Today I ran into an interesting problem. But to understand it, I need to give you a little background. As many of you know, I work for a large school district in Florida, the 10th largest school district in the country with over 180,000 students and over 20,000 employees. From that you can probably guess that our web site infrastructure is fairly large. We have over 4300 sites and subsites spread across the district and school external facing web sites and internal employee sites and collaboration sites. However, what I want to focus on here is just the externally facing web sites.
Our small team of 5 people obviously does not do the content for all of these sites. We instead implemented a decentralized approach to content creation with each department and each school responsible for their own content. In fact, the head of each department and the principal at each school is ultimately responsible for all the content on their site even though they may not be the ones to actually enter that content.
Therefore, from the very beginning, we implemented a workflow process for publishing all content that appears on public facing web sites. Many people in a department or school can have content creation rights, but only a select few may have content approval rights. To control who has the ability to create content for public facing sites, the site owner (department head or principal) has full authority over who can and who cannot be content creators and approvers. Of course, the approver roll is the most important, but even content creators have the potential of overwhelming the approvers with additions and changes if everyone at a school could make changes. However, our group does not make the decision over who can or who cannot have rights. We merely act on the requests of the owners.
You might ask, why don’t the owners of the sites manage the permissions to their own sites? That is an excellent question. However, from the beginning most department heads and principals did not want to be bothered with supporting that task. This is something we are looking at changing over the balance of this year, but in the meantime, we require a simple email from the owner to identify the site URL, the name/employee ID of the person (yes, we have multiple people with the same name) who should get rights and what those rights should be.
If you are following me so far, you may say, ‘That makes sense to protect the integrity of the information displayed to the public.’ So what happened that was so interesting?
Today we had an Area Technology Coordinator argue that they should be able to tell us who to give rights to. Ok, the term Area Technology Coordinator needs definition. Our 170+ schools are divided into 5 areas to facility management. Each middle and high school has one or more technology coordinators dedicated to that school. At the elementary school level, one technology coordinator is shared by two schools. Technology coordinators at a school are generally responsible for all technology at the school, mostly the computers, software and network. At some schools, the principal has also made them responsible for the content of the school’s web site. However, at other schools, the principal has assigned this task to other members of their staff, even teachers in some cases, since in general maintaining content on a SharePoint web site is typically no more difficult than working with most Microsoft Office products. (Ok, no jokes about how hard that can be.) Sometimes, the principal changes who they want to be responsible for the web site. For that reason, it is imperative for us to receive an email from the principal for any changes to permissions.
So now we get to the Area Technology Coordinate who is basically a floating Technology Coordinator that provides additional support to any school in one of our five areas. Anyone one of these area technology coordinators wants to be the one to define who should be given rights. Furthermore, he sent an email to us to give a person at one of the schools in his area rights without saying whether those rights should be just content creator, approver, or site administrator (which is a little less than owner). When I responded back that the request must come from the principal, he sends a request to the principal. So far so good. But then he starts to give me grief about the fact that we have still not implemented the rights change even though we have yet to year from the principal. He further states that we are not cooperating with him and that he wants to know who my supervisor is.
In a way I welcome him to push his agenda forward, because I don’t think the principal at that school or principals in any of the 170+ other schools would want the precedent that would establish. On the other hand, it is just one more reason why our group wants to get out of the permissions business and let the site owners take full responsibility for either managing the permissions for their site themselves or designating one or two individuals in their department or school to have that responsibility. Our group has plenty of other work to keep us busy. We really don’t need to be the ones to manage the permissions to the sites and insure that only owners are making permission requests.
So here is what I want to know from those faithful readers of my blog. What do you do at your organization? What works for you? Ok, I know what works for small organizations may not apply to large organizations. We encounter that all of the time. But surely some of you either work for, consult to, or know of other large organizations and may have some suggestions. If you do, post a comment to this blog. I’d really like to hear what you may have to say.