November 2, 2016 | Written by: Trips Reddy
Categorized: AI for the Enterprise | Developers
Share this post:
Enterprise search and data discovery has become essential for any company’s success, across industries, and especially which there’s a high-level of customer interaction. Users must be able to find and understand the information they need, when they need it, at the scale and speed global enterprises needs, all while maintaining security and reliability.
Internal and external security breaches can be very costly, causing long-term damage to companies’ reputations and bottom lines. Now, more than ever, businesses need an enterprise search engine (ESE) with the highest level of data security, exceptional threat and risk detection, and a winning combination of deep security expertise with analytical insights on a massive scale.
What are the key questions to ask to ensure that you choose an ESE that delivers robust search that finds and delivers the deepest level of information appropriate to the user query without exposing results the user is not authorized to access?
1. Does stronger data protection lead to compromised data quality?
Your data solution should match the needs and capabilities of your business. At a basic level, that means internal users (employees) can access all information they are entitled to, but no more, and that external hackers cannot access any of your data.
2. Will it enforce internal rules of access by role?
It’s not enough to protect your data from external hackers. Internal access must be controlled too. Your ESE should be able to handle pre-existing rules of access for all the content systems that have their own non-integrating security mechanisms and their own concept of users, groups and access rights. Watson Explorer (WEX) constantly verifies users via your web server, in real-time. WEX then connects to your Lightweight Directory Access Protocol (LDAP) and authenticates each user by username and password.
3. Can you get field-level security access?
Field-level security looks at the full spectrum of groups the user belongs to and compares it to a set protocol. In order to view the full results, the user might be required to be a member of the IT department and be a manager, and also be a member of a special group designated by HR and assigned to have access to salary information.
4. Does the solution provide multi-level security?
With multi-level security protocols system administrators can assign privilege access to users and groups that can control application functions such as the ability to export search results. Various levels of security can applied to the same document. For example, the same document can reveal different information to different individuals throughout the organization. Additionally, search querying utilizes different security settings and results vary according to the security settings of the user.
5. Early-binding vs. late-binding security: What should you choose?
Early binding associates ACL tokens with target documents as the document is crawled, which offers fast resolution of secure queries. Late binding is significantly slower than early binding and relies on a CMS external to WEX to validate the user’s permission to access each requested document. WEX is able to ingest the data and evaluate the user-access permissions against the set of document ACL data, presenting only those documents that meet the user’s permissions.
Don’t compromise on data security
From a security standpoint, enterprise search solutions need to be held to the same standards as those of the rest of the systems the company owns. To protect the future (and legacy) of your organization, seek out enterprise solutions that allow you to stay ahead of competition with regard to capability, performance, speed and security. Watson Explorer enables every employee to be your best employee by supplying them with the answers they need while protecting your information, reputation and revenue.
To learn more about implementing a secure enterprise search solution, read the Watson Explorer security white paper.