Leading organisations are recognising the importance of identity in realising the maximum return from their Enterprise GIS investment.
Web GIS is increasingly seen by customers as a very attractive pattern for extending the reach of the ArcGIS platform and the value of location to everyone within their organisation.
Being able to inject location smarts into data-driven decision-making for everyone is a powerful capability.
But with power comes responsibility, and in most organisations, there is a requirement to ensure several boxes are ticked regarding security and who gets to see and interact with what.
The IT-centric perspective tends to be centred on the three ‘A’s of security – authentication (who are you?), authorisation (what can you do?), and accounting/auditing (what did you do?).
Security demands are a reality of operating in an enterprise environment, and the ArcGIS platform is a good citizen in this respect, with support for hooking into an organisation’s existing security framework.
While it’s technically possible to defer all security to your network perimeter and expose everything in ArcGIS to everyone internally, this is unlikely to win approval from IT folks because it’s just not how most enterprise systems are used.
And if you’re using ArcGIS Online, the notion of ‘everyone’ means the entire planet – a big lever to pull if you didn’t intend to share so generously!
Aside from adhering to IT governance around security, in my opinion there are some additional benefits to embracing ArcGIS Identity, and the concept of every ArcGIS user being recognised as a distinct individual, that are often overlooked:
- Privacy – Content created by individuals remains private until, if they have permissions, and the need to do so, they share it with others. Sometimes users just need to do their own thing and have a place to create and work with data, maps and apps that are relevant only to them and the project they are involved in.
- Sharing – Individual users can be members of one or more groups. The simple sharing model in ArcGIS allows publishers to share content to these groups and thus control who sees what. These groups are a flexible focus for collaboration with support for individuals playing the role of author, contributor, moderator or just consumer.
- Personalisation – Part of the Web GIS mantra is providing tailored information products that bring together the right data to support better decision-making for the user in question. ArcGIS Identity allows administrators to control the ‘lens’ through which users see the platform and make sure it is one that exposes only relevant, valuable content.
- Capability – As well as control over access to content, individual users of the ArcGIS Platform can have their identity associated with various levels of capability. At the highest level a user could be a Contributor (Level 2) with the potential to create and publish data, maps and apps, or a Viewer (Level 1) which as the name suggests, can only consume content.
Further to that, an administrator can fine-tune the capabilities extended to users through the role they are assigned to. This allows granular control over who can use specific services in the platform. A good example of this is only allowing specific users to be able to use credit-consuming services in ArcGIS Online.
- Reporting – In a nod to the third ‘A’ of security, the reporting dashboard within the ArcGIS Platform allows organisations to view detailed information on content and collaboration activity for all users, and drill down to distinct roles or individuals for even more detail and perspective on where they’re hitting the mark with content.
- Applications – Being able to associate licenses to use specific ArcGIS applications such as ArcGIS Pro, AppStudio or Drone2Map to the users who need them based on their ArcGIS Identity through the platform is simple for administrators, and powerful for the end user because their identity, and the ability to use those apps, follows them wherever they go rather than being bound to a specific machine.
An important note on that last point around applications. Every ArcGIS Desktop license includes a Contributor user that, when associated with either ArcGIS Enterprise or ArcGIS Online, lights up that user as a full participant in Web GIS. If you’re not taking advantage of that, you’re missing out on a significant part of what’s available to you already.
Identity is key to delivering the maximum potential from your Enterprise GIS while ensuring compliance with IT requirements.
Watch a Directions LIVE Online webinar I presented in March 2017 on the topic of ArcGIS 10.5.
About the author
Principle Enterprise Architect