Marc Selwan

<p><a href="https://www.datastax.com/products/datastax-enterprise-advanced-security">DataStax Enterprise (DSE) Advanced Security</a> plays a critical role in keeping our customers’ data safe. Enterprise companies have very strict security requirements, which is why DSE Advanced Security provides robust and easy-to-use security functionality, including:</p>

<ul>
	<li><strong>Unified Authentication and Role Management</strong> – Allows our customers to easily integrate their existing Kerberos, LDAP, and Active Directory users and schemes across the DataStax Enterprise product suite.</li>
	<li><strong>Data Auditing</strong> – Gives administrators the ability to understand “who looked at what, when” and “who changed what, when”, which is crucial for meeting many security compliance standards.</li>
	<li><strong>Row Level Access Control and Proxy Authentication</strong> – Restricts which rows a user has access to within a table while preserving client-side identities and privileges in middleware such as &nbsp;web servers.</li>
</ul>

<p>Today, we’re excited to announce three new critical security enhancements available in DSE 6: Private Schemas, Auditing by Role, and Separation of Duties.</p>

<h2>Private Schemas</h2>

<p>We’re now giving administrators more control over schema visibility. Administrators can control whether or not a user can see certain schema definitions, which can be especially helpful in securing multi-tenant applications. Private Schemas supports the principle of least privileges, which is key for meeting many security compliance standards. &nbsp;&nbsp;</p>

<h2>Auditing by Role</h2>

<p>We’ve enhanced auditing with the ability to audit changes and user activity by role. Traditionally, auditing in DSE was controlled by which respective database object you wanted to keep track of. Having role-based auditing greatly reduces the audit trail, since most administrators want to keep track of human activity rather than machine-generated activity.</p>

<p><img alt="" src="https://www.datastax.com/sites/default/files/content/blog/sec1.png" /></p>

<p><em>Auditing by role is as simple as either including or excluding roles from the dse.yaml.</em></p>

<h2>Separation of Duties</h2>

<p>There are many cases where administrators need full control of the database but should not have access or visibility to the data itself. For example, imagine a doctor or nurse who requires access to sensitive medical data. In this case, the administrator would still have the correct privileges to grant access to the doctor or nurse but the administrator would not be able to access the data.</p>

<p><img alt="" src="https://www.datastax.com/sites/default/files/content/blog/sec2-1-700x26.png" /></p>

<p><em>Restricting SELECT and MODIFY privileges on an admin role is simple in CQL.</em></p>

<h2>Now’s Your Chance for Total Security</h2>

<p>Security continues to be a priority in DSE, and we’re excited for you to try the new security enhancements in DSE 6. For more information on how how to implement these new security enhancements or any of the DataStax Enterprise Advanced Security components, or to download DSE 6, please visit:</p>

<ul>
	<li><a href="https://academy.datastax.com/">DataStax Academy</a></li>
	<li><a href="https://docs.datastax.com/en/landing_page/doc/landing_page/current.html">DataStax Docs</a></li>
</ul>


Build and scale cloud native apps

Discover the benefits of DBaaS and why your apps deserve an upgrade.

Learn about NoSQL Databases

Learn about NoSQL databases with Apache Cassandra and Astra DB.

2022 Recap: A Year for Customers, Community, and Real-Time Data

Highlights from 2022 and a glimpse into the year ahead.

ViewingCompany

Safe data? Check. DataStax Enterprise Advanced Security

Sign up for our Developer Newsletter