In today’s digital landscape, every organization faces unique security challenges. For instance, an ecommerce company may prioritize the protection of web applications, while a hospital might focus on safeguarding confidential patient data. Despite these differences, the universal need for secure apps and devices remains constant across all organizations. ArcGIS Enterprise offers tailored security profiles to meet these varying needs, ensuring that your deployment is compliant with your organization’s security standards.
Security Profiles Overview
Esri provides two main security profiles: Basic and Advanced.
Basic Security Profile
This profile is recommended for over 95% of ArcGIS Enterprise users. It includes essential security controls aligned with industry standards like NIST (National Institute of Standards and Technology) and ISO (International Organization for Standardization). The Basic profile is designed to meet the security needs of most organizations while ensuring compliance with common regulatory frameworks.
Advanced Security Profile
Designed for mission-critical operations, this profile includes stringent security controls that go beyond the Basic profile. It’s ideal for organizations that must meet rigorous security requirements. The Advanced profile incorporates guidance from the ArcGIS Server Security Technical Implementation Guide (STIG) and is tailored for software defined as critical by NIST, providing a higher level of security.
Secure Deployment Patterns
When deploying ArcGIS Enterprise, organizations can choose from three operating environments: Windows, Linux, and Kubernetes.
Deployments can be manual or automated using tools like Chef, PowerShell DSC, AWS, Azure, and ArcGIS Experience Builder. However, it’s important to note that automation tools don’t automatically configure systems to meet the Basic security profile. Additional configuration is necessary to bring ArcGIS Enterprise to a secure production-ready state.
Esri outlines several secure deployment patterns to enhance security:
Standard Secure Enterprise Pattern
This pattern includes common security infrastructure components such as SIEM systems for log management, centralized identify providers, web application vulnerability detection systems, and a web application firewall (WAF).
Secure Pattern & Admin Publishing
Designed for organizations that need to publish and administer ArcGIS Enterprise services via ArcGIS Pro. This pattern ensures workflows aren’t blocked by WAF rules, maintaining functionality without compromising security.
Secure Pattern & System of Record
This pattern expands the standard secure pattern by incorporating additional ArcGIS Server tiers to support dedicated mapping, imaging, geoprocessing, and geocoding services, drawing data from an enterprise geodatabase.
Secure Pattern & System of Record & Data Production
This further expansion supports data production workflows, including geodatabase versioning and replication, enabling organizations to manage and deliver GIS data effectively.
By understanding and implementing the appropriate security profiles and deployment patterns, organizations can significantly enhance the security of their ArcGIS Enterprise environments, tailored to their specific operational needs.
Who We Are
GCS is a Geospatial Information Technology Services Company delivering award-winning solutions.
Our team of geospatial IT and cloud certified professionals help organizations unlock and enable GIS technology. With over 200 years of combined technical expertise, GCS converts your ideas into reality through customer-driven, innovative applications. GCS customers gain strategic value through increased productivity, efficiency and profitability, optimizing mission-critical business processes.
Esri Business Partner
Since 2002, GCS has been an Esri Business Partner.
Further, GCS is recognized by Esri for its expertise in state and local government, implementation, and delivery of services that help customers succeed with ArcGIS technologies.
You must be logged in to post a comment.