https://deveo.com

HOW  TO  HANDLE  ACCESS  RIGHTS  EFFECTIVELY  AND  SECURELY  IN  A  MULTI-­‐

ORGANISATIONAL  PROJECT?

https://deveo.com

CUSTOMER  CASE

https://deveo.com

A  joint  so?ware  development  project  with  mulLple  organisaLons.  Each  organisaLon  was  responsible  for  developing  one  part  of  the  whole  project.

Actual  so?ware  development  was  done  by  the  organisaLons’  vendors.

Our  customer  was  responsible  for  coordinaLng  the  whole  project.

https://deveo.com

INITIAL  PROBLEMS

https://deveo.com

1.  TradiLonally  the  development  had  been  done  in  vendors’  environments.

2.  ParLcipaLng  organisaLons  had  no  experience  on  hosLng  development  environments.

3.  ParLcipaLng  organisaLons  needed  visibility  to  each  other’s  projects.

4.  Vendors’  visibility    had  to  be  restricted  to  only  the  projects  in  which  they  were  involved  in.

https://deveo.com

The  main  quesLon:

“Who  does  what?!”

https://deveo.com

Who  is  allowed  to  see  all  of  the  informaLon?  

Who  are  allowed  to  set  up  repositories  and  projects?  

Who  manages  the  access  rights?  

With  hundreds  of  user  accounts,  how  can  access  management  be  seamless?  

How  can  vendors’  developers  be  invited  to  the  development  environment,    when  the  coordinaLng  organisaLon  doesn’t  know  them?

Follow-­‐up  ques,ons

https://deveo.com

SOLUTION

https://deveo.com

Delegated  Access  Management  

Version  control  

WebDAV  for  end-­‐user  documenta8on  

Collabora8on  

Issue  management  

Documenta8on  

Code  Review

Joint  development  pla5orm  with  all  the  necessary  tools

https://deveo.com

Layered  Access  Management  (LAM)  model  was  created  as  well

Three  layers:  

1. Company  Admins  

2. Deveo  Users  

3. Collaborators

12

3

https://deveo.com

1.  Company  AdminsCoordinaLng  organisaLon’s  project  managers  acted  as  company  admins.  They  had  access  to  everything  and  rights  to  manage  the  whole  pla`orm.

Company  admins  invited  project  managers  from  parLcipaLng  organisaLons  as  Deveo  users.  Also  1-­‐2  key  persons  from  each  vendor  were  invited  as  a  Deveo  Users.

https://deveo.com

2.  Deveo  Users

Had  rights  to  set  up  projects  and  repositories  and  visibility  to  every  sub-­‐project.

Vendors’  key  persons  had  Deveo  User  rights  and  they  invited  the  rest  of  their  developers  as  collaborators.

ParLcipaLng  organisaLons’  project  managers  and  1-­‐2  key  persons  from  each  vendor  were  granted  the  Deveo  User  accounts.

Had  rights  to  invite  external  developers  as  collaborators.

https://deveo.com

3.  Collaborators

Vendors’  developers  were  invited  as  Collaborators.  

Visibility  was  limited  to  only  the  projects,  in  which  they  were  invited  in.  

Rights  to  do  the  actual  development  work  in  the  respecLve  sub-­‐project

https://deveo.com

Company  Admins Coordina,ng  organisa,on

Collabora,ng  Organisa,ons

DEVEO  Collaborators

Vendors’  developers

Coordinates  the  whole  project  

Adds  the  Deveo  Users

Create  Projects  Grants  user  permissions  

Manages  Vendors

DEVEO  Users Vendors’    key  personnel

https://deveo.com

IN  PRACTICE

https://deveo.com

1. Deveo  was  introduced  as  the  development  pla`orm  

2. A  dedicated  Deveo  Company  was  created  for  the  whole  project.  

3. Project  managers  set  up  separate  sub  projects  in  the  Deveo  Company.  

4. Deveo’s  delegated  access  management  allowed  the  earlier  described  LAM  model  to  be  implemented.

https://deveo.com

BENEFITS

https://deveo.com

Access  management  was  delegated  to  people  with  the  best  knowledge  of  the  needed  rights.  Tasks  that  required  so?ware  development  skills  were  delegated  to  the  vendor’s  key  personnel.

All  development  work  was  done  on  one  pla`orm  -­‐>  transparency.  

All  of  the  criLcal  data  was  hosted  by  the  organisaLons,  not  vendors.

IntuiLve  UI  made  it  easy  for  our  customer  to  host  the  pla`orm  although  they  were  not  seasoned  so?ware  developers.

https://deveo.com

KEY  LEARNINGS

• Choose  the  right  tools  and  host  the  environment  yourself  -­‐>  beder  transparency  and  no  need  to  jump  between  vendors’  environments  

• Plan  the  access  management  well  in  complex  mulL-­‐organisaLonal  projects  

• Simple  yet  powerful  development  environments  do  exist

https://deveo.com

“Read  and  share:  Layered  #accessmanagement  is  the  key  to  success:  blog.deveo.com/layered-­‐

access-­‐management/    @deveoteam”

CLICK  TO  TWEET

https://deveo.com

Want to share your thoughts with us?

Pick your preferred channel:

@deveoteam

deveocommunity.slack.com

deveo.com

deveoteam