Browse > Home / Enterprise, Search / Security and Behind-the-Firewall Search

Security and Behind-the-Firewall Search

March 4, 2008

In June 2007, I had a useful and informative meeting with several members of the Oracle Secure Enterprise Search team. SES10g was, at that time, the Oracle offering,. Our informal discussion turned to the topic of what mattered most to buyers of enterprise search systems.

My recollection of our conversation was that many buyers are unsure about the features on offer from most vendors. Oracle’s viewpoint — and I am paraphrasing — is that security is one of the most important considerations. In some cases, it is the most important single factor in a search system. Other features like finding similar documents are mostly marketing sizzle or lipstick on a barnyard animal. Demonstrations of collaborative functions and visualizations capture attention. But, at the end of the day, security remains the foundation principle.

Coincident with the AIIM (Association of Information & Image Management) conference in Boston, Massachusetts, this week, Oracle issued a news release which you can read here. The core of the release is that security is the watchword for an Oracle search and information solution.

Oracle’s approach to security is well-conceived. Like other vendors, the Oracle security system is “aware” of access control information. However, instead of using these flags, the Oracle approach uses a security subsystem that provides robust, role- appropriate access to content within the system’s repository within an enterprise-wide search solution.

In a nutshell, the Oracle approach uses a separate server and software sub system that performs security functions. In effect, Oracle becomes the security mechanism for the licensee. There’s no reluctance on my part to applaud Oracle’s engineering of its security server sub system, its wealth of administrative controls, or its extensibility.

My question is, “Does security trump other behind-the-firewall search system features?”

My view is that for certain clients, security takes precedence over cost, ease of use, and the zippy features such as assisted navigation capture customers’ attention.

Customers who value security include the intelligence and law enforcement markets, financial services, pharmaceuticals, and regulated sectors such as health and medicince. When Oracle battles for a license deal in these markets, it sells against other carrier-class vendors of search and retrieval.

When Oracle or another high end vendor makes a sale, the customer may discover that third-party solutions are needed to provide certain needed features; for example, point-and-click assisted navigation interfaces. Then, if a third-party solution is not appropriate for these customers, Oracle can provide the consulting, engineering,  and code components to build what’s needed. Custom coding is less of a barrier for a large organization. Smaller organizations may find that the Oracle- or Oracle-type solution is not appropriate.

As the interest in search and retrieval filters downward from the largest organizations to the much larger mid-market and small-market sectors, an opportunity exists for a security-enhanced solution that is more nimble. I see Google’s evolution of its Search Appliance as a move in this directioin. But some vendors of behind-the-firewall search systems lag behind Oracle’s industrial-strength approach. Google has with each release of its Google Search Appliance enhanced its security features and functionality.

I also cannot recall an unremediated security problem with the search systems we track. Sure, there are lapses caused by poor upgrade procedures and flawed security work flow processes in particular organizations. But, by and large, most vendors’ solutions depend on the larger security infrastructure, administrative configuration controls, and existing security practices. Most vendors “snap in” to a licensee’s existing security system.

In my view, Oracle should be commended for keeping this issue front and center. But, as most security professionals will assert, a security system boils down to the behavior of individuals. No matter how stringent the security system is, that system can be compromised by one person’s actions.

Therefore, I don’t see much change in the positioning or marketing of behind-the-firewall search systems. Oracle is flying a security flag, and it will attract those customers who perceive security as job one for search. However, in the broader market, security is one aspect of a search and retrieval system.

Marketers of behind-the-firewall search systems will beat these drums:

  • Assisted navigation to help alleviate resistance to the naked search box
  • Reports that answer questions instead of laundry lists of results
  • Search embedded in applications so the user doesn’t have to take step out of a work flow to get needed information.

I heard that Oracle Applications, a unit of Oracle, is supporting the Google Search Appliance in some client installations. If true, this suggests that security alone is not a cure for search ills. Large organizations do mysterious things in order to satisfy customers. That’s just business today.

Security, it almost goes without saying, is assumed or expected. Vendors who are making an effort to provide licensees with systems that reduce the administrative costs of search have a very compelling value proposition — reduced cost and complexity. Looking forward, simplicity, ease of use, and user satisfaction are going to be more compelling in the mid-market.

There are several important areas of contention in the behind-the-firewall search sector. At the high-end, the super platforms compete. This is the seven figure enterprise search market where IBM, Microsoft, Oracle, and SAP battle. These are customized solutions, and the search system often consists of multi sub systems and work flow integration.

The mid market is the emerging battleground. Most of these organizations are on the hunt for a way to find, manipulate, and exploit their digital assets. A mid market firm may have $100 million in revenue but no single-point search system or even a workable unit-level search system. Many vendors are targeting this market sector because the super platform vendors have products that are too expensive, too difficult to administer, or too encumbered with expensive add ons.

The low end market is the largest, and it is almost prohibitedly expensive to hit mom-and-pop businesses. Search vendors find themselves competing with free solutions or “baked in search” features. These are good enough solutions.

The battlegrounds, therefore, will be the high end and mid markets. Different value propositions are needed for these markets, and at this time, the marketing messages conflict. Maybe picking one feature — security — is the way to cut through the clutter. In my view, I think that cost, ease of use, and user satisfaction are likely to be the more compelling messages in today’s business climate.

Stephen Arnold, March 4, 2008

Written by Stephen E. Arnold · Filed Under Enterprise, Search 

Comments

Comments are closed.

  • Archives

  • Recent Posts

  • Meta