SlideShare a Scribd company logo

Security for Enterprise Search : SearchBlox

Timo Selvaraj
Timo Selvaraj

Implement Security for Elasticsearch based Enterprise Search

Software
1 of 22
Download to read offline
SEARCHBLOX SOFTWARE, INC. Security Architecture for Enterprise Search
• SearchBlox Enterprise Search • Security Architecture • User Security • Application Security • Data Security • Compliance • Backup and Recovery Security Architecture for your enterprise search Secure Enterprise Search SEARCHBLOX SOFTWARE, INC.
• Founded in 2003 • Focus on enterprise search • Using AI for search • 400+ customers in 30 countries • Based in Richmond, Virginia, USA • AWS Technology Partner • 2015-2020 – KMWorld Trendsetting Product of Year • KMWorld 100 Companies that matter in Knowledge Management SearchBlox Enterprise Search SEARCHBLOX SOFTWARE, INC.
SEARCHBLOX SOFTWARE, INC. Security for Enterprise Search is Critical Avoid data breaches and ensure rock-solid security for enterprise search.
SEARCHBLOX SOFTWARE, INC. Enable search for all your secure data ERP CRM DB Documents Full-Text Search Encrypted Data Compliance SearchBlox Enterprise Search • Secure crawl of any data • Search across all/any data source(s) • Search encrypted sensitive data • User management with LDAP/AD Crawl
SEARCHBLOX SOFTWARE, INC. Security is central to SearchBlox Architecture
Users Application Data SEARCHBLOX SOFTWARE, INC. Building a user security model for enterprise search SearchBlox provides multiple security layers
Ø Global User • Any search user who can access the system, public or authenticated. Ø Profile • Access is allowed by title or rank within the organization. Levels of access may include VP, Director, Manager, Customer, Employee. Ø Group / Role • Arbitrary groups of users (Sales, HR, Marketing, Finance). Ø Specific User • Security allowed on a per user basis. SEARCHBLOX SOFTWARE, INC. Search – Examples of User Types Global User Profile Group / Role Specific User
SEARCHBLOX SOFTWARE, INC. SearchBlox Index Security
SEARCHBLOX SOFTWARE, INC. Search User - Index Access Types • Public Access • Authenticated Search Access • Collection / Repository / Index Level Access • Document / Record Level Access • Sub-Document / Sub-Record Level Access Public SensitivePrivate Enable user search access for your data securely
SEARCHBLOX SOFTWARE, INC. Search User - Index Access Types Security starts with defining requirements for users to access the search index. Public Search Access • You can search without any login or authentication. Search users are anonymous. Authenticated Search User Access • You can search after authentication; if you are not authenticated, you cannot search. Collection / Index / Repository Access • Search can be allowed based on the user. Once the user is authenticated and authorized, collections are available for search.
SEARCHBLOX SOFTWARE, INC. Search User - Index Access Types By Document • Users with specific roles, groups or designated users can search documents or records, but others are restricted. By Sub-Document • Different users may see different parts of the same document or record. For example, the document may contain financial information which is searchable to all users, but the sensitive data is displayed only to the authorized users.
SEARCHBLOX SOFTWARE, INC. Search User – Typical Access Use Cases • Public Websites • Marketing Websites • Product Websites Public SensitivePrivate • Company Intranets • Customer Support Portals • Contact Center Agent Portals • Knowledge Base Portals • Finance, HR, CRM, Sales Data Portals • Employee Portals • Customer Portals • Healthcare Portals • Patient Only Portals
SEARCHBLOX SOFTWARE, INC. SearchBlox Searchable Encrypted Data
SEARCHBLOX SOFTWARE, INC. Search User – Document Level Security for Sensitive Data • Document Level Access • ACL with LDAP/AD • SearchBlox Realm authentication and authorization • Sub-Document Level Access • AES256 Encryption with customer key • SearchBlox Realm authentication and authorization • One or more columns within a database can be encrypted but available for full-text search Allow Deny Allow Deny
• Encryption at rest • Disk level encryption • External encryption tools • Encryption in transit • TLS 1.2, TLS 1.3 / SSL with cert to secure your data with AES256 • Encryption at field level for sensitive data • Store and search PII or sensitive fields with encryption • Select the PII data — credit card numbers, SSN, email addresses, etc. SEARCHBLOX SOFTWARE, INC. Data Security
SEARCHBLOX SOFTWARE, INC. SearchBlox Application Security
• SearchBlox Realm or AD/LDAP with/without SAML 2.0 or Okta Integration • Public, Private and sensitive search results for users • Secure Admin console access for Admins, Managers and Business Users • Activity logging for all Admin actions • Access, Activity, Query, User logs for real-time monitoring SEARCHBLOX SOFTWARE, INC. Application Security for Administrators and Search Users Authentication Authorization Audit
• Crawl secure data using credentials (HTTP Basic, Forms based-authentication, ADFS/SSO) • Crawler custom User Agent name for access • Crawling through secure proxy server • Crawling with connection/requests throttling • Crawling with API tokens for specific repositories • Crawling with Custom Header values for authentication SEARCHBLOX SOFTWARE, INC. Crawler Security for indexing data
• Backend authentication using SearchBlox realm or LDAP, Okta • Search UI uses JWT for security • Prevents CSRF • Login / Logout of search sessions • Section 508 Compliant • SSL only search access SEARCHBLOX SOFTWARE, INC. Search UI Security for data
• Backup and restore data at an index level • Backup and restore of configuration for enterprise search setup • Avoid data loss with index / configuration replication with SearchBlox cluster setup SEARCHBLOX SOFTWARE, INC. Backup and Recovery for index data and configuration Data
SEARCHBLOX SOFTWARE, INC. Fix your missing links. Prevent your next data breach. Secure Enterprise Search

