• Home >
  • Enterprise grade security, Guaranteed.

Enterprise grade security, Guaranteed.


As a pure play cloud offering, security is fundamental to Qubole Data Service (QDS). Not only do we leverage the inherent security capabilities of public clouds but we provide additional capacities on top of that. Here’s what sets us apart:


Stronger Compliance

At all places QDS, our systems and infrastructure have been built from the ground up with compliance and regulatory support in mind. QDS deploys baselines in our production environments that are compliant with SOC2, HIPAA, PCI and ISO-2700x. Please ask us about our SOC2 and HIPAA compliance roadmap.


Your Data is Yours, and Only Yours

With dual Identity and Access Management (IAM) role configuration you only grant QDS the right to initiate and terminate instances and build clusters using a custom built environment which has all the software for all your data needs already built-in. Our purpose-built solution includes security for Amazon, Azure, Google and Oracle and based on baselines from National Institute of Standards and Technology (NIST) and Center for Internet Security (CIS) Benchmarks.


The Highest Levels of Encryption

QDS uses bcrypt for application secrets which is designed to prevent attacks by storing these secrets using an advanced encryption algorithm with randomized salts. We also only use encrypted protocols between the QDS tier and customer accounts. Additionally, we support S3 server side encryption for data at rest and all of our application requests are encrypted using SSL/TLS.

In addition QDS supports encryption natively using customer supplied keys via Amazon Key Management Service (KMS). With this service you can create and manage your own keys for your data and they will be stored in a Hardware Security Module. Using KMS also improves your auditing capabilities because all API calls are logged to CloudTrails which will help you meet your compliance and regulatory requirements.


Stronger Network Boundaries

Virtual Path Connection (VPC) is an isolated private “bubble” inside of Amazon that allows a customer to have a more traditional bordered network boundary with security groups and network access lists (ACLs).

Customers can add any customized security controls and functionality that protects their data. QDS supports customer scripting and bootstrapping of the instances allowing customers to install any security, logging, auditing or monitoring needed to meet their compliance or regulatory frameworks.


Contact us to learn more about our security offerings.



Contact Qubole

Join the Conversation!

Participate in big data discussions with experts, ask questions, get advice, and more