As more and more organisations start to embrace cloud-based solutions for their data- and information management needs, many are coming to the realisation that they still need to store a substantial amount of data closer to home. On premise may feel a little old fashioned next to cloud offerings, but for numerous practical, legal and security reasons it remains relevant, and unlikely to vanish any time soon.
Which means that many organisations will still find themselves in a position of working around large amounts of disconnected distributed systems, with no single point to access it all. Other organisations with data held in different search platforms, or those whose data is in different geographic locations have the same problem: distributed infrastructures make it difficult to paint a complete picture of what’s happening inside a business, with limited possibilities for moving from a top level perspective into individuals areas and investigate or observe how everything fits together.
And this ‘distributed’ problem can stem from a combination of completely valid realities; different departments select and adopt different technologies based on their own needs. Privacy and export laws can impose strict geographical controls on data. Mergers and acquisitions bring together disparate groups of people, each with their own organisational and data storage arrangements. And finally, there are a number of other drivers to adopt these new offerings, the challenge is just how to make it cost-effective and practical for you.
So what is the best, most pragmatic way to deal with these issues? How should organisations start to think about connecting their data together? Moreover, how can they ensure that their people are able to access and understand relevant, timely information with a minimum of disruption and maximum engagement? All whilst ensuring compliance with internal and legal security policies that protect the integrity of individuals, data, and the business itself.
And for end users this means the ability to see more: more relevant information, more trends and more context, and pinpoint detail when they need it. Federated search delivers a reality that is greater than the sum of it's parts.
Imagine combining internal marketing information held in SharePoint with individual customer transactional data from a database; or combining the results from two or more distinct SharePoint servers in different countries.
In terms of implementing Twigkit federated search, data sources can be added, removed or swapped out of the application incredibly quickly and easily: it’s as simple as adding a single line of code.
Of course, being able to bring business data together in this way is not the only benchmark for a truly successful single-pane-of-glass application. The security constraints of the application must remain enforced and in place from the outset. Moreover, the data within the application must itself be presented and structured in a way that allows and encourages people to find, explore and manipulate it, thanks to an interface that is clear, meaningful and device agnostic.
With Twigkit acting as the single point of access for all data sources, our rule engines and integration with Single-Sign-On (SSO) providers lets organisations stay on top of their security requirements. The user experience isn’t disrupted with multiple logins and passwords, irrespective of which of the dozens of security models is used, instead Twigkit provides a single point of secure access to data.
In the latest release of Twigkit we’ve simplified two of our key security integrations. For Kerberos we’ve removed the need for servlet container plugins and fronting the Java application with IIS. This greatly speeds up the configuration and setup time. For OAuth 2.0 we’ve pre-packaged Google, Facebook, and Office 365 implementations for OAuth. So now our customers can take full advantage of the many pre-packaged SSO services.
The interface of your application plays a huge role in delivering a great overall user experience. Twigkit makes it possible to create beautiful, tactile and clear application user interfaces (UI) quickly and easily, from a library of provided UI components. Components exist for all aspects of the application, from search results to reports and interactive visualisations, and each comes fully browser tested and guaranteed to work on any device or screen.
Bringing it all together
By using pre-built modules and components and neatly drawing a line between the application itself and all underlying data sources, the result is an application that offers true flexibility for the future, safeguarding the initial investment.
Technical Case Study:
SharePoint Federated Secure Search
With the advent of Office 365 (O365) many enterprise customers are taking the opportunity to move their SharePoint repositories into the cloud. But as we’ve seen, with even moderately complex security requirements this often means that some data remains in on premise SharePoint servers, while the rest is migrated to an online SharePoint environment using O365.
Twigkit can help here, by laying a secure, federated search over both their SharePoint on premise and cloud repositories. How? Through our out-of-the-box integration with Microsoft Active Directory Federation Services’ (ADFS) the Security Token Service (STS) and OAuth authentication protocol, Twigkit can perform a single search against both SharePoint and O365 at the same time.
Security Token Service
Twigkit applications authenticate using the Security Token Service to securely retrieve data from either SharePoint or Office 365 and ensuring the individual only sees data they have permission for. The same approach can be used for Office 365.
SharePoint Online natively supports OAuth and authenticating using OAuth is simpler than using the STS. Arguably OAuth is the right approach when using O365 for Single Sign On, however, it lacks the capability of the STS methodology to federate security seamlessly with SharePoint on premise.
In both STS and OAuth methods Twigkit manages the tokens sent to the data platform which is how the repository determines what data the user is allowed to retrieve.
More than simply getting a set of results from both platforms, performing federation with Twigkit combines all aspects of the data including facets, rescoring documents to optimise relevance and scoring, and more, to deliver a compelling user experience across silos. What we get is a single, feature-rich view of the data, unhampered by distributed architectures at the platform level.
Being a true, federated single-sign-on solution, the user is not challenged for credentials (assuming they have an active session). Queries are secured using our built-in security capabilities, again without custom code or convoluted configuration.
Twigkit provides real solutions to the many challenges of working with distributed data. Our acceptance of any and all data sources, our deep integration with multiple security providers, and our powerful UI component library all come together to create tactile, flexible solutions which connect people with the right information, on any device, irrespective of whether the underlying data is held on enterprise sites or in the cloud.
We believe that by making data easier to interact with, it can uncover new insights and make a real difference to people’s lives.
Twigkit is a software company with offices in San Jose, London and Cambridge. Over the past 7 years our technology has changed the way forward thinking global organizations access and make sense of their data.
Fortune 500 companies trust us with their search and discovery needs, alongside governments, military, manufacturers, media, retailers, charities, financial services, and more.
By solving complex problems with simple building blocks, marrying great defaults with fine grained control, and abstracting retrieval from any data provider, we enable custom search and discovery applications in a fraction of the time of bespoke development, and with demonstrably better results.
If you have a project of your own in mind please don’t hesitate to get in touch with us at firstname.lastname@example.org