By now, you will have enriched your Heap account with additional data. The next step is to decide how you want to set up roles and permissions for your team members to access and manage this data.
Prefer a more interactive version of this content? Take our Organizing and Managing Heap course to quickly get started with a clean and organized account.
Before you assign roles to your team members, make sure you understand what each permission level can do, and how access to manage data in personal vs. shared spaces impacts the hierarchy. Assigning permissions appropriately and limiting event creation and modification permissions in the shared space is the easiest way to maintain data trust.
Throughout this guide, we’ll provide questions you can ask yourself to help you make these decisions for your team. We recommend writing these answers down as part of documenting your data governance strategy for your team. As part of rolling out Heap to your organization, you’ll want to share this documentation internally to enforce your naming and categorization conventions, establish roles and permissions, and give your team some resources to start exploring data.
Heap offers five different roles depending on your data governance strategy: Read-Only, Consumer, Analyst, Architect, and Admin. You’ll want to be intentional about assigning roles based on the permission sets you’d like your team members to have.
As a starting point to structuring your team, answer the questions and complete the table below:
What criteria will you use to decide what permission level users should have?
How should permission levels be divided among users and teams?
|Custom Role (add name here)|
As a best practice, there should be fewer Admins than Architects, and fewer Architects than Consumers. Unless your organization is very small, the majority of users should be Consumers.
Shared & Personal Spaces
The shared space refers to where all of the shared data in your Heap account lives. It’s important to maintain an organized shared space with a consistent naming convention to make it easy for team members to find what they need.
Team members can also create personal spaces to save private versions of definitions and reports as a private workspace for exploring data.
Becoming familiar with these will help you decide how to apply permission levels to manage and leverage the data available in the shared space, and enable team members to use their personal spaces to explore data in ways that won’t impact the shared space setup.
For more details on how to use these spaces, see Shared vs. Personal Spaces.
Data Governance Strategy
There are three general approaches to data governance that our customers use:
- The conservative approach will have the majority of users set to more restricted roles in Heap, such as Consumer or Read-only. Roles with higher-level access will be reserved for team leads, dataset owners, or lead analysts who have demonstrated sufficient Heap knowledge.
- In accounts with a liberal approach, the majority of your users will likely be in a mid-level or higher up role, such as Analyst. This means you trust these members to largely self-govern and manage the shared dataset on their own.
- A blended approach utilizes a bit of both – for example, you may be strict with permissions for users who are not part of your immediate team, but apply liberal permissions for members of the team who will be using Heap the most.
You should use the approach you choose as a starting point on which to design the rest of your data governance strategy around. Here are some questions to consider as you’re trying to decide:
- How many different teams and users will be using Heap?
- Do you prefer to allow a larger group of people to add and modify data at-will, or have your team(s) operate under a controlled environment so only a limited number of individuals can manage data?
- What resources are available for team leads to manage the account and dataset? Is the amount of resources feasible to sustain the approach you’re leaning towards?
Generally speaking, organizations tend to choose their strategy as follows:
- Smaller, leaner teams (<10 people) that err more technical and have previous experience with analytics tools will likely adopt liberal strategies.
- Large organizations with many teams and users using Heap should either adopt a blended or conservative approach.
Determining your approach early on will guide your decision making throughout the rest of the guide. We recommend including this information in your documentation so your team understands their role assignment and knows who to go to for help with tasks they don’t have permissions for.