Admin Anonymous: Adding Security to Marco Applications
We have all heard the tales of efforts gone awry when a person makes an error in a workflow, sparking chaos. Hours are derailed by a slip-up in a setting or accidentally initiating an alteration. Not only is there lost time, but it also potentially leads to a breach in security.
That, of course, is an extreme case. Anything can happen when it comes to errors. We are human after all. Although organizations are concerned about potentially giving away sensitive information or losing time to a man-made error, they go to the extreme to safeguard against this as well as the human element involved. These efforts can include anything from incorporating governed data, maintaining secure passwords for applications, or setting parental controls on smart phones so toddlers cannot accidentally call the Mother-in-Law.
To align with these practices and the concern for data security, similar controls have been implemented within select Integrated Marco Studio applications. I like to think of them as the parental controls of your Knowledge Management system.
Administrative Access to the Commander Crew
One of our newer Integrated Marco Studio applications – Integrated Marco Mystic – involves a slew of operations that have the potential to cause a headache if someone who were not certified to run them…well…did. These include tools for Spatial Data Inventory, File Remapping, Indexing and Categorization, and the like. Do these utilities sound familiar? Hopefully so. After all, they are the prime proficiencies of the Integrated Marco Commander application.
On the surface, Integrated Marco Mystic appears to be an interface suited primarily for sifting through the results gathered by the various Integrated Marco Commander tools in what we call the Marco Database, a collection of database tables detailing spatial data found on the network. It facilitates the search of this exorbitant amount of data with ease, viewing details and offering analysis options for further understanding.
When digging deeper, it is found there is another side to Integrated Marco Mystic – the delightful Dr. Jekyll to the unassuming Mr. Hyde. This side requires Administrative Access and allows the user to perform all tasks pertaining to the Integrated Marco Commander tools, like discover spatial data, clean-up databases, find common coordinates, and many more. Although it may not hurt for the average person to have access to these options, it helps to safeguard against making unintended changes to the underlying database, aiding in maintaining data integrity.
Although Administrative Access may be given to anyone (or a group of anyones) deemed fit, this role typically falls to the same person or group who maintains the configuration of the application itself. This is because Admin login details are set-up during the configuration process. To whom this falls is entirely up to your team. If you have been looking for a way to integrate an office-friendly game of Survivor into your team-building, this may be a great incentive for determining the winner.
Palette-able Configuration for Administrators
Integrated Marco Mystic is not the only application in the Integrated Marco Studio family to receive the Admin treatment. The other? Integrated Marco Palette.
An Add-In for ArcMap, Integrated Marco Palette smooths the transition from knowing what spatial data is available to being able to use it. The toolkit is designed to run against a Corporate Registry, a spreadsheet or table outlining specific layer files that may be added to the ArcGIS workspace as well as their location on the network. One intention behind this registry is to allow a space for maintaining files for a project or team without forcing data to be stored in the same location on the network. Being forced to move data does not make for a good day in general, but being that person who creates duplicates? Well, consider yourself banned from water cooler chats forever.
Because of the platform on which it stands, Administrative Access within this toolkit works a bit differently than that of Integrated Marco Mystic. Housed within a separate Admin Add-In, the tools required for configuring the Corporate Registry are to be accessed by ye lucky duck to whom access has been granted. Once the path to the Corporate Registry has been specified and any modifications made, the Standard Add-In may then be distributed so that others may explore the files, adding them to ArcMap.
What is So Amazing About Administrative Access Anyway?
You may be reading this and thinking…First, this person has finally found their outlet for allowing the alliteration to come alive. Second, why is Administrative Access necessary for these applications? I mean, it's not like they are Amazon servers or anything.
Well no, they are not. However, think back to that example at the beginning of this show. You know, the one with the parental controls and the terrible toddler. Imagine, you have a mass of pictures on your phone that you have put in long hours behind the camera to accrue. You hand the phone over to your bundle of joy to keep them from screaming in the checkout line, hoping they will just play the game to which you have so selflessly given them access. Instead, they find their way to your photos and decide it is time for a little spring cleaning. Bye bye, birthday party pictures. Hello, regret.
Although a loose metaphor for what is happening with Integrated Marco Studio, you may see where I am going with this. Building both a Spatial Data Inventory and Corporate Registry take time and attention to detail. For sake of maintaining the integrity of the data specified within them, it is best to guarantee any edits made to them (including the running of the tools that generate their details) are regulated and not done by someone who just “wants to try out that cool Commander tool”. Ensuring that this type of functionality is only available to those with access to the login makes it easier to preserve the underlying databases.
Having an individual or team responsible for configuring these applications offers another perk – certifying the consistency of data. By enforcing login for configuration, we are guaranteeing that database connections cannot be accidentally changed or mismanaged. This way, the group to which access is granted post-configuration is all viewing the same underlying data, cutting down on potential miscommunication and confusion.
In addition to the few I have shown here, I am sure you and your team may easily be able to list off five, ten, or fifteen more benefits for incorporating Administrative Access in specialized toolkits. It is a handy feature no matter the purpose, especially when it comes to Knowledge Management and the Integrated Marco Studio suite.