eBooks

O'Reilly ebook: Operationalizing the Data Lake

Issue link: https://www.qubole.com/resources/i/1161152

Contents of this Issue

Navigation

Page 137 of 172

• Expect a lot of noise from your security tools as well as the big data frameworks and solutions that your team needs to use. • Carefully establish privileges and policies on your data based on what you're trying to protect and from whom. • Use big data analytics internally to inform and improve your organization's security capabilities and decision making. We will explore these considerations in the rest of the chapter. Consideration 1: Understand the Three "Distinct Parties" Involved in Cloud Security Ensuring security in a cloud-based data lake is a relatively new sci‐ ence; we're still figuring it all out. But when your data lake resides in the cloud, the first thing you need to realize is that you still must think about security. Yes, your cloud vendor has broad security responsibilities, which we examine later in the chapter, but you do, too. And if you use a cloud platform for big data like Qubole or another vendor with which to build your data lake, you have three organizations that must work together to ensure that your data and systems are protected. There's you, the company that is building a data lake. There's the cloud platform owner. And then there's the cloud provider, which not only supports the platform, but also provides the tools and resources that allow the customer to store the data that is relevant, and do the processing required to analyze that data. You can't just depend on the cloud provider to protect you. You must rigorously practice safe access control and safe security throughout your organization. And you need to question whether the cloud platform provider has sufficient security in place as well. You need to ask the tough questions. How do I know my data is secure? How can I ensure that the compute resources are safe? Here are your responsibilities for security in the cloud: • Customer data • Data encryption • User management • Infrastructure identity and access management 106 | Chapter 7: Securing Your Data Lake

Articles in this issue

view archives of eBooks - O'Reilly ebook: Operationalizing the Data Lake