Presented By O’Reilly and Cloudera
Make Data Work
21–22 May 2018: Training
22–24 May 2018: Tutorials & Conference
London, UK

Securing and governing hybrid, cloud and on-premises big data deployments, step by step

Mark Donsky (Cloudera), Steffen Maerkl (Cloudera)
13:3017:00 Tuesday, 22 May 2018
Law, ethics, and governance, Platform security and cybersecurity
Location: Capital Suite 15 Level: Intermediate
Secondary topics:  Security and Privacy

Who is this presentation for?

  • Security and Hadoop administrators

Prerequisite knowledge

  • A general understanding of Hadoop concepts, basic security principles, and cloud concepts, such as S3, EMR, and transient clusters

Materials or downloads needed in advance

  • A WiFi-enabled laptop

What you'll learn

  • Learn best practices for security and governing cloud, on-premises, and hybrid deployments, including wire encryption, data at rest encryption, governance, and unified, secure data catalogs for self-service discovery
  • Description

    Many Hadoop clusters lack even the most basic security controls. This is due to several factors: some security features did not exist as recently as two years ago, and the complexity of Hadoop security has proved daunting to administrators. However, it’s incumbent on security admins to ensure a consistently secured and governed experience for end users and administrators across multiple workloads that span on-premises, private cloud, multicloud, and hybrid cloud deployments.

    Mark Donsky shares best practices for meeting these challenges as he walks you through securing a Hadoop cluster. You’ll start with a cluster with no security and then add security features related to authentication, authorization, encryption of data at rest, encryption of data in transit, and complete data governance. For each security feature, Mark covers the following topics:

    • Introduction: What the security feature is, what protection it provides, and best practices and recommendations
    • Planning: How to enable the feature in a phased manner with the fewest growing pains and least risk
    • Relevance: Why it’s important (demonstrated by live attacks against a cluster without the target security feature)
    • Implementation: An overview of how the implementation is performed, where the moving parts are, and potential pitfalls
    Photo of Mark Donsky

    Mark Donsky


    Mark Donsky leads data management and governance solutions at Cloudera. Previously, Mark held product management roles at companies such as Wily Technology, where he managed the flagship application performance management solution, and Silver Spring Networks, where he managed big data analytics solutions that reduced greenhouse gas emissions. He holds a BS with honors in computer science from the University of Western Ontario.

    Steffen Maerkl


    Leave a Comment or Question

    Help us make this conference the best it can be for you. Have questions you'd like this speaker to address? Suggestions for issues that deserve extra attention? Feedback that you'd like to share with the speaker and other attendees?

    Join the conversation here (requires login)