You may have read today’s announcement about Cloudera’s acquisition of Gazzang, an Austin-based data security company and the leader in Hadoop encryption and key management. As a former Gazzanger, and the newest member of the Cloudera family, I’d like to share with you why this news is important for the Hadoop community:
First, we are addressing the foremost concern of Hadoop customers today: “how do I secure my Hadoop data in accordance with external and internal compliance requirements.”
Successful pilots and POCs are giving way to production stage environments that are likely just now catching the eyes of senior management and compliance officers. So all of a sudden you’re being asked the question, “you want to put WHAT in WHERE?”
Today’s announcement makes it easier for you to have the conversation and assure even the most security-minded individuals that your enterprise data hub is safe and sensitive, regulated data is secure.
We recognize that sensitive data extends beyond the bounds of HDFS and HBase. While your initial instinct may be to focus solely on security for health records, payment card information, consumer purchasing habits and other business-defining datasets, it’s important to note that throughout the Hadoop ecosystem, things like metadata and log files are being written to disk and replicated. This information can be just as sensitive as the HDFS data itself and must be protected with the same rigor. Today we can bring that capability to Cloudera customers.
It’s important to note that encryption alone does not enable compliance. AES-256 is the industry standard for at-rest encryption and is virtually impossible to crack, but it still requires a strong key manager that isolates the keys from the encrypted data.
Database applications that offer encryption without key management push the burden of management back onto the customer, which invites a significant amount of risk. When you encrypt data without properly securing your keys, you’re doing what amounts to locking your car and leaving the key in the driver’s side door.
Enforcing and documenting key management policies and procedures are necessary steps toward achieving compliance with HIPAA and PCI-DSS. Data encryption is hard. Controlling access to data is hard. But key management is often the difference between a secure data environment and a major compliance violation. Cloudera is now the only big data company that provides encryption key management.
Finally, Gazzang brings a wealth of knowledge about Hadoop security to Cloudera. We’ve built our reputation on securing massive big data environments for some of the largest organizations in the world. Our history is rooted in encryption, key management and access controls, but our future will be written by Cloudera customers.
We will make it our mission, as part of the Cloudera Center for Security Excellence, to drive comprehensive security at all layers of an enterprise data hub.
Our goal is to ensure your sensitive data is protected and compliant, so that you can focus on asking bigger questions and getting the insights that drive your business. To learn more, visit www.cloudera.com/security.