Yet you don't have to look much further than "The Search Engine Wars" for evidence of just how important search really is. This is no less the case when it comes to enterprise. Enterprise search then should provide users with the resources when and how they need them, taking care of course not to lose sight of security and bridging the boundaries defined by security policies. Making search and security work hand in hand is the key criteria for a success story of the Enterprise CMS.
Does your content management system sacrifice security for the sake of an easier search experience? Or does the complexity of the security overwhelm and make for dreadful search experiences that result in further content duplication and isolation? The goal is to build a system that gains high marks in both security and usability (i.e. search): it provides the flexibility required by the advanced security needs of your environment while providing high usability and a good user experience.
Guidelines for Achieving a Workable Balance:
1. A two-way street between search and security
The traditional approach to Enterprise CMSs is to place security data in one repository while all the search data goes in another. That’s a problem. One cannot perform a search that will reflect security policies without the search infrastructure knowing something about those security policies. Share some information. A certain amount of security information must be shared with the search infrastructure (user X can read A and B).
2. Real-time governance
Keep information up to date and in sync between security and search. Do not let the search infrastructure's shared data go stale when making changes in the security policies. The data must stay relevant and fresh, or else it’s going to be wrong (user X can no longer read B; not sharing this change leaves user X finding B in search).
3. Context awareness
When a request comes in for information, take the context of that request into consideration when performing the search. If a user logs on and performs a search, the system "knows" the user and takes the person’s credentials into consideration when passing this information to the search infrastructure. The search infrastructure can then calculate the correct result (user X finds A, but not B; the administrator revokes user X's permissions on A, user X finds neither A or B).
When it comes to Enterprise CMS, a large part of increasing adoption comes from the trust users will put in the system, particularly when it comes to handling sensitive information. You want the system to earn users’ trusts while providing great usability. It takes a lot of work to find the right balance between search and security, but when you do, your organization will find its Enterprise CMS users to be a happier, more productive lot.
Title image courtesy of Anatoli Styf (Shutterstock)