Category Archives: IaaS
A Data Lake is a simple concept. They are a catchment area for data entering the organization. In the past, most businesses didn’t need to organize such a data store because almost all data was internal. It traveled via traditional ETL mechanisms from transactional systems to a data warehouse and then was sprayed around the business, as required.
When a good deal of data comes from external sources, or even from internal sources like log files, which never previously made it into the data warehouse, there is a need for an “operational data store.” This has definitely become the premier application for Hadoop and it makes perfect sense to me that such technology be used for a data catchment area. The neat thing about Hadoop for this application is that:
- It scales out “as far as the eye can see,” so there’s no likelihood of it being unable to manage the data volumes even when they grow beyond the petabyte level.
- It is a key-value store, which means that you don’t need to expend much effort in modeling data when you decide to accommodate a new data source. You just define a key and define the metadata at leisure.
- The cost of the software and the storage is very low.
So let’s imagine that we have a need for a data catchment area, because we have decided to collect data from log-files, mobile devices, social networks, from public data sources, or whatever. So let us also imagine that we have implemented Hadoop and some of its useful components and we have begun to collect data.
Is it reasonable to describe this as a data lake?
A Hadoop implementation should not be a set of servers randomly placed at the confluence of various data flows. The placement needs to be carefully considered and if the implementation is to resemble a “data lake” in any way, then it must be a well-engineered man-made lake. Since the data doesn’t just sit there until it evaporates but eventually flows to various applications, we should think of this as a “data reservoir” rather than a “data lake.”
There is no point in arranging all that data neatly along the aisles because when we get it, we may not know what we want to do with it at the time we get it. We should organize the data when we know that.
Another reason we should think of this as more like a reservoir than a lake is that we might like to purify the data a little before sending it down the pipes to applications or users that want to use it.
The security of information systems is a complex, shared responsibility between infrastructure, system and application providers. Informatica doesn’t take lightly the responsibility our customers have entrusted to us in this complex risk equation.
As Informatica’s Chief Information Security Officer, I’d like to share three important security updates with our customers:
- What you need to know about Informatica products and services relative to the latest industry-wide security concern,
- What you need to do to secure Informatica products against the ShellShock vulnerability, and
- How to contact Informatica if you have questions about Informatica product security.
1 – What you need to know
On September 24, 2014 a serious new cluster of vulnerabilities to Linux/Unix distributions was announced, classified as (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277 and CVE-2014-6278) aka “Shellshock” or “Bashdoor”. What makes ShellShock so impactful is that it requires relatively low effort or expertise to exploit and gain privileged access to vulnerable systems.
Informatica’s cloud-hosted products, including Informatica Cloud Services (ICS) and our recently-launched Springbok beta, have already been patched to address this issue. We continue to monitor for relevant updates to both vulnerabilities and available patches.
Because this vulnerability is a function of the underlying Operating System, we encourage administrators of potentially vulnerable systems to assess their risk levels and apply patches and/or other appropriate countermeasures.
Informatica’s Information Security team coordinated an internal response with product developers to assess the vulnerability and make recommendations necessary for our on-premise products. Specific products and actions are listed below.