Recommended

0chain Blockhain and off-chain storage integrity
0chain Blockhain and off-chain storage integrity0chain Blockhain and off-chain storage integrity
0chain Blockhain and off-chain storage integrityVishwas Manral
 
OISC2013_Presentation
OISC2013_PresentationOISC2013_Presentation
OISC2013_PresentationAustin Nagel
 
ESDDC - Making Secured Content Discoverable in SharePoint
ESDDC - Making Secured Content Discoverable in SharePointESDDC - Making Secured Content Discoverable in SharePoint
ESDDC - Making Secured Content Discoverable in SharePointJonathan Ralton
 
SIKM Boston - Making Secured Content Discoverable in SharePoint
SIKM Boston - Making Secured Content Discoverable in SharePointSIKM Boston - Making Secured Content Discoverable in SharePoint
SIKM Boston - Making Secured Content Discoverable in SharePointJonathan Ralton
 
How to Open Password Protected Documents on iPad
How to Open Password Protected Documents on iPadHow to Open Password Protected Documents on iPad
How to Open Password Protected Documents on iPadVitalii Varbanets
 
Encryption in Microsoft 365 - session for CollabDays UK - Bletchley Park
Encryption in Microsoft 365 - session for CollabDays UK - Bletchley ParkEncryption in Microsoft 365 - session for CollabDays UK - Bletchley Park
Encryption in Microsoft 365 - session for CollabDays UK - Bletchley ParkAlbert Hoitingh
 
Deep thoughts from the real world of azure
Deep thoughts from the real world of azureDeep thoughts from the real world of azure
Deep thoughts from the real world of azureMichele Leroux Bustamante
 
Modern Workplace Conference 2022 - Paris Microsoft Information Protection Dem...
Modern Workplace Conference 2022 - Paris Microsoft Information Protection Dem...Modern Workplace Conference 2022 - Paris Microsoft Information Protection Dem...
Modern Workplace Conference 2022 - Paris Microsoft Information Protection Dem...Albert Hoitingh
 

Recommended

0chain Blockhain and off-chain storage integrity
0chain Blockhain and off-chain storage integrity0chain Blockhain and off-chain storage integrity
0chain Blockhain and off-chain storage integrityVishwas Manral
 
OISC2013_Presentation
OISC2013_PresentationOISC2013_Presentation
OISC2013_PresentationAustin Nagel
 
ESDDC - Making Secured Content Discoverable in SharePoint
ESDDC - Making Secured Content Discoverable in SharePointESDDC - Making Secured Content Discoverable in SharePoint
ESDDC - Making Secured Content Discoverable in SharePointJonathan Ralton
 
SIKM Boston - Making Secured Content Discoverable in SharePoint
SIKM Boston - Making Secured Content Discoverable in SharePointSIKM Boston - Making Secured Content Discoverable in SharePoint
SIKM Boston - Making Secured Content Discoverable in SharePointJonathan Ralton
 
How to Open Password Protected Documents on iPad
How to Open Password Protected Documents on iPadHow to Open Password Protected Documents on iPad
How to Open Password Protected Documents on iPadVitalii Varbanets
 
Encryption in Microsoft 365 - session for CollabDays UK - Bletchley Park
Encryption in Microsoft 365 - session for CollabDays UK - Bletchley ParkEncryption in Microsoft 365 - session for CollabDays UK - Bletchley Park
Encryption in Microsoft 365 - session for CollabDays UK - Bletchley ParkAlbert Hoitingh
 
