User Policies
Policies determine who can use what functionality and when. There is some leeway in which administratorsthe ASP's and/or yourswill create and/or enforce them.
Policies affect both networks and applications. Network policies are an integral part of traffic management. Via network policies, network administrators grant different types of traffic like data, voice, and video from different companies or departments greater or lesser availability and bandwidth as their users require. Although you have input into the network SLA, once it's determined, the ASP or its network supplier enforces network policies.
For instance, the network section linking a company's inventory warehouse with its sales force might need 24-hour availability and T3 bandwidth, so orders placed by salespeople are filled in time by the warehouse, whereas a customer service engineer troubleshooting on-site equipment problems might need only a wireless link from 8 am to 7 pm on weekdays.
Administrators can also create policies so specific that only certain users are allowed to access certain application features over the network, and only at certain times of the day. If a large bank processes all the preceding day's checks from midnight to 4 am the following morning, then the administrator can prioritize appropriate network sections for that purpose during that period.
Policies affecting applications authorize certain users access to certain applications or application resources like databases or screen fields. A sales rep, for example, might be able to enter an order on a screen but not have access to the Approved field. Only his manager does because she has to approve all orders. Conversely, the manager may not have access to the Credit Limit field on the same screen because, when the sales rep enters the order, the order entry system automatically fills that field with the amount by which the customer has exceeded his credit limit.
As with network policies, you have input into application policies to determine the SLA, but afterward the ASP enforces those policies. However, if you specify, some ASPs will permit your IT staff some administration authority like adding new users. Obviously, however, the ASP must be promptly alerted when such changes are made.