2 – What you need to do
Informatica products themselves require no patches to address the Shellshock vulnerability, they are not directly impacted. However, Informatica strongly recommends that you apply your OS vendors’ patches as they become available, since some applications allow customers to use shell scripts in their pre-and post-processing scripts. Specific Informatica products and remediations are listed below:
|Cloud Service||Version||Patch / Remediation|
|Springbok||Beta||No action necessary. The Springbok infrastructure has been patched by Informatica Cloud Operations.|
|ActiveVOS/Cloud||All||No action necessary. The ActiveVOS/Cloud infrastructure has been patched by Informatica Cloud Operations.|
|Cloud/ICS||All||Customers should apply OS patches to all of their machines running a Cloud agent. Relevant Cloud/ICS hosted infrastructure has already been patched by Informatica Cloud Operations.|
|Product||Version||Patch / Remediation|
|PowerCenter||All||No direct impact. Customers who use shell scripts within their pre- / post-processing steps should apply OS patches to mitigate this vulnerability.|
|IDQ||All||No direct impact. Customers who use shell scripts within their pre- / post-processing steps should apply OS patches to mitigate this vulnerability.|
|MM, BG, IDE||All||No direct impact. Customers who use shell scripts within their pre- / post-processing steps should apply OS patches to mitigate this vulnerability.|
|Data Services / Mercury stack||All|
|PWX mainframe & CDC||All||No direct impact. Recommend customers apply OS patch to all machines with INFA product installed.|
|UM, VDS||All||No direct impact. Recommend customers apply OS patch to all machines with INFA product installed.|
|IDR, IFC||All||No direct impact. Recommend customers apply OS patch to all machines with INFA product installed.|
|B2B DT, UDT, hparser, Atlantic||All||No direct impact. Recommend customers apply OS patch to all machines with INFA product installed.|
|Data Archive||All||No direct impact. Recommend customers apply OS patch to all machines with INFA product installed.|
|Dynamic data masking||All||No direct impact. Recommend customers apply OS patch to all machines with INFA product installed.|
|IDV||All||No direct impact. Recommend customers apply OS patch to all machines with INFA product installed.|
|SAP Nearline||No direct impact. Recommend customers apply OS patch to all machines with INFA product installed..|
|TDM||No direct impact. Recommend customers apply OS patch to all machines with INFA product installed.|
|MDM||All||No direct impact. Recommend customers apply OS patch to all machines with INFA product installed.|
|IR / name3||No direct impact. Recommend customers apply OS patch to all machines with INFA product installed.|
|B2B DX / DIH||All||DX & DIH on Red Hat Customers should apply OS patches. Other OS customers still recommended to apply OS patch.|
|PIM||All||PIM core and Procurement are not not directly impacted. Recommend Media Manager customers apply OS patch to all machines with INFA product installed.|
|ActiveVOS||All||No direct impact for on-premise ActiveVOS product. Cloud-realtime has already been patched.|
|Address Doctor||All||No direct impact for AD services run on Windows. Procurement service has already been patched by Informatica Cloud Operations.|
|StrikeIron||All||No direct impact.|
3 – How to contact Informatica about security
Informatica takes the security of our customers’ data very seriously. Please contact our Informatica’s Knowledge Base (article ID 301574), or our Global Customer Support team if you have any questions or concerns. The Informatica support portal is always available at http://mysupport.informatica.com.
If you are security researcher and have identified a potential vulnerability in an Informatica product or service, please follow our Responsible Disclosure Program.
Bill Burns, VP & Chief Information Security Officer
In Ashwin Viswanath’s previous video blog, he spoke about why it is important to have a cloud integration solution that has purpose-built integration applications. In this video, he delves deeper into the security aspects of cloud integration and how to rapidly provision integration environments for distributed business units, subsidiaries and departments in a quick and efficient manner.
In Ashwin Viswanath’s previous blog post, SaaS Data Integration for SaaS Applications, he explained how SaaS applications are much more dynamic than on-premises business applications with new fields and objects added with just a few clicks. This same agility is required when it comes to integrating SaaS applications, which is why it is important to have a hybrid IT strategy for your data integration architecture. Informatica PowerCenter together with Informatica Cloud can help you get started with such a strategy.
In a recent Sand Hill article, Jeff Kaplan, the managing director of THINKstrategies, reports on the recent and changing state of data integration with the addition of cloud computing. “One of the ongoing challenges that continues to frustrate businesses of all sizes is data integration, and that issue has only become more complicated with the advent of the cloud. And, in the brave new world of the cloud, data integration must morph into a broader set of data management capabilities to satisfy the escalating needs of today’s business.” (more…)
Salesforce.com – a company that has become synonymous with the cloud – acquired over 100,000 customers and one million users within a span of just 10 years. Compare that to a traditional company like General Electric, the only company to be on the Dow Jones Index for over 100 years – it took them over five-times that many years to acquire the same number of customers. This goes to say that customers have been enamored by the cloud and its benefits – no software maintenance, rapid time-to-value, and subscription pricing – to name a few. No wonder, there are thousands of cloud applications and millions of users out there now. I’ve seen projections that the cloud computing market will grow to $241 billion by 2020. This might be a conservative estimate.