Palantir.net's Guide to Digital Governance: Roles and Permissions
This is the fifth installment of Palantir.net’s Guide to Digital Governance, a comprehensive guide intended to help get you started when developing a governance plan for your institution’s digital communications.
We live in an era where few institutions have Websites and other Internet-based properties that are managed and maintained by one or only a few people. Where these spaces were once controlled by the few who knew how to code in HTML, content management systems have now dramatically lowered (and arguably eliminated) the need to possess extensive HTML knowledge. This means that most organizations have lots of people editing their Web properties, and without some well-defined rules for all those cooks in the kitchen, things get messy quickly.
Whether or not the platform you are using has roles and permissions built into it, a good governance plan will define roles for users and then apply specific permissions to those roles. Based on my experience, here are some common, fairly generic, roles and permissions that many Websites have (or have variations):
ROLE: Authenticated User
PERMISSIONS: Anyone who has activated an account on the Website, but has no editing or publishing permissions; authenticated users may be able to see content an un-authenticated user may not see.
PERMISSIONS: A user with an account who can create new and edit their existing content on the Website, but may not publish or delete any content, including their own, or edit content they have not created.
PERMISSIONS: A user with an account who can create new and edit existing content on the Website, including content that is not their own; they may or may not publish or delete content.
PERMISSIONS: A user with an account who can create new, edit existing, publish, and delete any content on the Website; typically a person who approves and publishes the work of Contributors and Editors.
PERMISSIONS: A user with the same permissions as a Publisher, however they may administer accounts, roles, and permissions of other users on the Website, along with managing certain site-wide settings.
PERMISSIONS: A user with full permissions to all aspects of managing and administering the Website, a role typically reserved to the few, most highly trained and experienced users.
These common roles can be modified easily to address the specific needs of your organization. You may also find that they are lacking certain roles you need, in which case I recommend using one of these for the basis of a new role you create to meet your specific requirements. For example, let’s say you have a microsite that is a subset of your main site, and you need to assign a user the role of Administrator ONLY for that micro-site and not the entire main site. Simply take the permissions assigned to Administrators and create a new role call Micro-Site Admin whose permissions as “Administrator” are limited to only the micro-site that role manages.
Here are some questions to consider to help you begin defining the roles your organization will need, along with the permissions each role should have.
Who should have an account for accessing your Website?
How do users acquire or activate accounts?
What are the policies for using accounts?
Is sharing an account permissible?
What are the conditions under which users may lose their access privileges?
Roles & Permissions
Who is permitted to edit content on the Website?
Who is permitted to create new content on the Website?
Who is permitted to publish content on the Website?
Who is permitted to delete content on the Website?
Who is permitted to see unpublished content on the Website?
Are there users who should have higher levels of administrative access to perform site-wide changes or to administer user accounts?
Are there sets of users who need special access to only limited parts or functions within the Website?
Are there limitations to the level of access different users should have?
Do all users have access to all content?
Do some users have access to only the content they create?
Do certain users need to approve content before it is published?
Does a workflow need to be established for defining how content is produced and published?
This post is part of a larger series of posts, which make up a Guide to Digital Governance Planning. The sections follow a specific order intended to help you start at a high-level of thinking and then focus on greater and greater levels of detail. The sections of the guide are as follows: