Examples of Namespaces

Understanding and Deploying LDAP Directory Services > 6. Data Design > Creating a Data Policy Statement

<  BACK CONTINUE  >
153021169001182127177100019128036004029190136140232051053055078214168035126135073114234

Creating a Data Policy Statement

Before you begin the somewhat arduous task of identifying and characterizing each of the data elements you plan to store in your directory service, it is important to develop some general guidelines about directory data. These guidelines should be collected in a written data policy statement. The purpose of such a statement is to help everyone who is affected by your directory service to understand in general terms how data will be handled. Because this group includes you, your directory deployment team, data source owners , application authors, and end users, you should widely publish your data policy statement throughout your organization.

Your data policy statement should cover the following topics:

  • Guidelines for determining what data will and will not be stored in your directory service   For example, your general guideline could be that any data element that is likely to be shared by more than one application will be stored in your directory. You might decide that large values (greater than 10KB) would never be stored in your directory.

  • Guidelines for access to directory data.   This is especially important if you plan to store any sensitive information in your directory service. You should also include general guidelines on the kind of authentication and encryption required when accessing directory data.

  • Guidelines for modification of directory data.   This might include information about whether you expect end users to be allowed to update their own entries, the ability of applications to modify entries, and other "data ownership" issues. You should also include general guidelines on the kind of authentication and encryption required when making changes to directory data.

  • Legal considerations.   There may be certain kinds of information that you simply cannot store in your directory service or give people access to because of privacy laws, employment contracts, or other legal consider-ations. It is best to involve your organization's legal staff when formulating this aspect of your policy.

  • Guidelines for maintaining data that is stored in more than one location.   Typically, you will have some data elements that are stored in your directory service as well as in one or more data sources that are not part of your main service. A general policy should cover topics such as how to handle data flow between the sources and which source will be authoritative .

  • Guidelines for handling exceptions to your general policies.   Because no policy can cover all possible situations, you should define a simple process for handling exceptions.

Your data policy statement should be a fairly stable document. However, you will inevitably need to evolve your policy as your organization changes, as you learn more about managing your directory service, and when external factors such as privacy laws change.

Because your data policy statement will cover a lot of ground, it is essential that you involve other groups within your organization in the process of creating and reviewing the policy. In many cases the actual data policy will in fact be defined mainly by people outside your directory team. For example, the owners of important data sources and your legal department will undoubtedly have a lot to say about how you should handle data.

Here are some specific groups to enlist when defining your directory data policy:

  • Your directory design and deployment team

  • People who maintain other important data sources within your organization, (for example, the human resources department)

  • Authors and deployers of important directory-enabled applications

  • Your legal department

  • Upper management, including your chief information officer (CIO) or even the office of your chief executive officer (CEO)

Now that you have a good start on creating a data policy statement, it is time to examine the specific data elements you will store in your directory. Looking at specific examples of data elements will also help you firm up your data policy.



Understanding and Deploying LDAP Directory Services,  2002 New Riders Publishing
<  BACK CONTINUE  >

Index terms contained in this section

access
          data
authors
          consulting on data policy statements
consulting
         authors
                    data policy statements, creating
         design and deployment teams
                    data policy statements, creating
         legal departments
                    data policy statements, creating
         upper management
                    data policy statements, creating
data
         design
                    data policy statements 2nd 3rd 4th
data policy statements
          creating 2nd 3rd 4th
                    access
                    authors
                    design and deployment teams
                    general policy exeptions
                    legal departments
                    legal issues
                    modifications
                    multiple location maintenance
                    storage
                    upper management
deployment
         teams
                    data policy statements, creating
design
         data
                    data policy statements 2nd 3rd 4th
legal departments
          consulting on data policy statements
maintaining
         data storage
                    multiple locations
management
          consulting on data policy statements
modifying data
          data
storage
          data

2002, O'Reilly & Associates, Inc.



Understanding and Deploying LDAP Directory Services
Understanding and Deploying LDAP Directory Services (2nd Edition)
ISBN: 0672323168
EAN: 2147483647
Year: 1997
Pages: 245

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net