Key Issues with Solr Security

SearchStax: 

What are some key issues when it comes to Solr Security?

Thomas: 

Since SearchStax is providing Solr as a Cloud hosted service, we take on additional security commitments that a prospective user or customer should consider when evaluating other vendors or just considering doing it themselves. Providing Solr Security addresses key issues, which include having a secure operating system, controlled port accesses, secure Solr and ZooKeeper applications, secure Solr accessibility from the internet, and then of course, thorough access controls to make changes to all these security attributes.

SearchStax:

How does SearchStax help?

Thomas:

SearchStax does all this for you and leaves some room for customization as well where customers may need it based on their project or client application requirements. First, the operating systems are routinely patched and upgraded. We also conduct quarterly vulnerability scans and take action as necessary. We manage Solr and ZooKeeper applications and assist by updating runtimes patching based on our monitoring and reports from the cybersecurity community. From a data security perspective, all disk volumes are encrypted, and data sent via the internet is encrypted with TLS, which is maintained in the background by SearchStax. Also, accessibility to the Solr applications from the internet itself is key. All products include an authentication mechanism that’s manageable by our customers, and then for our dedicated deployments offering we also provide the ability for users to whitelist IP addresses and ranges. Now thirdly for the compliance-heavy organizations, are those dealing with sensitive PII data. We also offer private cloud environments, which are inaccessible from the internet and appear to the clients network for highly controlled access. And then lastly, it’s also important to mention the management aspect to all this, you know, users and customers can customize and manage their security from the dashboard. So we provide the ability to define strict roles and permissions for users so only certain individuals can make changes to Solr security. And then, in order to login, we offer a two factor authentication option and then also an additional Single Sign-On feature for organizations with compliance that requires that.

Visit us at www.searchstax.com/managed-solr/ to learn more, talk to an expert, start a free trial or check out our online documentation.