Sisense is built around a robust and flexible security architecture that has been designed to ensure security processes are enforced while scaling to enterprise deployments of Sisense.
As part of this architecture, Sisense complies with the United States Federal Information Processing Standard (FIPS) 140 standard, which defines cryptographic algorithms approved for use by US Federal government computer systems for the protection of sensitive data. An implementation of an approved cryptographic algorithm is considered FIPS 140-compliant only if it has been submitted for and has passed National Institute of Standards and Technology (NIST) validation.
In Sisense v6.7, Sisense added security hardening to the Sisense application database access. Part of the improvements to the application database’s security removed FIPS compliance. To remain FIPS-compliant, you must disable the application databases authentication, which was added in Sisense V6.7. The database access will remain unauthenticated, as it was prior to Sisense V6.7.
If you disable the application database's authentication, Sisense recommends deploying the application database behind a network firewall to increase the level of security.
Sisense is currently developing a version of Sisense for Linux. The Linux version will support application database authentication together with FIPS compliance.
To disable the application database’s authentication:
- Disable authentication from the application database:
- Restart Sisense.Repository:
- Remove the username and password from the application database’s connection string:
- In your browser, open the Configuration Manager located at http://localhost:3030.
- In the field Connection String, remove the username and password parameters, for example connectionString=”mongodb://localhost:27018/admin”).
MongoDB connection strings have the following format:
mongodb://[username:[email protected]]host1[:port1][,host2[:port2],…[,hostN[:portN]]][/[database][?options]]In the example below, AppUser:mWLdf6b/[email protected] should be removed:
- Restart IIS. In Windows, open CMD and run IISRESET.