Garry Arko, Senior Enterprise & Solution Architect
May 9, 2018
While a good Architecture will avoid going too far into details, it should also recognize the implications of details and provide a framework and guidelines that can enable beneficial and valued solutions. One of the concepts that is often overlooked in an Architecture is Ease of Access to technology based solutions. Ease of Access often does not manifest itself until solutions are being developed and implemented, leaving it off the radar in Architectural assessments. As with many elements of an Architecture, ensuring Ease of Access for the business begins by setting directions and understandings involving a number of related technology and business domains at a high level.
Before getting into specifics, it is important to understand what is meant by “Ease of Access”. Since it is currently not a standard element found in common Enterprise Architecture Frameworks, for purposes here it can be illustrated by using specific examples:
• Requiring users to log on separately to each application they might use throughout the course of their daily work would not be considered a good practice by most business users. The concept of single sign-on represents a better approach.
• Expecting users to become experts in a specific application to locate and use specific features and functions required to accomplish select business tasks might be seen as normal for complex business applications, but many users would find this annoying and frustrating. Being able to go directly to a specific function in a specific application by understanding nothing more than the business need and terminology represents a better approach.
• Expecting users to understand the terminology provided by application systems and translate that into more common business functions and terms is a trait of many business applications. By presenting the application environment in easier to understand business terms is a better and more effective approach when using technology-based applications.
When working application environments are considered, they often are presented in the context of vendor perspectives and vendor selected terminology as opposed to being seen in terms that are meaningful to the specific business. When applications do take on a business context, it may be in terms of a specific functional area as opposed to more general business terminology. If it is accepted that a valuable goal of an Enterprise Architecture is to ensure technology solutions are implemented in such a way that they are as easy to use as possible to provide the greatest business value, there are a number of elements of an Architecture that need to be understood and configured to work in unison to achieve that objective. The key Architectural elements which can have a direct bearing on “Ease of Access” are:
• Security and access control
• Application integration
• Application features and functionality
• Business processes and functions
• Information content and use
As with many aspects of an Architecture, there is no single configuration or design that can be cited to ensure “Ease of Access” for the business. In addition, many of the architectural principles and approaches that influence a configuration may be in conflict and have different significances in various organizations. In an Architecture, it is not uncommon to have to select those principles and criteria that offer the greatest value in a given situation as opposed to being able to accommodate all relevant principles and criteria. Many organizations today utilize ERP solutions which, in theory, have been designed and configured with cross business features and functionality in mind. However, there are a large number of businesses that provide unique types and combinations of services that require more than a single ERP implementation to meet their technology needs. ERP solutions themselves often leave the average business user confused regarding where specific business functionality is found within the system. An Enterprise Architecture can provide guidance to ensure “Ease of Access” to technology enabled functionality by recognizing the needs and providing coordinated directions for the relevant Architectural elements.
Single Sign-On
Security and access control can be a good starting point. Often, security and access control becomes overly focused on keeping people out of an environment as opposed to ensuring it is easy for the right people to get into the right parts of an environment for the right reasons. Over the years, business users have been frustrated with having to log-in to each business application separately and the concept of single sign-on enabling users to access all available business applications with a single log-in to the environment is becoming more common. While there is no industry wide standard for single sign-on today, there are numerous vendor offerings based on a number of “standards” coming from various groups that make it feasible for an organization to implement a reasonably secure and robust means for business users to gain access with a single log-on at the start of a day. For organizations that have not yet implemented some form of single sign-on, an Architecture should provide direction on the standards and criteria in this context that will best serve the particular business. For organizations that have enabled some form of single sign-on, if it was not done based on Architectural guidance, a review of the implementation from an Architectural perspective may provide valued suggestions for improving and/or changing solutions currently in use.
Enabling single sign-on for an organization does not ensure business users won’t encounter a need to log-on yet again to some special or unique business application. In most organizations, not all business applications are new or state-of-the-art, and since there is no universally accepted standard for single sign-on that vendors would be obliged to follow, an organization’s single sign-on implementation may not be all inclusive. However, applications do have a life cycle and end up being upgraded or replaced on a regular basis. As part of the Application Architecture, the capabilities an organization would expect in specific applications to ensure the application can integrate with a single sign-on business solution should be defined and used as one of the criteria when reviewing options for an application upgrade or replacement.
An assumption is made at this point that some form of role-based access and security principles, standards and methods form a part of the Architecture for an organization. (If this is not the case for a particular organization, there are documents that support and demonstrate the value of this concept.) In most cases, the roles for single sign-on are likely to be less granular than the roles for a specific business application. For example, a business user may be designated as an Administrator for purposes of single sign-on, but that business user may not be an Administrator for each and every business application in the environment. There are many approaches and methods being used to implement appropriate application function access control roles which can relate back to more generic roles in single sign-on. An Architecture should provide the guidance for an organization in managing overall systems access control to ensure it can reasonably be implemented within the organization and does not impose unnecessary administrative burdens.
Access to Individual Business Functions
In an organization relying on and using a diversity of business applications, it is not uncommon to find users who are “system experts” for particular applications. When the application is complex in nature, these users would understand how the application menu structure or access methods are organized and where a specific business function would be found within the application. A business user who only needs to access that application on occasion for something like providing an approval or looking to find certain status information, may not find it obvious where that business functionality is found within the structures provided for accessing the application. To improve “Ease of Access” in these types of situations, it is desirable to have methods for direct function access. For example, being able to designate a specific business function on a general user “desktop” which can take a user directly to that functionality without even having to think about which specific application contains that functionality could be useful. These would be exception configurations and having too many of them would result in a loss of ease of use and would not enhance overall ease of access. An Architecture is a good place to provide the guidelines and principles to be used when designing this type of direct access to ensure it is used appropriately across the wide range of business applications within an organization and not over used so as to create its own confusion and complexity.
Automated Information Notifications
Not all functionality is within an application needs be accessed through the application interface. Some applications may provide automated notification services to display or provide information without having to access the application directly. For example, various events and statuses take place within business processes and that information is often useful to the business. An individual application or a Data Warehouse environment may collect and maintain this type of event and status information and a special service may be constructed to collect, organize and make available such information. The service may be triggered by select events, or it may be invoked through a “desktop” icon, or may be made available through special options customized within specific applications. The resulting information may be displayed for information only, made available to view and copy small amounts of data, or capable of providing extracts / exports of many of the supporting details. These types of services and features make information more easily accessible and readily available for business use. An Architecture that can guide the development and implementation of these type of services can be a valuable component of an Enterprise Architecture, and is often included in Architectures today. If this type of Architecture recognizes not only effective methods for gathering and displaying information, but also how easy it will be for the business to access and use the information, the value of Architecture will be enhanced.
Enterprise Architecture should enable valued use of technologies for a business. Ensuring the business can easily and conveniently access relevant information to support its processes and objectives is key to gaining value from information and the systems that support that information. An Architecture which recognizes the various elements of technologies that impact “Ease of Access” and providing guidance that ensure that access for the business is a more valuable Architecture.
Mr. Garry Arko is a Senior Enterprise & Solution Architect with IT Architects in Calgary, Alberta, and has worked in various industries, including Oil & Gas, Transportation, Government, and Construction. IT Architects (www.itarchitects.ca) is an information consulting firm specializing in business process optimization, system evolution planning, and the deployment of leading-edge technologies. If you require further information, Garry can be reached at info@itarchitects.ca or 403-465-7661.