Deep thoughts from the real world of azure
Deep thoughts from the real world of azureDeep thoughts from the real world of azure
Deep thoughts from the real world of azureMichele Leroux Bustamante
 
Modern Workplace Conference 2022 - Paris Microsoft Information Protection Dem...
Modern Workplace Conference 2022 - Paris Microsoft Information Protection Dem...Modern Workplace Conference 2022 - Paris Microsoft Information Protection Dem...
Modern Workplace Conference 2022 - Paris Microsoft Information Protection Dem...Albert Hoitingh
 
Storage datasheet
Storage datasheetStorage datasheet
Storage datasheetOry Chhean
 
Dutch Information Worker User Group - January 2022 - eDiscovery and Microsoft...
Dutch Information Worker User Group - January 2022 - eDiscovery and Microsoft...Dutch Information Worker User Group - January 2022 - eDiscovery and Microsoft...
Dutch Information Worker User Group - January 2022 - eDiscovery and Microsoft...Albert Hoitingh
 
OCTOWIRE
OCTOWIREOCTOWIRE
OCTOWIREOctogence
 
The things you need to know about SharePoint 2013 Search
The things you need to know about SharePoint 2013 SearchThe things you need to know about SharePoint 2013 Search
The things you need to know about SharePoint 2013 SearchSearch Technologies
 
Microsoft 365 Chicago - eDiscovery and Microsoft Teams
Microsoft 365 Chicago - eDiscovery and Microsoft TeamsMicrosoft 365 Chicago - eDiscovery and Microsoft Teams
Microsoft 365 Chicago - eDiscovery and Microsoft TeamsAlbert Hoitingh
 
Goans-Helms-IT Security at Georgia Tech Library
Goans-Helms-IT Security at Georgia Tech LibraryGoans-Helms-IT Security at Georgia Tech Library
Goans-Helms-IT Security at Georgia Tech LibraryNational Information Standards Organization (NISO)
 
Integrating with the ORCID API
Integrating with the ORCID APIIntegrating with the ORCID API
Integrating with the ORCID APINobuko Miyairi
 
Practical Security - Modern Day Software
Practical Security - Modern Day SoftwarePractical Security - Modern Day Software
Practical Security - Modern Day SoftwareSatria Ady Pradana
 
Sp24 design a share point 2013 architecture – the basics
Sp24 design a share point 2013 architecture – the basicsSp24 design a share point 2013 architecture – the basics
Sp24 design a share point 2013 architecture – the basicsAlexander Meijers
 
aMS SouthEast Asia 2021 - Microsoft 365 Data Loss Prevention
aMS SouthEast Asia 2021 - Microsoft 365 Data Loss PreventionaMS SouthEast Asia 2021 - Microsoft 365 Data Loss Prevention
aMS SouthEast Asia 2021 - Microsoft 365 Data Loss PreventionAlbert Hoitingh
 
NIC - Securing one drive and its content
NIC - Securing one drive and its contentNIC - Securing one drive and its content
NIC - Securing one drive and its contentOlav Tvedt
 
Android Security and Peneteration Testing
Android Security and Peneteration TestingAndroid Security and Peneteration Testing
Android Security and Peneteration TestingSurabaya Blackhat
 
O365Con18 - Classify, Label and Protect your Data with Azure Information Prot...
O365Con18 - Classify, Label and Protect your Data with Azure Information Prot...O365Con18 - Classify, Label and Protect your Data with Azure Information Prot...
O365Con18 - Classify, Label and Protect your Data with Azure Information Prot...NCCOMMS
 
How Claims is Changing the Way We Authenticate and Authorize in SharePoint
How Claims is Changing the Way We Authenticate and Authorize in SharePointHow Claims is Changing the Way We Authenticate and Authorize in SharePoint
How Claims is Changing the Way We Authenticate and Authorize in SharePointAntonioMaio2
 
Build Security into the Software with Sparrow
Build Security into the Software with SparrowBuild Security into the Software with Sparrow
Build Security into the Software with SparrowJason Sohn
 
Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...
Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...
Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...Ruby Meditation
 
Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?ForgeRock
 
Intelligent Security, Compliance and Privacy in Office 365
Intelligent Security, Compliance and Privacy in Office 365Intelligent Security, Compliance and Privacy in Office 365
Intelligent Security, Compliance and Privacy in Office 365Miguel Isidoro
 
