Scenario 1: Company with a single division
All of the employees in your company work with the same set of objects (campaigns, offers, templates, and so on). Sharing and re use of objects are encouraged; there is no need to make sure that groups of employees cannot access each other's objects. You need to create sets of permissions that will determine employees' ability to access, modify, or use these objects, based on their roles within the organization.
Solution
Only a single security policy is required, as objects do not have to be separated by group or division. In the existing global security policy, define roles corresponding to the employee jobs, and for each role, define the appropriate permissions for each object or function.
Object permissions for this scenario
Functions/Role
Manager
Designer
Reviewer
Campaigns
Add Campaigns
Edit Campaigns
Delete Campaigns
Run Campaigns
View Campaign Summary
Offers
Add Offers
Edit Offers
Delete Offers
Retire Offers
View Offer Summary
For example, a Manager has full access and editing ability for campaigns and offers. A Reviewer can access campaigns and offers, but cannot add, edit, delete, or run them.
Optionally, you can also create user groups in
IBM
®
EMM
that match these roles, and then assign user permissions simply by adding users to these groups.
The following table shows a sample subset of the object permissions for this scenario.
Object permissions for this scenario
Functions/Role
Manager
Designer
Reviewer
Campaigns
Add Campaigns
Edit Campaigns
Delete Campaigns
Run Campaigns
View Campaign Summary
Offers
Add Offers
Edit Offers
Delete Offers
Retire Offers
View Offer Summary
Copyright IBM Corporation 2015. All Rights Reserved.
