Marc Selwan

<p><a href="https://www.datastax.com/products/datastax-enterprise-advanced-security">DataStax Enterprise (DSE) Advanced Security</a> plays a critical role in keeping our customers’ data safe. Enterprise companies have very strict security requirements, which is why DSE Advanced Security provides robust and easy-to-use security functionality, including:</p>

<ul>
	<li><strong>Unified Authentication and Role Management</strong> – Allows our customers to easily integrate their existing Kerberos, LDAP, and Active Directory users and schemes across the DataStax Enterprise product suite.</li>
	<li><strong>Data Auditing</strong> – Gives administrators the ability to understand “who looked at what, when” and “who changed what, when”, which is crucial for meeting many security compliance standards.</li>
	<li><strong>Row Level Access Control and Proxy Authentication</strong> – Restricts which rows a user has access to within a table while preserving client-side identities and privileges in middleware such as &nbsp;web servers.</li>
</ul>

<p>Today, we’re excited to announce three new critical security enhancements available in DSE 6: Private Schemas, Auditing by Role, and Separation of Duties.</p>

<h2>Private Schemas</h2>

<p>We’re now giving administrators more control over schema visibility. Administrators can control whether or not a user can see certain schema definitions, which can be especially helpful in securing multi-tenant applications. Private Schemas supports the principle of least privileges, which is key for meeting many security compliance standards. &nbsp;&nbsp;</p>

<h2>Auditing by Role</h2>

<p>We’ve enhanced auditing with the ability to audit changes and user activity by role. Traditionally, auditing in DSE was controlled by which respective database object you wanted to keep track of. Having role-based auditing greatly reduces the audit trail, since most administrators want to keep track of human activity rather than machine-generated activity.</p>

<p><img alt="" src="https://www.datastax.com/sites/default/files/content/blog/sec1.png" /></p>

<p><em>Auditing by role is as simple as either including or excluding roles from the dse.yaml.</em></p>

<h2>Separation of Duties</h2>

<p>There are many cases where administrators need full control of the database but should not have access or visibility to the data itself. For example, imagine a doctor or nurse who requires access to sensitive medical data. In this case, the administrator would still have the correct privileges to grant access to the doctor or nurse but the administrator would not be able to access the data.</p>

<p><img alt="" src="https://www.datastax.com/sites/default/files/content/blog/sec2-1-700x26.png" /></p>

<p><em>Restricting SELECT and MODIFY privileges on an admin role is simple in CQL.</em></p>

<h2>Now’s Your Chance for Total Security</h2>

<p>Security continues to be a priority in DSE, and we’re excited for you to try the new security enhancements in DSE 6. For more information on how how to implement these new security enhancements or any of the DataStax Enterprise Advanced Security components, or to download DSE 6, please visit:</p>

<ul>
	<li><a href="https://academy.datastax.com/">DataStax Academy</a></li>
	<li><a href="https://docs.datastax.com/en/landing_page/doc/landing_page/current.html">DataStax Docs</a></li>
</ul>


Safe data? Check. DataStax Enterprise Advanced Security

Marc Selwan

Discover more

Share

More Company

DataStax Astra DB Nabs Three Prestigious 2023 TrustRadius “Best of” Awards, Dominates the Vector Databases Category

DataStax Has Achieved ISO 27001 Certification

Keeping the Momentum Rolling with Google Cloud

My Internship Journey: A Dive into AI

NoSQL and Vector DB
for Generative AI,
Instantly, At Scale

Marc Selwan

Discover more

Share

More Company

DataStax Astra DB Nabs Three Prestigious 2023 TrustRadius “Best of” Awards, Dominates the Vector Databases Category

DataStax Has Achieved ISO 27001 Certification

Keeping the Momentum Rolling with Google Cloud

My Internship Journey: A Dive into AI

NoSQL and Vector DBfor Generative AI,Instantly, At Scale

NoSQL and Vector DB
for Generative AI,
Instantly, At Scale