Security is an important component in any enterprise search implementation project. All too often, the thought of rolling out enterprise search creates worries that their classified documents will end up in the wrong hands. It’s a scary thought but if done correctly, it doesn’t have to be scary in practice.
Here’s a list of the top 3 myths often associated with security in Enterprise Search.
Myth #1 – Enterprise Search will cause sensitive data to get into the wrong hands
Often security rules are set up so that only select individuals are privy to classified documents. In a typical LOB system security is attained through isolation, providing a select group of users with access to private information (also known as security through obscurity). The security mechanisms available in these underlying systems are often ignored, and when search is rolled out these shortcomings are unveiled. Enterprise Search is the tool which exposed the security gaps, not the culprit.
Myth #2 – Our security demands are too complex
Many organizations are afraid that their role-based and attribute-based advanced security setups are too complex for a third party tool and that security would break through connectors. This is false, software like BA Insight’s Knowledge Integration Platform are specifically designed for even the most heterogeneous, complex search security scenarios such as EMC’s Documentum or dynamic authentication providers such as CA SiteMinder.
Myth #3 – Security problems with Enterprise Search are unavoidable
It’s important to step back and see the big picture before implementing a search project. You will want to setup a pre-roll out test to identify existing and potential security gaps. A security audit should be performed to determine what level of access should be granted and to whom.
Taking corrective action in the systems using the security mechanisms in place will ensure that your sensitive documents don’t get into the wrong hands.