Assets that are created and managed in the content development environment should not be modified directly on the target site. Therefore, it is important to secure target site assets to prevent changes that are outside the control of the content development environment.

Preventing uncontrolled changes is especially important with respect to ATG Content Administration deployments:

In an incremental deployment, ATG Content Administration identifies the current set of assets on the target, examines it against the project to deploy, and deploys the new set by deploying only the asset changes to the target site. It is this element of the incremental deployment procedure that makes it faster than a full deployment.

However, if a user modifies the assets on the target directly, the target’s knowledge of its current set of assets is no longer valid because it no longer represents the target’s actual data. Therefore, subsequent incremental deployments are compromised and cannot result in a new current set of assets that accurately represents the target’s data. In this situation, a full deployment to the target site which first deletes all target assets is necessary in order to restore a valid set of assets.

Note: If you use secured repositories in the content development environment to control access of ATG Content Administration users to specific asset types and individual assets, be aware that ATG Content Administration does not deploy the ACLs for those assets when they are deployed to a target.

For all these reasons, it is critical that you secure ATG Content Administration-managed assets on your staging and production targets so users cannot modify them. Several recommended strategies follow, which are suitable to various content development, testing, and production requirements.