Governing unstructured data allows you to manage data access, preserve data integrity, and provide content owners with the tools and workflows required to manage their own data.
By publishing a resource to the IT Shop, the resource is placed under governance and is then available for users to request access to it. You can publish and request access to NTFS shares, files and folders, and SharePoint objects from the site level and below. Beginning with Data Governance Edition version 7.0.1, you can request to have a file system share created that can then be made available to others through the IT Shop.
| User | Tasks |
|---|---|
| Data Governance Administrator |
Data Governance Administrators must be assigned to the Data Governance | Administrators application role. They must also be assigned to the Request & Fulfillment | IT Shop | Product Owners application role or an application role under the Product Owners role to approve IT Shop requests. The Data Governance Administrator uses the Manager to ensure self-service resource access requests are available in the IT Shop. For more details on setting up the IT Shop, see Setting up resource access requests and Setting up share creation requests. The Data Governance Administrator uses the web portal to perform the following tasks after a file share creation request is submitted:
For more information, see Approving share creation requests. |
| Employee/end-user |
The Resource Access shelf is available through the Identity & Access Lifecycle shop, which is included by default with the One Identity Manager installation. All active employees are automatically members of this shop and can therefore make requests. End-users or resource consumers use the web portal to perform the following tasks:
For more details on making resource access requests, see Requesting access to a governed resource and Requesting the creation of a file system share. |
| Business owner |
Business owners must be assigned to the Data Governance | Direct Owners application role, which is automatically assigned when ownership is set. They must also be assigned to the Request & Fulfillment | IT Shop | Product Owners application role or an application role under the Product Owners role to approve IT Shop requests. The business owner of a resource uses the web portal to perform the following tasks:
For more information, see Approving resource access requests. Business owners who have both the Data Governance | Administrators and Data Governance | Direct Owners application roles assigned, can also use the web portal to define who can see and access owned resources. For more information, see Restricting access to self-service resource access requests. |
| Employee manager |
Employee managers must be assigned to the Request & Fulfillment | IT Shop | Product Owners application role or an application role under the Product Owners role to approve IT Shop requests. An employee's manager uses the web portal to perform the following tasks after a file system share creation request is submitted:
For more information, see Approving share creation requests. |