作为Anaplan(AOA)团队Anaplan上的业务运营经理-an internal team, focused on bringing Connected Planning to life within Anaplan—I help to oversee our internal Anaplan model ecosystem and assist in the solutioning and development of Anaplan models across all of our functional business groups.
作为Anaplan最大的客户,我们必须解决的众多要求之一是用户访问和安全性。利用Anaplan的用户角色功能通常可以完成工作,以授予用户访问特定模型。有时,我们必须进一步走一步,并利用Anaplan的selective access特征。角色和选择性访问是强大的工具,并且几乎所有时间都满足我们的需求。但是,随着我们扩展自己对Anaplan的使用,我们已经开始遇到需要根据多个标准来提供用户访问列表的访问,而不仅仅是单个条件。
在真实生活中
A real-life user provisioning challenge we’ve encountered is in our headcount planning model. As this model provides real-time reporting on our employees, there are inherent sensitivities and considerations around who can see information for specific employees—taking into consideration visibility to things like compensation and personally identifiable information (PII). We have multiple use cases built out within the model, including recruiting capacity and analysis, attrition reporting, hiring reporting, etc., and the access to specific employee data depends on the end user of the model.
在此示例模型中,我们包括完整的员工名册。如果人力资源伙伴访问该模型,我们希望他们只看到标记为他们支持的功能区域的员工(例如财务,销售)。此外,如果业务经理进入模型,他们只能在管理链上的经理或员工的员工或员工中查看信息。
But wait! If the HR business partner is in Europe, they shouldn’t be able to see PII fields for their employees. Do you see how this could get complicated quickly? Additionally, some dashboards that contain non-sensitive employee information are perfectly fine to open up broadly to all users, while others contain sensitive data we need to provision.
下一步是什么
So, how do we handle this? We can’t provision access by roles because all of the aforementioned users need access to the same modules/dashboards as it relates to the employees they manage. Additionally, no single user should be able to see all data for all employees. Selective access could be considered as a solution, but given the levels of complexity and multiple logical drivers—as well as the requirement to not hide reporting of non-sensitive data for employees—that option also has limitations.
Enter动态单元访问(DCA)。由于DCA允许我们以公式逻辑为基础读取/写入访问,因此它使我们能够在决定是否应该能够在列表中的特定项目上读取或写入多个逻辑上的层层。这是动态的(谁会想到这个名字?), which means it adjusts live as data within the model changes. Additionally, it offers us the flexibility to apply the provisioning logic to the exact modules we want to, rather than blanket provision users across the model.
DCA In Action
以下是如何利用DCA的力量的高级示例:
- 将员工名册数据加载到Anaplan, ensuring the data contains the employee email—the same email that is used to log in to Anaplan. This allows for the mapping of Anaplan users to the employee roster.
- 设置系统模块with the ‘applies-to’ list of the user list.
User meta-data staging module: Rows represent model users (Joey, in this example) and the line items represent meta-data off of the roster module.
- Within this module, we can join the employee roster data and the user list to map the employee’s meta-data to their Anaplan user profile (e.g. cost center, location, management chain, etc.)
- 使用一系列布尔式订单项,我们可以编写我们想要基于DCA的任何逻辑。在我们的示例中,这可能包括:人力资源业务合作伙伴吗?是欧元吗?基本上,这是我们想要利用的所有员工元数据来创建DCA驱动程序的登台模块。
- 设置第二个系统模块with the ‘applies-to’ list of whatever list you want to apply DCA against, as well as the user list. In our case, this would also be our employee roster list.
- 创建一系列布尔人订单项,测试我们刚刚与员工的元数据设置的用户系统模块的不同属性。一个例子是(员工成本中心=用户成本中心)。
DCA逻辑模块的员工名册列表(此模块中的行):订单项表示用于确定用户(Joey-在页面选择器中)是否可以看到员工的逻辑。这里的关键是将您的所有逻辑合并到最右边的单个“主”订单项中。
- Daisy chain your conditions together as desired, with the end result being a master Boolean line item, which is the driver for whether or not a particular user has read or write access to a particular item within the list.
In this dashboard you can see that the information is masked for those employees that did not meet all of the criteria identified in the master DCA line item.
- 创建一系列布尔人订单项,测试我们刚刚与员工的元数据设置的用户系统模块的不同属性。一个例子是(员工成本中心=用户成本中心)。
- 选择要应用DCA的模块。关于DCA的好处是,您可以转到订单项级别以绘制主布尔驱动程序的映射。
上述过程的令人难以置信的功能不仅是对用户提供的完全控制和能力,而且随着新的花名册数据被加载到Anaplan中,DCA会自动调整自身以说明更改。因此,如果有人更改了成本中心或员工的经理更改,我们上面设置的公式将引用新的员工元数据,并将自动调整DCA驱动程序,从而提供更多的可持续性,可持续性用户提供的方法。
我们发现使用这种方法论发现的另一个无意的好处是,Anaplan将由于DCA驱动因素为空白而是空白的细胞。因此,如果要基于上面的逻辑设置一个自动过滤员工为最终用户的仪表板-Blanks在您的仪表板上。然后,您将拥有一个基于用户的动态过滤器,该过滤器正在查看模型……漂亮!
