In the company’s environment it is common to meet manager who are always afraid that someone will mess up their data, or who don’t trust their users enough to let them play freely with the information. If this can be understood, this also has to be taken down when you enter projects like PLM where users, permissions and context can create an almost infinite number of interactions options between the user and the application. I’m not saying you should forget this kind of feature, of course not, PLM is definitely made for this. But it is not an easy task and you need experience on the implemented software in order to understand how to manage these restrictions.
Your colleagues are smart
Sometimes it’s not even a question of privacy control or protected information, it’s just a matter of this manager wanting to make sure that this guy will not touch this document he shouldn’t touch because it’s not his job to do so. Well look at the real world, I’m in a factory, I can manually take some screws from a batch and mix these with another one. This is possible. Why I wouldn’t do it? Because I know it’s wrong, because that’s not part of my job (supposing that I work in a PLM implementation team and not in the manufacturing zone which I ‘m just visiting. And also because I may be caught by someone who will tell me that what I’m doing is wrong. That’s the problem with software, people want things to be secured 100%. We want 100% of the possible failure to be tested where 90% of these might be very stupid actions. A PLM solution is a company system, it’s not a blog or an e-commerce website where you know people will do every single clicks and navigation you haven’t thought of.
Not mandatory on first version
To me it is important to have some kind of introduction of access management for the users. They should, from the beginning, start understanding why they may not have the same screens and data visible as other users. But it is not mandatory to put to much effort on blocking users. Unlike physical actions like my previous example, you could think it is not easy to see someone doing a mistake, but yes it is easy as every action is recorded in a PLM solution. Every change as a date and a modifier. So focus and allowing the right person to get the data and wait for a second run where you might add more restrictions on information access.
I guess one day with computer learning technologies it will be much more easier, during the testing, whenever you’ll see an item you will be able to define why you should or should not and who should or should not access it. After some training, the software will understand how to behave with the rest of the information. But as of today every software I found were still not always easy to maintain regarding roles, right & permissions. So to avoid wasting too much time of right & access customizing, you should start by opening the access to the right persons and invest on training to let people know the right things to do. It will be a much better investment than spending time customizing restriction you will need to change many times later.