This post describes the different options available when using Aquaforest Searchlight to process documents in SharePoint Online and also addresses security questions.
If you set up Searchlight in your local server and access SharePoint Online remotely as depicted in the diagram below, all documents will be downloaded and uploaded over SSL and therefore encrypted.
The downside with this setup is the connection speed between yourself and Office 365, which can affect the overall time taken to process documents in your SharePoint libraries. It has no additional cost per se, except for managing the computer Searchlight is installed on.
You can set up Searchlight by installing it in an Azure VM as shown below.
This option offers the most flexibility in terms of cost as well as performance, management and scalability. With this setup, everything is contained in the Microsoft Cloud. As such, it benefits from the security and performance provided by Microsoft datacentres, which is more than your company is likely to provide. Processing is faster and more secure as documents are never downloaded to local machines. Even if your Azure VM and your Office 365 service are on different datacentres, you can still expect secure and fast transfer of documents. Microsoft operates one of the top ten networks in the world resulting in incredibly fast datacentre-to-datacentre connections [source]. You also do not need any on-premise infrastructure. Moreover, should your processing requirements change in the future, it is very easy and fast to scale up (or down) the VM through the Azure portal.
What about cost? Since Searchlight does not have to be running 24/7, you can benefit from the Azure’s hourly subscription model. Let’s break it down. The most common use-case is to run Searchlight with 8 cores. If we run Searchlight for 40 hours a week, the price to run a server with 8 cores and 14 GB RAM is $115.20 per month.
This is quite affordable considering you are leveraging the operational cost of an on-premise infrastructure while benefiting from a host of features such as physical security, encryption of data both at rest and in-transit, performance, etc.
The above setup could be made faster and more secure if you use the Azure ExpressRoute. Azure ExpressRoute is a private connection between your on-premises infrastructure and your Microsoft cloud service. ExpressRoute connections do not go over the public Internet and therefore offer more reliability, faster speeds, lower latencies and higher security than typical Internet connections.
Microsoft is constantly learning and continuously updating their services and applications to deliver a secure cloud productivity service that meets rigorous industry standards for compliance. For those who are still apprehensive, Microsoft has put it in place an Office 365 trust centre which has all the latest information regarding security in Office 365.
Where does Aquaforest Searchlight fit in all of this? When it comes to Searchlight, users may be concerned about security of their documents when they are in transit between the server and Searchlight. In other words, are the documents encrypted while being downloaded and uploaded through Searchlight?
In short, yes. Microsoft makes use of SSL/TLS for all communications to and from their servers. All SSL connections are established using 2048-bit keys [source]. SSL/TLS protects data in transit by encrypting it. It also ensures that the data is not altered during the transit. Even if the encrypted data is intercepted, it would be meaningless without decryption.
Microsoft, as one of the leaders in this market, has implemented security at every level, from application development to physical datacentres to end-user access. Very few organisations have the ability to maintain an equivalent level of security on-premises at a reasonable cost. Hopefully, this post has clarified that Microsoft Cloud Services are inherently secure and safe to use in conjunction with Aquaforest Searchlight.