Stevehewitt
IS-IT--Management
Hi all,
Not really too techy, but more of a strategy question really....
Most companies I've worked at before have had a tiered storage approach such as:
- "personal" documents are to be stored in either a home drive or "My Documents" (which I've redirected to a server)
- Documents to be shared department wide are shared in a department network drive which nobody outside of the department can access
- A global company-wide network drive used to share files with the rest of the organisation. In some circumstances IT would create a folder with special permissions restricting access to a few departments or cross-department staff where required
So there's three levels - personal, departmental and company-wide.
However at my current place of work things aren't as simple. We do a lot of cross-department project work, and additionally a number of people are not part of any particular department at all (we have a "consultant" on the board, a strategic developer who reports directly to the MD, Purchasing and product development both report to the HR director!!
Some people are actually split 50/50 between departments.
So I'm a little stuck - as all my previous experience has been in a more structured and strictly controlled environment. Sticking to having department drives alone isn't a good idea as the management overhead of adding individual users rather than groups (or creating new ad-hoc groups so often!) is too high.
What do you do in your environment? Have a 3-tier system as above but with file access permissions groups different to distribution and other securtiy groups? E.G a "Finance File Access" group and also a seperate "Finance" group, where non-Finance department members can be added to the former group?
Perhaps a more managed approach where you have a department folder under a single all-incompassing drive - under each department folder it's public read access and department write, then one or two special two-way folders for "special relationships" between departments like sales and marketing, followed by a single folder for just marketing alone...?
Is this matched in group membership structure within AD too?
How do you manage your users documents, shares and network drives? In particular inter-department documents, ad-hoc projects and "special" users who don't really belong to any particular department at all...?
Hope this makes some sense!
Cheers,
Steve.
Steve.
"They have the internet on computers now!" - Homer Simpson
Not really too techy, but more of a strategy question really....
Most companies I've worked at before have had a tiered storage approach such as:
- "personal" documents are to be stored in either a home drive or "My Documents" (which I've redirected to a server)
- Documents to be shared department wide are shared in a department network drive which nobody outside of the department can access
- A global company-wide network drive used to share files with the rest of the organisation. In some circumstances IT would create a folder with special permissions restricting access to a few departments or cross-department staff where required
So there's three levels - personal, departmental and company-wide.
However at my current place of work things aren't as simple. We do a lot of cross-department project work, and additionally a number of people are not part of any particular department at all (we have a "consultant" on the board, a strategic developer who reports directly to the MD, Purchasing and product development both report to the HR director!!
Some people are actually split 50/50 between departments.
So I'm a little stuck - as all my previous experience has been in a more structured and strictly controlled environment. Sticking to having department drives alone isn't a good idea as the management overhead of adding individual users rather than groups (or creating new ad-hoc groups so often!) is too high.
What do you do in your environment? Have a 3-tier system as above but with file access permissions groups different to distribution and other securtiy groups? E.G a "Finance File Access" group and also a seperate "Finance" group, where non-Finance department members can be added to the former group?
Perhaps a more managed approach where you have a department folder under a single all-incompassing drive - under each department folder it's public read access and department write, then one or two special two-way folders for "special relationships" between departments like sales and marketing, followed by a single folder for just marketing alone...?
Is this matched in group membership structure within AD too?
How do you manage your users documents, shares and network drives? In particular inter-department documents, ad-hoc projects and "special" users who don't really belong to any particular department at all...?
Hope this makes some sense!
Cheers,
Steve.
Steve.
"They have the internet on computers now!" - Homer Simpson