some information may only need access controls and authentication measures to restrict access adequately; other sensitive information may need to be encrypted within the database as it is stored.

In many countries, data protection laws govern how enterprises must maintain personal information and restrict who has access to the personal information. For example, the laws may prohibit anonymous access to addresses and phone numbers or may require that users have the ability to view and correct information in entries that represent them. Be sure to check with the organization's legal department to ensure that the directory deployment follows all necessary laws for the countries in which the enterprise operates.

The creation of a security policy and the way it is implemented is described in detail in Chapter 8 “Designing a secure directory”.

2.4 Documenting the site survey

Because of the complexity of data design, document the results of the site surveys. Each step of the site survey can use simple tables to track data. Consider building a master table that outlines the decisions and outstanding concerns. A good tip is to use a spreadsheet so that the table's contents can easily be sorted and searched.

Table 2-4 “Example: Tabulating data ownership and access” identifies data ownership and data access for each piece of data identified by the site survey.

Table 2-4 Example: Tabulating data ownership and access

Data name

Owner

Supplier

Self read/write

Global read

HR writable

IS writable

 

 

server/Application

 

 

 

 

 

 

 

 

 

 

 

Employee

HR

PeopleSoft

Read-only

Yes

Yes

Yes

name

 

 

 

(anonymous)

 

 

 

 

 

 

 

 

 

User password

IS

Directory US-1

Read/Write

No

No

Yes

 

 

 

 

 

 

 

Home phone

HR

PeopleSoft

Read/write

No

Yes

No

number

 

 

 

 

 

 

 

 

 

 

 

 

 

Employee

IS

Directory US-1

Read-only

Yes (must log

No

Yes

location

 

 

 

in)

 

 

 

 

 

 

 

 

 

Office phone

Facilities

Phone switch

Read-only

Yes

No

No

number

 

 

 

(anonymous)

 

 

 

 

 

 

 

 

 

Each row in the table shows what kind of information is being assessed, what departments have an interest in it, and how the information is used and accessed. For example, on the first row, the employee names data have the following management considerations:

Owner

Human Resources owns this information and therefore is responsible for updating and changing it.

Supplier Server/Application

The PeopleSoft application manages employee name information.

Self Read/Write

A person can read his own name but not write (or change) it.

Global Read

Employee names can be read anonymously by everyone with access to the directory.

24 Planning the directory data