hadoop security analysis

PROBLEM

A study from Gartner shows “only 2% of people implementing Hadoop see lack of robust security as a barrier”. Hadoop security? We will see later…

cout de la sécurité et retour sur investissementArnaud BigData is a CISO of an eCommerce website. He needs a dynamic and flexible infrastructure to answer the data growth needs of the company, so he has chosen a cloud infrastructure.
Every day, the website collects a huge amount of data. The data allows to analyze the behavior of Internet users, their interests, their purchasing behavior and the conversion rates. In order to increase business, big data offers the tools to analyze and process data in order to reveal competitive advantages from the data.
However, Arnaud BigData needs to take into account the security of this golden data. Given the amount and criticality of data they process, a security breach will cause significant damage. The search for competitive advantage should not prompt Arnaud BigData to put the business at risk.

Big Data has not a solid foundation in terms of security but it is an highly coveted target because of size and the market value of the data.

SOLUTION

ELASTIC WORKLOAD PROTECTOR
Apache Hadoop changed the way enterprises store, process, and analyze data. But it requires that the data and processes meet the standard security requirements of the enterprise.

That’s why Elastic Workload Protector checks that your Hadoop platform is compliant with:

Hadoop Cloudera Security Checklist
BigData Security and Privacy Handbook

The Hadoop checklist (SANS) is intended for system administrators and CISOs who want information about Hadoop security programs. The best security practices are tested automatically by EWP and you can learn best configurations step by step.

Big Data Security and Privacy Handbook lists (Cloud Security Alliance) out in detail the best practices that should be followed to fortify IT infrastructures. The document presents 10 best practices for each of the top ten challenges in big data security and privacy providing us a roster of one hundred best practices.

“SecludIT’s expertise, both in matters of AWS security best practices and technologies have been a valuable assistance to answer the security challenges of our PaaS and establish a solid security foundation.”

Samir Salibi, Wakanda.io Marketing Manager

EXAMPLE OF ELASTIC WORKLOAD PROTECTOR OUTCOME

By default, security features of Hadoop consist of authentication, service level authorization, authentication for Web consoles and data confidentiality.

Apache Hadoop can be set-up in ‘Secure Mode’, by enabling the security features of Hadoop.

* Turn on RPC authentication in Hadoop, set the value of ‘hadoop.security.authentication’ property to ‘kerberos’ in ‘core-site.xml’
* Enable RPC service-level authorization by setting ‘hadoop.security.authorization’ parameter to ‘true’ in the ‘core-site.xml’
* Activate data encryption for data transferred between Hadoop services and clients, by setting ‘hadoop.rpc.protection’ to ‘privacy’ in the ‘core-site.xml'”;