Blog

Home : Knowledge Base : Unified Entitlements : Why Your Organization Needs Unified Entitlements

Why Your Organization Needs Unified Entitlements

Joe Hilger Joe Hilger . February 10, 2025

Successful semantic solutions and knowledge management initiatives help the right people see the right information at the right time. When properly implemented, knowledge workers have the knowledge they need to make the best decisions for their organization. The good news is that the amount of information that organizations capture and manage is growing exponentially. At the same time, the technologies that allow us to access that information are improving just as quickly. Advancements like the Semantic Layer, Knowledge Portals, Semantic Search, and Generative AI make access to information easier than ever before. All of these changes have highlighted the importance of adequately securing information assets so that people are only able to see what they should be able to see. This securing of information assets is called entitlements and it is quickly becoming one of the biggest issues in knowledge management.

Unified entitlements provide a holistic definition of access rights, enabling consistent and correct privileges across every system and asset type in the organization. These information assets may be documents in SharePoint, wiki pages, discussion threads in Microsoft Teams or Slack, or data sets in a data lake. In most organizations, each of these systems has its own model for securing information. As a result, most organizations have an inconsistent application of their entitlement rules across their knowledge ecosystem. These inconsistencies create risk for the organization and impact the development of knowledge management solutions.

There are several legal, compliance, and reputational risks associated with the inconsistent application of entitlements. In the next few paragraphs, I will share how some of these risks can be realized and how unified entitlements would have fixed the issue.

Automating Access

A consulting firm that we worked with used team sites to collaborate on client materials. The head of the project was allowed to add or remove access to the site. As people left the project, their access was not removed. In addition, a few people from separate divisions were granted access so that they could see deliverables that could help them with their own work. When the client did an audit to see who had access to their materials, they saw several people who were not on the project. The consulting firm was in breach of its contractual obligations, and while it managed to keep the client, it lost the client’s trust and negatively affected its reputation. If they did not have as good of a relationship with their client, they might have been sued. A unified entitlements solution would have synced access to the site with access to the charge code to do the work. As people left the project, they would have automatically lost access to the project workspace, and the client audit would have strengthened the relationship.

Catching Errors

In another example, a manufacturing company had an R&D division that developed plans for new products in their product line. They were in a highly competitive industry where being the first to market could mean millions of dollars in additional revenue. The designs of the new products were stored in a closely guarded Product Lifecycle Management (PLM) system. Access to the PLM was managed by an IT person in the R&D department. An employee with the same name as one of the R&D researchers was accidentally granted access to the PLM. This person did not log into the PLM, but found the upcoming designs in the semantic search that the company rolled out. The person assumed this was public information. They took a job with a competitor and shared what they had seen with their new employer. The competitor copied the approach and closed the gap with the manufacturer. This simple mistake cost the manufacturer millions of dollars in product revenue and directly affected the stock price. In this case, the unified entitlements solution would have granted access to the PLM only to those people in the R&D department. Access permissions would be driven by the department of record in the HR system. All of this would automatically be replicated between systems so that no individual would have the responsibility to grant access to the PLM. 

Aligning Systems

A pharmaceutical company stored data about the results of their drug trials in their data lake. Access to the trial results was limited to people who worked on the clinical trials. In addition, the team captured notes about their interpretations of the results on a separate team site. The person who managed access to the data lake was not the same person who managed access to the team site. One of the tests was executed incorrectly, which led to disappointing results. The cause for the improper results was identified by the team and documented on the team site. New tests were run that produced better results, and the old ones were ignored but left in the data lake. Someone from outside the trials team was accidentally granted access to the test result data but not the notes about the findings. They saw the result data and immediately escalated that there was a problem with their leadership. The clinical trial team spent weeks explaining what they found. This confusion delayed the trial timeline and distracted the team. A unified entitlements solution would have identified the system of record for the trial teams and automatically granted access to both the data tables and the team site based on who was assigned to the trials. 

Conclusion

These three simple examples show the kinds of risks that organizations accept when they do not implement unified entitlements. If your organization has an entitlements problem, it is best to start with a strategy that allows you to understand the scope of the problem and create a reasonable plan for addressing entitlements across the enterprise. Once this is in place, the organization can:

  • Identify the products needed to support unified entitlements;
  • Start building the models for applying the security rules; and
  • Develop the integrations to automate security to all major systems.  

Consistent and accurate access permissions to knowledge assets can no longer be ignored or deprioritized. Semantic solutions like semantic search, knowledge portals, knowledge graphs, and generative AI chatbots make access to information easier than ever before. Organizations that lack the structure of a unified entitlements solution have greater risk of information leakage than ever before. If you need a Unified Entitlements program, our consultants have solved this problem for other large organizations and can help you better understand the problem and help you jump-start your initiative – contact us.

Joe Hilger Joe Hilger Joe is Enterprise Knowledge's COO. He has over 20 years experience leading and implementing cutting edge, enterprise-scale IT projects. He has worked with an array of commercial and public sector clients in a wide range of industries including financial services, healthcare, publishing, hotel and lodging, telecommunications, professional services, the federal government, non-profit, and higher education. Joe uses Agile development techniques to help his customers bridge the gap between business needs and technical implementation. He has a long track record of leading high-performance professional teams to deliver enterprise-level solutions that provide real value. His development teams have a strong record of client satisfaction, innovation and leadership. Joe is an expert in implementing enterprise-scale content, search, and data analytics solutions. He consults on these areas with organizations across the country and has spoken on a wide range of topics including enterprise search, enterprise content management, big data analytics, Agile development and content governance. More from Joe Hilger »