Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

How to Meet Enhanced Data Security Requirements with Pivotal Greenplum

199 views

Published on

As enterprises seek to become more analytically driven, they face a balancing act: capitalizing on the proliferation of data throughout the company while simultaneously protecting sensitive data from loss, misuse, or unauthorized disclosure. However, increased regulation of data privacy is complicating how companies make data available to users.

Join Pivotal Data Engineer Alistair Turner for an interactive discussion about common vulnerabilities to data in motion and at rest. Alastair will discuss the controls available to Greenplum users—both natively and via Pivotal partner solutions—to protect sensitive data.

We'll cover the following topics:

- Security requirements and regulations like GDPR
- Common data security threat vectors
- Security strategy for Greenplum
- Native security features of Greenplum

Speakers: Alastair Turner, Data Engineer & Greg Chase, Business Development, Pivotal

Published in: Technology
  • Be the first to comment

  • Be the first to like this

How to Meet Enhanced Data Security Requirements with Pivotal Greenplum

  1. 1. © Copyright 2018 Pivotal Software, Inc. All rights Reserved. Version 1.0 August 2018 Meeting Enhanced Data Security Needs with Pivotal Greenplum
  2. 2. Cover w/ Image Agenda ■ The liability of security breaches is increasing ■ Threats that Pivotal Greenplum customers concerned about today ■ Security controls Pivotal Greenplum customers are deploying ■ Q&A ■ How to update your security policy
  3. 3. How has the liability of security breaches increased? ENHANCING DATA SECURITY WITH PIVOTAL GREENPLUM
  4. 4. ● New regulation ○ Growing scope ○ Greater financial penalties ● Evolving consumer expectations ○ Reputational impact of an incident is bigger than ever The increasing liability of security breaches
  5. 5. What security threats are Pivotal Greenplum customers concerned about? ENHANCING DATA SECURITY WITH PIVOTAL GREENPLUM
  6. 6. ● Ongoing concerns ● Changing landscape ○ New regulation ○ Evolving threats ○ New Greenplum deployment models ● Increased focus on internal threats Customer concerns from the field
  7. 7. Explain what you mean by “ongoing security concerns”? ENHANCING DATA SECURITY WITH PIVOTAL GREENPLUM
  8. 8. CIAConfidentiality Integrity Availability What we learned in InfoSec primer
  9. 9. CIA For internal systems on robust architecture
  10. 10. CIA For systems with few write users
  11. 11. CIAAAudit Once we allowed people to do something
  12. 12. CIAAAAttribution When we have to justify reports or decisions
  13. 13. CIAAA What really matters
  14. 14. Application Where can someone access data Database Driver
  15. 15. Application Where can someone access data Database Driver
  16. 16. Application Where can someone access data Database Driver Local Files Backup
  17. 17. Application Where can someone access data Database Driver Local Files Backup
  18. 18. Application Where can someone access data Database Driver Backup Local Files
  19. 19. Application Where can someone access data Driver Backup Local Files
  20. 20. What are examples of evolving threats and new deployment models? ENHANCING DATA SECURITY WITH PIVOTAL GREENPLUM
  21. 21. What are examples of internal threats? ENHANCING DATA SECURITY WITH PIVOTAL GREENPLUM
  22. 22. What security controls are Pivotal Greenplum customers deploying? ENHANCING DATA SECURITY WITH PIVOTAL GREENPLUM
  23. 23. ● Authentication ● Access Control ● Encryption ● Logging for Audit ● Secure access to external data sources Native Security Controls in Pivotal Greenplum
  24. 24. ● Encryption of persistent data ○ Full disk encryption ○ Backup encryption ● Encrypt network transmissions between nodes Applying System Encryption to Pivotal Greenplum
  25. 25. Full System Encryption Use Zettaset XCrypt Full Disk to encrypt data on disk and network communication between cluster nodes. Meet compliance requirements Fast, scalable, and affordable Simplified Administration Try out the trial edition available on Pivotal Network! Watch the Zettaset Webinar on Sept 22
  26. 26. ● Granular Access Controls ○ Row Level Security ○ Remove or rewrite column contents ● Security of accessible data ○ Encryption ○ Tokenization Data Governance Add-ons for Pivotal Greenplum
  27. 27. Field Encryption & Tokenization Use Protegrity to obfuscate high value data fields to reduce risk of data falling into the wrong hands. Improve organizational security Support more kinds of users and their usage Don’t let security stop your business For more information see: https://pivotal.io/pivotal- greenplum/partners/protegrity Watch the Protegrity Webinar on Oct 3
  28. 28. Format-Preserving Encryption for Any Field Type Microfocus Voltage SecureData Enterprise provides high performance format-preserving encryption that protects any data in any common data type. Protect sensitive data in production & test systems Doesn’t break schemas Data protection policies travel with the data Find out more at: https://software.microfocus.com/en- us/products/voltage-data-encryption- security/overview New Partner!
  29. 29. Attribute-based Access Control Blue Talon provides Attribute-Based Access Control (ABAC) to expand and simplify data access control options. More finely control data access policies Support multi-cloud deployments Simplify view-based security Find out more at: https://pivotal.io/pivotal- greenplum/partners/bluetalon Watch the Blue Talon Webinar on Oct 23
  30. 30. Data-Governance & Data Access for Data Scientists Immuta provides data governance and simplified access control across all the data sources in your company. Control the data environment Security connect, manage, and monitor data Fast, personalized access to data Find out more at: https://www.immuta.com/ New Partner!
  31. 31. ● Content and config scanning ○ Identify sensitive content ○ Best practices for secure configuration ● User activity logging and alerting Audit Add-ons for Pivotal Greenplum
  32. 32. Make Imperva slide here Imperva data security solutions secure your data from attacks and simplify regulatory compliance. Discover sensitive data Find database vulnerabilities Monitor data activity to discover risky users Find out more at: https://www.imperva.com/products/ data-security/ New Partner!
  33. 33. Q&A ENHANCING DATA SECURITY WITH PIVOTAL GREENPLUM
  34. 34. How to update your security program for Pivotal Greenplum... ENHANCING DATA SECURITY WITH PIVOTAL GREENPLUM
  35. 35. Check out the Pivotal Greenplum Enhanced Security White Paper!
  36. 36. Transforming How The World Builds Software © Copyright 2018 Pivotal Software, Inc. All rights Reserved.

×