Enterprise grade security, Guaranteed.
Qubole is a Big Data as a Service (BDaas) offering which runs on all Leading Cloud platforms Like AWS, Microsoft Azure and Google Cloud Platform. Our flagship product, Qubole Data Service (QDS), manages Hadoop infrastructure and allows users to prepare, integrate, and analyze big data in the cloud.
Cloud computing allows enterprises with the ability to perform massive and complex computing, while eliminating the need for procuring and maintaining expensive hardware. While the advantages of cloud computing are clear, one of the biggest concerns in most organizations is about the security implications of publishing data to the cloud and running applications therein.
Over the years, Hadoop has evolved in terms of security features including authentication and authorization, data protection, auditing and accounting. At the same time, cloud security has also evolved significantly and all major cloud providers bring to the table robust set of security features to ensure data security and governance. Today, there are a many secure implementations of Hadoop in the cloud running in security conscious verticals like Finance and Healthcare.
As a pure play cloud offering, Security is fundamental to QDS. It is core to our architecture – as well as in how we operate the service and provide support around it. We have adopted a number of proven methods to complement the security features in Hadoop and Cloud offerings to ensure security of the QDS platform and any data communication to and from it. Many options are also made available to users that allow them to customize the level of security to match their business needs. Security is also one of the highest priority areas of investment for Qubole and we work with our users on an ongoing basis to incorporate any additional features required in this area
In this whitepaper, we discuss the following topics:
Authentication/Authorization and users, roles
In this section, we discuss about various options to login to QDS, different types of users and their roles and how each role is responsible for different activities.
Data at Rest:
In this section, we discuss about various places where data is held either within QDS or users cloud storage, how we access this data and how the data is being secured. Various types of data that are accessed from QDS are typically user account related information. We also discuss in detail about various options to secure the data being made available to QDS from users cloud storage, encryption options and support of security groups and VPC connections.