Community Articles

Find and share helpful community-sourced technical articles.
Super Guru

Protect Your Cloud Big Data Assets

Step 1: Do not put anything into the cloud unless you have a CISO, Chieft Security Architect, Certified Cloud Administrator, full understanding of your PII and private data, a Lawyer to defend you against the coming lawsuits, full understanding of Hadoop, Hadoop Certified Administrators, a Hadoop premier support contract, a security plan, full understanding of your Hadoop architecture and layout.

Step 2: Study all running services in Ambari.

Step 3: Confirm and check all of your TCP/IP ports. Hadoop has a lot of them!

Step 4: if you are not using a service, do not run it.

Step 5: By default, disable all access to everything, always. Only open ports and access when something and someone critical cannot access them.

Step 6: SSL, SSH, VPN and Encryption Everywhere.

Step 7: Run Knox! Set it up correctly.

Step 8: Run Kali and audit all your IPs and ports.

Step 9: Use Kali hacking tools to attempt to access all your web ports, shells and other access points.

Step 10: Run in a VPC

Step 11: Setup security groups. Never open to or all ports or all IPs!?!??!?!!!

Step 12: If this seems too hard, don't run in the cloud.

Step 14: Step 13 is unlucky, skip that one.

Step 15: Read all the recommended security documentation and use it.

Step 16: Kerberize everything.

Step 17: Run Metron

My recommendation is get a professional services contract with an experience Hadoop organization or use something like Microsoft HDInsight or HDC that is managed.


Take a Tour of the Community
Don't have an account?
Your experience may be limited. Sign in to explore more.
Version history
Last update:
‎09-16-2022 01:38 AM
Updated by:
Top Kudoed Authors