Are my Portal services private?

214
2
07-13-2020 09:53 AM
MichaelShoemaker
New Contributor

Hello,

My organization needs to keep our information private, so I always make sure I never check "Everyone" when I share my hosted feature service. But it always bothers me to see the Usage Time Series chart peaking into in the hundreds; are requests unique outside users viewing my content? Is organization-level data somehow viewable to the public? Does anyone have a tip to check for any accidentally publicized layers? 

Sort of a paranoid question, but it has bothered me for a while now. 

Thanks!

Tags (2)
0 Kudos
2 Replies
ShaneMiles
Esri Contributor

Hi Michael Shoemaker‌, 

Without knowing your setup and being able to look at your environment Ill try be as general as possible.

Ensuring Anonymous access is disabled will stop any user from accessing content without first providing portal credentials. See Security best practices—Portal for ArcGIS (10.8) | Documentation for ArcGIS Enterprise for more info. 

Also look at Restrict cross-domain requests to your portal—Portal for ArcGIS (10.8) | Documentation for ArcGIS En... as another step to lock it down further. 

Finally look at running the security scan for portal also Scan your portal for security best practices—Portal for ArcGIS (10.8) | Documentation for ArcGIS Ent...  to ensure everything is to the standard you require. 

Shane 

If this answer was helpful please mark it as helpful. If this answer solved your question please mark it as the answer to help others who have the same question.

BenTurrell
Occasional Contributor III

Hey Michael Shoemaker‌,

There is a really good write up on Portal sharing here: Share items—Portal for ArcGIS | Documentation for ArcGIS Enterprise 

You can run a search to see what layers are shared by clicking on content -> My Organisation. Then on the left tab there is a filter called sharing. If you expand that you can then filter your results by how it is shared (Owner/Groups, Organisation, Public)

You can also disable sharing content to the public by going to Organisation -> Settings then the Security button on the left tab. Under Sharing and Security you can disable Members can share content publicly. In the same section you can also disable Allow anonymous access to your organization's website, AGDHS.maps.arcgis.com. What does this mean?

Once you have checked those settings you should be more comfortable with you Portal security!

Let me know if you have any other questions!

Thanks,

Ben


If this answer was helpful please mark it as helpful. If this answer solved your question please mark it as the answer to help others who have the same question.