HSPUG presentation - Advanced Data Governance
HSPUG presentation - Advanced Data GovernanceHSPUG presentation - Advanced Data Governance
HSPUG presentation - Advanced Data GovernanceDavid Broussard
 
What Does a Full Featured Security Strategy Look Like?
What Does a Full Featured Security Strategy Look Like?What Does a Full Featured Security Strategy Look Like?
What Does a Full Featured Security Strategy Look Like?Precisely
 
Azure Information Protection - Taking a Team Approach
Azure Information Protection - Taking a Team ApproachAzure Information Protection - Taking a Team Approach
Azure Information Protection - Taking a Team ApproachJoanne Klein
 
Intro to Office 365 Security & Compliance Center
Intro to Office 365 Security & Compliance CenterIntro to Office 365 Security & Compliance Center
Intro to Office 365 Security & Compliance CenterCraig Jahnke
 

More Related Content

What's hot

Storage datasheet
Storage datasheetStorage datasheet
Storage datasheetOry Chhean
 
Dutch Information Worker User Group - January 2022 - eDiscovery and Microsoft...
Dutch Information Worker User Group - January 2022 - eDiscovery and Microsoft...Dutch Information Worker User Group - January 2022 - eDiscovery and Microsoft...
Dutch Information Worker User Group - January 2022 - eDiscovery and Microsoft...Albert Hoitingh
 
The things you need to know about SharePoint 2013 Search
The things you need to know about SharePoint 2013 SearchThe things you need to know about SharePoint 2013 Search
The things you need to know about SharePoint 2013 SearchSearch Technologies
 
Microsoft 365 Chicago - eDiscovery and Microsoft Teams
Microsoft 365 Chicago - eDiscovery and Microsoft TeamsMicrosoft 365 Chicago - eDiscovery and Microsoft Teams
Microsoft 365 Chicago - eDiscovery and Microsoft TeamsAlbert Hoitingh
 
Integrating with the ORCID API
Integrating with the ORCID APIIntegrating with the ORCID API
Integrating with the ORCID APINobuko Miyairi
 
Practical Security - Modern Day Software
Practical Security - Modern Day SoftwarePractical Security - Modern Day Software
Practical Security - Modern Day SoftwareSatria Ady Pradana
 
Sp24 design a share point 2013 architecture – the basics
Sp24 design a share point 2013 architecture – the basicsSp24 design a share point 2013 architecture – the basics
Sp24 design a share point 2013 architecture – the basicsAlexander Meijers
 
aMS SouthEast Asia 2021 - Microsoft 365 Data Loss Prevention
aMS SouthEast Asia 2021 - Microsoft 365 Data Loss PreventionaMS SouthEast Asia 2021 - Microsoft 365 Data Loss Prevention
aMS SouthEast Asia 2021 - Microsoft 365 Data Loss PreventionAlbert Hoitingh
 
NIC - Securing one drive and its content
NIC - Securing one drive and its contentNIC - Securing one drive and its content
NIC - Securing one drive and its contentOlav Tvedt
 
Android Security and Peneteration Testing
Android Security and Peneteration TestingAndroid Security and Peneteration Testing
Android Security and Peneteration TestingSurabaya Blackhat
 
O365Con18 - Classify, Label and Protect your Data with Azure Information Prot...
O365Con18 - Classify, Label and Protect your Data with Azure Information Prot...O365Con18 - Classify, Label and Protect your Data with Azure Information Prot...
O365Con18 - Classify, Label and Protect your Data with Azure Information Prot...NCCOMMS
 
How Claims is Changing the Way We Authenticate and Authorize in SharePoint
How Claims is Changing the Way We Authenticate and Authorize in SharePointHow Claims is Changing the Way We Authenticate and Authorize in SharePoint
How Claims is Changing the Way We Authenticate and Authorize in SharePointAntonioMaio2
 
Build Security into the Software with Sparrow
Build Security into the Software with SparrowBuild Security into the Software with Sparrow
Build Security into the Software with SparrowJason Sohn
 
Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...
Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...
Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...Ruby Meditation
 
Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?ForgeRock
 

What's hot (17)

Storage datasheet
Storage datasheetStorage datasheet
Storage datasheet
 
Dutch Information Worker User Group - January 2022 - eDiscovery and Microsoft...
Dutch Information Worker User Group - January 2022 - eDiscovery and Microsoft...Dutch Information Worker User Group - January 2022 - eDiscovery and Microsoft...
Dutch Information Worker User Group - January 2022 - eDiscovery and Microsoft...
 
