What keeps CIO’s up at night? The security of their data. And in the land of big data there are all kinds of dangers like user impersonation, rogue daemons, malicious remote procedure calls and more, according to MapR Technologies, a provider of Hadoop technology. This is a huge hurdle that suppliers of enterprise-grade Hadoop have to overcome to get potential customers started on big data projects — and a problem MapR is addressing with a new solution it announced today.
A recent study by Voltage Security found 76 percent of its senior-level IT and security respondents are concerned about their inability to secure data across big data initiatives. Furthermore, 56 percent admitted that these security concerns have kept them from starting or finishing cloud or big data projects.
“That's not good for business," said Dave Anderson, senior director of marketing at Voltage Security.
John Schroeder, CEO and co-founder of MapR Technologies, must agree because his company is doing something about it. This morning at the Strata Conference + Hadoop World 2013 in New York City, MapR unveiled comprehensive, native security authentication and authorization with its MapR Distribution for Apache Hadoop. If it works as promised, clients will be able to easily meet stringent security requirements and regulations with security functionality that comes out-of-the-box.
According to MapR, its security innovations will make it easy for enterprises “to secure all of the Hadoop ecosystem components through a simple, fast and self-contained security model that provides protection against security threats.” The innovation uses wire-level authentication and all access control on tables, columns, jobs, queues and volumes. MapR’s native authentication also protects ecosystem projects such as Apache Hive and Drill.
“With this release our customers have comprehensive access control with unmatched flexibility and ease of use,” Schroeder said.
Extinguishing Customer Fears
The difference between the type of security in MapR’s Hadoop distribution and that of other providers is that this is “wired-in,” meaning that all operations on Hadoop are secured natively, including file reads and writes, HBase operations and MapReduce job submissions, and intra-cluster node-node interactions including remote procedure calls.
According to a prepared release by the company, MapR’s Hadoop initiates and maintains secure communication across the cluster without requiring third-party infrastructure. Users are authenticated through a simple and secure username/password mechanism that integrates into standard enterprise directory services including LDAP, Active Directory and NIS. All cluster nodes authenticate and interact with each other through secure keys.
Other enterprise-grade Hadoop distributions (including MapR, until now) typically rely on Kerberos,a computer network authentication protocol which works on the basis of 'tickets' to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner.
For customers to whom Kerberos security seems insufficient and therefore creates a road-block to big data adoption, today’s MapR innovation may very well open the door to all of the big possibilities big data holds.