AI for the Enterprise

Top 5 security questions CIOs should ask before choosing an enterprise search solution

Share this post:

Enterprise search and data discovery has become essential for any company’s success, across industries, and especially which there’s a high-level of customer interaction. Users must be able to find and understand the information they need, when they need it, at the scale and speed global enterprises needs, all while maintaining security and reliability.


Internal and external security breaches can be very costly, causing long-term damage to companies’ reputations and bottom lines. Now, more than ever, businesses need an enterprise search engine (ESE) with the highest level of data security, exceptional threat and risk detection, and a winning combination of deep security expertise with analytical insights on a massive scale.

What are the key questions to ask to ensure that you choose an ESE that delivers robust search that finds and delivers the deepest level of information appropriate to the user query without exposing results the user is not authorized to access?

1. Does stronger data protection lead to compromised data quality? 

Your data solution should match the needs and capabilities of your business. At a basic level, that means internal users (employees) can access all information they are entitled to, but no more, and that external hackers cannot access any of your data.

2. Will it enforce internal rules of access by role?

It’s not enough to protect your data from external hackers. Internal access must be controlled too. Your ESE should be able to handle pre-existing rules of access for all the content systems that have their own non-integrating security mechanisms and their own concept of users, groups and access rights. Watson Explorer (WEX) constantly verifies users via your web server, in real-time. WEX then connects to your Lightweight Directory Access Protocol (LDAP) and authenticates each user by username and password.

3. Can you get field-level security access?

Field-level security looks at the full spectrum of groups the user belongs to and compares it to a set protocol. In order to view the full results, the user might be required to be a member of the IT department and be a manager, and also be a member of a special group designated by HR and assigned to have access to salary information.

4. Does the solution provide multi-level security?

With multi-level security protocols system administrators can assign privilege access to users and groups that can control application functions such as the ability to export search results. Various levels of security can applied to the same document. For example, the same document can reveal different information to different individuals throughout the organization. Additionally, search querying utilizes different security settings and results vary according to the security settings of the user.


5. Early-binding vs. late-binding security: What should you choose?

Early binding associates ACL tokens with target documents as the document is crawled, which offers fast resolution of secure queries. Late binding is significantly slower than early binding and relies on a CMS external to WEX to validate the user’s permission to access each requested document. WEX is able to ingest the data and evaluate the user-access permissions against the set of document ACL data, presenting only those documents that meet the user’s permissions.

Don’t compromise on data security

From a security standpoint, enterprise search solutions need to be held to the same standards as those of the rest of the systems the company owns. To protect the future (and legacy) of your organization, seek out enterprise solutions that allow you to stay ahead of competition with regard to capability, performance, speed and security. Watson Explorer enables every employee to be your best employee by supplying them with the answers they need while protecting your information, reputation and revenue.

To learn more about implementing a secure enterprise search solution, read the Watson Explorer security white paper.


More AI for the Enterprise stories

Behind the Code: Meet Bill Higgins

April 29, 2019 | Developers

We're excited to kick off a new series for the Watson blog, focusing on AI and the developers at IBM Watson. AI is one of the hottest topics in tech, and we want to take a deep dive into AI, but more importantly, for you to get to know the people that help bring Watson to life. To kickoff the series, meet Bill Higgins, distinguished engineer, AI for developers, data and AI. more

How IBM is improving Watson Visual Recognition capabilities

March 15, 2018 | Developers, News and Updates

We’ll be announcing a number of changes to the Watson Visual Recognition service at Think 2018, IBM’s flagship conference, on March 19-22. These updates will include new feature capabilities, developer tools and improvements to user experience. more

How to use Watson Speech to Text utilities to increase accuracy

June 23, 2017 | Developers

Learn how to use Watson's Speech to Text utilities to increase the accuracy of your transcription results. In this blog post, we've included links so you can download the S2T utilities. We've also provided Sample .wav files and Python code. Get started with Watson's Speech to Text API by signing up for a free trial today. Learn more. more