OCTOWIRE
OCTOWIREOCTOWIRE
OCTOWIRE
 
The things you need to know about SharePoint 2013 Search
The things you need to know about SharePoint 2013 SearchThe things you need to know about SharePoint 2013 Search
The things you need to know about SharePoint 2013 Search
 
Microsoft 365 Chicago - eDiscovery and Microsoft Teams
Microsoft 365 Chicago - eDiscovery and Microsoft TeamsMicrosoft 365 Chicago - eDiscovery and Microsoft Teams
Microsoft 365 Chicago - eDiscovery and Microsoft Teams
 
Goans-Helms-IT Security at Georgia Tech Library
Goans-Helms-IT Security at Georgia Tech LibraryGoans-Helms-IT Security at Georgia Tech Library
Goans-Helms-IT Security at Georgia Tech Library
 
Integrating with the ORCID API
Integrating with the ORCID APIIntegrating with the ORCID API
Integrating with the ORCID API
 
Practical Security - Modern Day Software
Practical Security - Modern Day SoftwarePractical Security - Modern Day Software
Practical Security - Modern Day Software
 
Sp24 design a share point 2013 architecture – the basics
Sp24 design a share point 2013 architecture – the basicsSp24 design a share point 2013 architecture – the basics
Sp24 design a share point 2013 architecture – the basics
 
aMS SouthEast Asia 2021 - Microsoft 365 Data Loss Prevention
aMS SouthEast Asia 2021 - Microsoft 365 Data Loss PreventionaMS SouthEast Asia 2021 - Microsoft 365 Data Loss Prevention
aMS SouthEast Asia 2021 - Microsoft 365 Data Loss Prevention
 
NIC - Securing one drive and its content
NIC - Securing one drive and its contentNIC - Securing one drive and its content
NIC - Securing one drive and its content
 
Android Security and Peneteration Testing
Android Security and Peneteration TestingAndroid Security and Peneteration Testing
Android Security and Peneteration Testing
 
O365Con18 - Classify, Label and Protect your Data with Azure Information Prot...
O365Con18 - Classify, Label and Protect your Data with Azure Information Prot...O365Con18 - Classify, Label and Protect your Data with Azure Information Prot...
O365Con18 - Classify, Label and Protect your Data with Azure Information Prot...
 
How Claims is Changing the Way We Authenticate and Authorize in SharePoint
How Claims is Changing the Way We Authenticate and Authorize in SharePointHow Claims is Changing the Way We Authenticate and Authorize in SharePoint
How Claims is Changing the Way We Authenticate and Authorize in SharePoint
 
Build Security into the Software with Sparrow
Build Security into the Software with SparrowBuild Security into the Software with Sparrow
Build Security into the Software with Sparrow
 
Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...
Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...
Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...
 
Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?
 

Similar to Security for Enterprise Search : SearchBlox

Intelligent Security, Compliance and Privacy in Office 365
Intelligent Security, Compliance and Privacy in Office 365Intelligent Security, Compliance and Privacy in Office 365
Intelligent Security, Compliance and Privacy in Office 365Miguel Isidoro
 
HSPUG presentation - Advanced Data Governance
HSPUG presentation - Advanced Data GovernanceHSPUG presentation - Advanced Data Governance
HSPUG presentation - Advanced Data GovernanceDavid Broussard
 
What Does a Full Featured Security Strategy Look Like?
What Does a Full Featured Security Strategy Look Like?What Does a Full Featured Security Strategy Look Like?
What Does a Full Featured Security Strategy Look Like?Precisely
 
Azure Information Protection - Taking a Team Approach
Azure Information Protection - Taking a Team ApproachAzure Information Protection - Taking a Team Approach
Azure Information Protection - Taking a Team ApproachJoanne Klein
 
Intro to Office 365 Security & Compliance Center
Intro to Office 365 Security & Compliance CenterIntro to Office 365 Security & Compliance Center
Intro to Office 365 Security & Compliance CenterCraig Jahnke
 
Share point 2013 enterprise search (public)
Share point 2013 enterprise search (public)Share point 2013 enterprise search (public)
Share point 2013 enterprise search (public)Petter Skodvin-Hvammen
 
Office 365 Security - MacGyver, Ninja or Swat team
Office 365 Security - MacGyver, Ninja or Swat teamOffice 365 Security - MacGyver, Ninja or Swat team
Office 365 Security - MacGyver, Ninja or Swat teamAntonioMaio2
 
Search Strategy for Enterprise SharePoint 2013 - Vancouver SharePoint Summit
Search Strategy for Enterprise SharePoint 2013 - Vancouver SharePoint SummitSearch Strategy for Enterprise SharePoint 2013 - Vancouver SharePoint Summit
Search Strategy for Enterprise SharePoint 2013 - Vancouver SharePoint SummitJoel Oleson
 
