to push into SFDC objects)?
Adding data management to the Gainsight_Special permission set would help separate the standard gainsight admin from a Data Expert/Super Admin.
As the functionality and use of the data management tool grows, this may help minimize issues and mistakes.
Assuming its a visual force page and this would even be possible in force.com
New Idea
Data Management Permissions
+3A big thumbs up on this - and one step further, with the "Load to SFDC" permission, making the rules that contain those actions only editable by the users with the Special permission set would be worth considering - or not allowing non-Special users to add that action to new rules, or even cloned rules.
The issue is that, in the current setup, if I have Special permission and use it to update various fields on Account, I've now given "Global Update" permission to all Rules Engine users. In particular, since I have to expose a field for Update/Upsert keys, I'm now giving permission for all RE users to overwrite some important data fields in error as they build rules.
*end admin rant*
🙂
The issue is that, in the current setup, if I have Special permission and use it to update various fields on Account, I've now given "Global Update" permission to all Rules Engine users. In particular, since I have to expose a field for Update/Upsert keys, I'm now giving permission for all RE users to overwrite some important data fields in error as they build rules.
*end admin rant*
🙂
Devin one thing I've done was expose the Report Builder tab as part for standard users and hide the Admin tab from everyone else besides our GS Admin/Super Users. Would this approach work until this is productized?
Devin - Certainly your idea makes sense. Currently we are providing better way to identify the dependent Rules, Reports and other artifacts so that one can understand where is an object being used. In addition to this, we are also building Audit log capabilities to the Data management.
Permission is something is required across the board and certainly important for Data management.
Permission is something is required across the board and certainly important for Data management.
+4Strong permission for data mgmt tool makes sense but it feels pretty different to me than our special 'load to SFDC object' permission. The sensitivity there is not just that you could screw stuff up but also organizational -- SFDC folks may not want to let Gainsight team have this power. With GDA we are purely in the Gainsight world and I wouldn't want to confuse things so that only people with huge Salesforce permissions have access to GDA.
1 person likes this
+3Following up with more permission requests on this thread - integrations should also be part of a 'super-admin' type tab set if possible - the difference between people managing rules engine, cockpit config, etc. and those managing data loading and data schema is considerable:
Case in point, I know Yodlee was a little uncomfortable that all the Gainsight Admin users have access to the S3 Bucket access key and code.
Just wanted to add more weight to the fact that, for security-minded, larger customers, more agile and configurable permissions is becoming more of a stumbling block for us as we ramp up all the features we give the Admin tab access to!
Case in point, I know Yodlee was a little uncomfortable that all the Gainsight Admin users have access to the S3 Bucket access key and code.
Just wanted to add more weight to the fact that, for security-minded, larger customers, more agile and configurable permissions is becoming more of a stumbling block for us as we ramp up all the features we give the Admin tab access to!
Reply
Sign up
If you ever had a profile with us, there's no need to create another one.
Don't worry if your email address has since changed, or you can't remember your login, just let us know at community@gainsight.com and we'll help you get started from where you left.
Else, please continue with the registration below.
Welcome to the Gainsight Community
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.