An excellent enterprise search solution should inherit your organization’s existing permissions
It’s a new engineer’s first day of work. As they go through their onboarding documents, they start digging around trying to learn as much about the company as possible. Fortunately, your organization has an easy-to-use enterprise search solution that they implemented a month ago. For kicks, the new engineer types their new boss’ name into the system.
And sitting right there in the search results is their manager’s pay stub.
Your enterprise search did its job – it found the information related to that query – but perhaps it did its job a little too well.
Putting limits on enterprise search without putting limits on productivity
In the same way that a diver needs to know how to swim back up to the surface and a track star needs to know how to slow down and stop once crossing the finish line, an enterprise search solution needs to know when to put limits on its “findability function.”
There are several ways that organizations make this happen even before implementing an enterprise search solution. The most common way is by implementing permissions on a source repository. When an employee is hired, they may be slotted into a specific commissions group, e.g., Engineer Level 1, and that group determines what they can see in a given repository.
But here’s where things get complicated. As your organization grows larger, the amount of complexity grows as well. This means that a majority of your organization may be using Sharepoint while your engineers or developers barely duck into that repository. That said, they may still need to use those repositories to occasionally find a file they need to do their work. Permissions management becomes a key responsibility, and you want to ensure that your search engine honours those centrally managed permissions that are enforced at the repository level, to prevent even further complexity.
A smart way to generally improve security is to manage your files where employees are already using them by adding extra metadata that works with and alongside your security permissions groups.
Add metadata that links the files to the groups. If the file is tagged with Accounting, then it helps admins to set permissions to the group “Accounting – General.” If the file is tagged with Accounting and Confidential, then perhaps the policy is that only members of the security group “Accounting Senior Management” can access it. General classification metadata can help data stewards or records managers by providing dashboards or reports that Information Security colleagues can use to gain insights and understanding into how information is being used, regardless of its security permissions.
You can help improve the overall security of your content by:
- Crawling all of your different repositories and producing a centralized index or inventory of all your unstructured data aka files
- Assessing the existing metadata
- Enriching the tags with additional metadata fields
- Adding specific security classification tags
- Improving the findability of your data, while ensuring that only those who have the correct permissions can access it
Shinydocs enables this with its Enterprise Search solution. Employees can search across all crawled repositories from a central location. They don’t have to keep switching between different applications to find what they need. They’re also given access to only what they’re supposed to see, since our Enterprise Search solution automatically inherits all of your permissions.
Interested in learning more? Watch the “Findability Fuel Webinar: What your organization needs to power rich enterprise search” hosted by our Principal Evangelist Jed Cawthorne and available On Demand here.