Ibm i2 ibase
Ibm i2 ibaseIbm i2 ibase
Ibm i2 ibasemissou123
 
Choosing the Best Business Intelligence Security Model for Your App
Choosing the Best Business Intelligence Security Model for Your AppChoosing the Best Business Intelligence Security Model for Your App
Choosing the Best Business Intelligence Security Model for Your AppLogi Analytics
 
Workshop - Ways of Working Within the M365 Workspace.pptx
Workshop - Ways of Working Within the M365 Workspace.pptxWorkshop - Ways of Working Within the M365 Workspace.pptx
Workshop - Ways of Working Within the M365 Workspace.pptxSimon Rawson
 
Connecting External Content to SharePoint Search
Connecting External Content to SharePoint SearchConnecting External Content to SharePoint Search
Connecting External Content to SharePoint SearchAgnes Molnar
 
Active Directory Proposal
Active Directory ProposalActive Directory Proposal
Active Directory ProposalMJ Ferdous
 
Webinar: Secure Solr with Fusion
Webinar: Secure Solr with FusionWebinar: Secure Solr with Fusion
Webinar: Secure Solr with FusionLucidworks
 
Appsworld - Mobilize your SharePoint with WinWire
Appsworld - Mobilize your SharePoint with WinWireAppsworld - Mobilize your SharePoint with WinWire
Appsworld - Mobilize your SharePoint with WinWireWinWire Technologies Inc
 
SPC.Org - SharePoint 2013 Search
SPC.Org - SharePoint 2013 SearchSPC.Org - SharePoint 2013 Search
SPC.Org - SharePoint 2013 SearchBert Johnson
 
Rencore Webinar: Understanding EU GDPR from an Office 365 perspective with Pa...
Rencore Webinar: Understanding EU GDPR from an Office 365 perspective with Pa...Rencore Webinar: Understanding EU GDPR from an Office 365 perspective with Pa...
Rencore Webinar: Understanding EU GDPR from an Office 365 perspective with Pa...Rencore
 
St. Louis SharePoint User Group - Security and Compliance in O365 for SharePo...
St. Louis SharePoint User Group - Security and Compliance in O365 for SharePo...St. Louis SharePoint User Group - Security and Compliance in O365 for SharePo...
St. Louis SharePoint User Group - Security and Compliance in O365 for SharePo...Ajay Iyer
 

Similar to Security for Enterprise Search : SearchBlox (20)

Intelligent Security, Compliance and Privacy in Office 365
Intelligent Security, Compliance and Privacy in Office 365Intelligent Security, Compliance and Privacy in Office 365
Intelligent Security, Compliance and Privacy in Office 365
 
HSPUG presentation - Advanced Data Governance
HSPUG presentation - Advanced Data GovernanceHSPUG presentation - Advanced Data Governance
HSPUG presentation - Advanced Data Governance
 
What Does a Full Featured Security Strategy Look Like?
What Does a Full Featured Security Strategy Look Like?What Does a Full Featured Security Strategy Look Like?
What Does a Full Featured Security Strategy Look Like?
 
Azure Information Protection - Taking a Team Approach
Azure Information Protection - Taking a Team ApproachAzure Information Protection - Taking a Team Approach
Azure Information Protection - Taking a Team Approach
 
Intro to Office 365 Security & Compliance Center
Intro to Office 365 Security & Compliance CenterIntro to Office 365 Security & Compliance Center
Intro to Office 365 Security & Compliance Center
 
Share point 2013 enterprise search (public)
Share point 2013 enterprise search (public)Share point 2013 enterprise search (public)
Share point 2013 enterprise search (public)
 
Office 365 Security - MacGyver, Ninja or Swat team
Office 365 Security - MacGyver, Ninja or Swat teamOffice 365 Security - MacGyver, Ninja or Swat team
Office 365 Security - MacGyver, Ninja or Swat team
 
Search Strategy for Enterprise SharePoint 2013 - Vancouver SharePoint Summit
Search Strategy for Enterprise SharePoint 2013 - Vancouver SharePoint SummitSearch Strategy for Enterprise SharePoint 2013 - Vancouver SharePoint Summit
Search Strategy for Enterprise SharePoint 2013 - Vancouver SharePoint Summit
 
Ibm i2 ibase
Ibm i2 ibaseIbm i2 ibase
Ibm i2 ibase
 
Choosing the Best Business Intelligence Security Model for Your App
Choosing the Best Business Intelligence Security Model for Your AppChoosing the Best Business Intelligence Security Model for Your App
Choosing the Best Business Intelligence Security Model for Your App
 
