So you’ve finally managed to convince everyone who has a stake that building this MDM Hub is the right thing to do. You have the data ready to be loaded from a variety of applications (sources) and you are even preparing to provide a business user interface (See MDM for the Business Masses, It’s Time) to access the data. Then you get that bone chilling thought that reverberates down to your spine, are you going to be able to manage all of the authentication and authorization of the various new users of the Hub? Of course, you could issue new userids and passwords, that seems simple enough and Single Sign On seems appropriate. But can you really map all the roles and “rules of visibility” to data that belonged to Fred in the CRM system, while ensuring that Jane who only was able to see back office details in the ERP system continues to be similarly restricted in her view of the new combined master data?
Fortunately, most mature MDM platforms are expected to handle fine-grained security down to the cell level as well as having multiple ways of defining role assignments. Furthermore, your security infrastructure team would most likely have already been part of the MDM evaluation process and ensured that the MDM Platform can integrate with the incumbent security systems/infrastructure of choice. Finally that new MDM Platform you are using gives you comprehensive history and lineage of its master data for maintaining complete audit trails, which again allows you to further reduce risk and improve regulatory compliance.
Whew! You wake up in a cold sweat realizing it’s just a dream, everything is fine nothing to worry about; all this was included as part of the evaluation process … thanks to that blog post you read way back when …
Original posted on the Siperian Blog at http://siperian.typepad.com/siperian_blog/2009/03/whos-that-looking-at-my-master-data.html