Peyman Mohajerian View Bio
Monday, October 19 2:45pm
Co-Presented with Chris McVey, Teradata
Using only freely available network tools and Hadoop client utilities, this session will demonstrate multiple methods for extracting sensitive data from a Hadoop Data Lake without authorization. We will analyze Hadoop’s out-of-the-box security controls and the ease with which a cluster can be discovered and compromised. The session will identify security vulnerabilities in Hadoop in order to better understand security requirements for new or maturing implementations.
We will begin with a brief history of security on the platform and then, by proving the relative insecurity of Hadoop in its native form, we will illustrate why improving security of the Hadoop data lake is of the utmost importance. The technical portion of the session will be separated into network discovery, impersonation, and mitigating security controls. We will also explore the likelihood of sensitive data being stored in the data lake due to the nature of its use.
Bill Peterson View Bio
Tuesday, October 20 3:00pm
Some people would have you believe that big data and Hadoop provide a silver bullet for making data governance and data management easier. The reality is that Hadoop needs to be tightly integrated in your existing security and governance practices. What are some of the common pitfalls that early adopters have learned, and what technologies and tools (such as Teradata Loom and QueryGrid) are available to get the most from ALL your data assets across a unified data architecture (UDA)? Come to this session where we will highlight customer examples in terms of how they integrated Teradata and Hadoop while maintaining bullet-proof security and data governance best practices.