Workshop - Ways of Working Within the M365 Workspace.pptx
Workshop - Ways of Working Within the M365 Workspace.pptxWorkshop - Ways of Working Within the M365 Workspace.pptx
Workshop - Ways of Working Within the M365 Workspace.pptx
 
Connecting External Content to SharePoint Search
Connecting External Content to SharePoint SearchConnecting External Content to SharePoint Search
Connecting External Content to SharePoint Search
 
Data Leakage Prevention
Data Leakage PreventionData Leakage Prevention
Data Leakage Prevention
 
Active Directory Proposal
Active Directory ProposalActive Directory Proposal
Active Directory Proposal
 
Devi
DeviDevi
Devi
 
Webinar: Secure Solr with Fusion
Webinar: Secure Solr with FusionWebinar: Secure Solr with Fusion
Webinar: Secure Solr with Fusion
 
Appsworld - Mobilize your SharePoint with WinWire
Appsworld - Mobilize your SharePoint with WinWireAppsworld - Mobilize your SharePoint with WinWire
Appsworld - Mobilize your SharePoint with WinWire
 
SPC.Org - SharePoint 2013 Search
SPC.Org - SharePoint 2013 SearchSPC.Org - SharePoint 2013 Search
SPC.Org - SharePoint 2013 Search
 
Rencore Webinar: Understanding EU GDPR from an Office 365 perspective with Pa...
Rencore Webinar: Understanding EU GDPR from an Office 365 perspective with Pa...Rencore Webinar: Understanding EU GDPR from an Office 365 perspective with Pa...
Rencore Webinar: Understanding EU GDPR from an Office 365 perspective with Pa...
 
St. Louis SharePoint User Group - Security and Compliance in O365 for SharePo...
St. Louis SharePoint User Group - Security and Compliance in O365 for SharePo...St. Louis SharePoint User Group - Security and Compliance in O365 for SharePo...
St. Louis SharePoint User Group - Security and Compliance in O365 for SharePo...
 

Recently uploaded

Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataBradBedford3
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsJheuzeDellosa
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfjoe51371421
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityNeo4j
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...kellynguyen01
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackVICTOR MAESTRE RAMIREZ
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEOrtus Solutions, Corp
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio, Inc.
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...soniya singh
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptkotipi9215
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxTier1 app
 
The Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfThe Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfPower Karaoke
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样umasea
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - InfographicHr365.us smith
 
XpertSolvers: Your Partner in Building Innovative Software Solutions
XpertSolvers: Your Partner in Building Innovative Software SolutionsXpertSolvers: Your Partner in Building Innovative Software Solutions
XpertSolvers: Your Partner in Building Innovative Software SolutionsMehedi Hasan Shohan
 

Recently uploaded (20)

Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number Systems
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdf
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered Sustainability
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStack
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.ppt
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
 
The Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfThe Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdf
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - Infographic
 
XpertSolvers: Your Partner in Building Innovative Software Solutions
XpertSolvers: Your Partner in Building Innovative Software SolutionsXpertSolvers: Your Partner in Building Innovative Software Solutions
XpertSolvers: Your Partner in Building Innovative Software Solutions
 
