How is Auditing & Authentication Handled?
This is one of many aspects of the Senzing API that our customers LOVE. Senzing is a library that is embedded in other things and connects to a database, no moving parts, no network access, etc. As such, we operate as a library and the workflow/processes that call the Senzing API are the components that control the secure access.
We do not require the use of any particular auditing, authentication, and authorization frameworks. You would use your own corporate standard mechanisms to implement those capabilities in your use of Senzing as well as the database it connects to and do not have to deploy/learn a completely new stack.
Our Senzing Community assets (docker, REST, GUIs, etc) are all open source (Apache 2.0) and built on some of the most popular industry standards (Jetty, Angular, etc). This allows you to incorporate and lock down these components much more readily than closed and proprietary capabilities.
A helpful article on the Senzing Architecture related to this topic.
Is Senzing Data Encrypted At Rest?
Yes, it can be. Encrypting Senzing's data at rest is handled by the specific data store being used.
Database encryption can have significant performance implications so please involve your IT team and make sure they have reviewed some of our key documents:
Can I Anonymize Fields At Source Systems Before Submitted To Senzing?
There is an advanced Senzing feature called Selective Feature Hashing that allows data owners to one-way hash selected fields (e.g., driver's license and date of birth) before the data is submitted to Senzing for Entity Resolution.
Here are a few articles on the concept and method:
NOTE: This is an advanced feature that currently requires consultation.
Top tip time!
Additionally, custom plugins can be written for Senzing. One example of a custom plugin is decrypting data values that were previously encrypted outside of Senzing in memory during the entity resolution process. Be sure to take a look at the article outlining this example.