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
 

Security for Enterprise Search : SearchBlox

  • 1. SEARCHBLOX SOFTWARE, INC. Security Architecture for Enterprise Search
  • 2. • SearchBlox Enterprise Search • Security Architecture • User Security • Application Security • Data Security • Compliance • Backup and Recovery Security Architecture for your enterprise search Secure Enterprise Search SEARCHBLOX SOFTWARE, INC.
  • 3. • Founded in 2003 • Focus on enterprise search • Using AI for search • 400+ customers in 30 countries • Based in Richmond, Virginia, USA • AWS Technology Partner • 2015-2020 – KMWorld Trendsetting Product of Year • KMWorld 100 Companies that matter in Knowledge Management SearchBlox Enterprise Search SEARCHBLOX SOFTWARE, INC.
  • 4. SEARCHBLOX SOFTWARE, INC. Security for Enterprise Search is Critical Avoid data breaches and ensure rock-solid security for enterprise search.
  • 5. SEARCHBLOX SOFTWARE, INC. Enable search for all your secure data ERP CRM DB Documents Full-Text Search Encrypted Data Compliance SearchBlox Enterprise Search • Secure crawl of any data • Search across all/any data source(s) • Search encrypted sensitive data • User management with LDAP/AD Crawl
  • 6. SEARCHBLOX SOFTWARE, INC. Security is central to SearchBlox Architecture
  • 7. Users Application Data SEARCHBLOX SOFTWARE, INC. Building a user security model for enterprise search SearchBlox provides multiple security layers
  • 8. Ø Global User • Any search user who can access the system, public or authenticated. Ø Profile • Access is allowed by title or rank within the organization. Levels of access may include VP, Director, Manager, Customer, Employee. Ø Group / Role • Arbitrary groups of users (Sales, HR, Marketing, Finance). Ø Specific User • Security allowed on a per user basis. SEARCHBLOX SOFTWARE, INC. Search – Examples of User Types Global User Profile Group / Role Specific User
  • 10. SEARCHBLOX SOFTWARE, INC. Search User - Index Access Types • Public Access • Authenticated Search Access • Collection / Repository / Index Level Access • Document / Record Level Access • Sub-Document / Sub-Record Level Access Public SensitivePrivate Enable user search access for your data securely
  • 11. SEARCHBLOX SOFTWARE, INC. Search User - Index Access Types Security starts with defining requirements for users to access the search index. Public Search Access • You can search without any login or authentication. Search users are anonymous. Authenticated Search User Access • You can search after authentication; if you are not authenticated, you cannot search. Collection / Index / Repository Access • Search can be allowed based on the user. Once the user is authenticated and authorized, collections are available for search.
  • 12. SEARCHBLOX SOFTWARE, INC. Search User - Index Access Types By Document • Users with specific roles, groups or designated users can search documents or records, but others are restricted. By Sub-Document • Different users may see different parts of the same document or record. For example, the document may contain financial information which is searchable to all users, but the sensitive data is displayed only to the authorized users.
  • 13. SEARCHBLOX SOFTWARE, INC. Search User – Typical Access Use Cases • Public Websites • Marketing Websites • Product Websites Public SensitivePrivate • Company Intranets • Customer Support Portals • Contact Center Agent Portals • Knowledge Base Portals • Finance, HR, CRM, Sales Data Portals • Employee Portals • Customer Portals • Healthcare Portals • Patient Only Portals
  • 14. SEARCHBLOX SOFTWARE, INC. SearchBlox Searchable Encrypted Data
  • 15. SEARCHBLOX SOFTWARE, INC. Search User – Document Level Security for Sensitive Data • Document Level Access • ACL with LDAP/AD • SearchBlox Realm authentication and authorization • Sub-Document Level Access • AES256 Encryption with customer key • SearchBlox Realm authentication and authorization • One or more columns within a database can be encrypted but available for full-text search Allow Deny Allow Deny
  • 16. • Encryption at rest • Disk level encryption • External encryption tools • Encryption in transit • TLS 1.2, TLS 1.3 / SSL with cert to secure your data with AES256 • Encryption at field level for sensitive data • Store and search PII or sensitive fields with encryption • Select the PII data — credit card numbers, SSN, email addresses, etc. SEARCHBLOX SOFTWARE, INC. Data Security
  • 17. SEARCHBLOX SOFTWARE, INC. SearchBlox Application Security
  • 18. • SearchBlox Realm or AD/LDAP with/without SAML 2.0 or Okta Integration • Public, Private and sensitive search results for users • Secure Admin console access for Admins, Managers and Business Users • Activity logging for all Admin actions • Access, Activity, Query, User logs for real-time monitoring SEARCHBLOX SOFTWARE, INC. Application Security for Administrators and Search Users Authentication Authorization Audit
  • 19. • Crawl secure data using credentials (HTTP Basic, Forms based-authentication, ADFS/SSO) • Crawler custom User Agent name for access • Crawling through secure proxy server • Crawling with connection/requests throttling • Crawling with API tokens for specific repositories • Crawling with Custom Header values for authentication SEARCHBLOX SOFTWARE, INC. Crawler Security for indexing data
  • 20. • Backend authentication using SearchBlox realm or LDAP, Okta • Search UI uses JWT for security • Prevents CSRF • Login / Logout of search sessions • Section 508 Compliant • SSL only search access SEARCHBLOX SOFTWARE, INC. Search UI Security for data
  • 21. • Backup and restore data at an index level • Backup and restore of configuration for enterprise search setup • Avoid data loss with index / configuration replication with SearchBlox cluster setup SEARCHBLOX SOFTWARE, INC. Backup and Recovery for index data and configuration Data
  • 22. SEARCHBLOX SOFTWARE, INC. Fix your missing links. Prevent your next data breach. Secure Enterprise Search