Business Intelligence Security & Data Governance

Cloud Infrastructure Public cloud facilities The Looker application is managed in public cloud datacenters. These facilities implement various physical and environmental controls to ensure that Looker customer data is well protected from possible theft or loss. Logical separation of data While Looker does not persist customer database information, the application […]

Cloud Infrastructure
Public cloud facilities The Looker application is managed in public cloud datacenters. These facilities implement various physical and environmental controls to ensure that Looker customer data is well protected from possible theft or loss. Logical separation of data While Looker does not persist customer database information, the application does store configuration information, event data, and cached query results. Looker is architected to logically separate this information in order to isolate customer data and reduce cross-tenant exposure risk. Data Security Architecture Looker follows best practices for security architecture. Proxy servers secure access to the Looker application by providing a single point to filter attacks through IP blacklisting and connection rate limiting. Redundancy Looker employs a Cloud-based distributed backup framework for Looker-hosted customer servers. Availability and durability The Looker application can be hosted in a variety of different public cloud data centers across the globe.
Monitoring & Authentication
Access to a customer’s back-end servers Access to a Looker-hosted back-end environment requires approval and multiple layers of authentication. Access to a customer’s Looker application Employee access to customer Looker instances is provided in order to support a customer’s needs. Access requires approval and multiple layers of authentication. Additionally, customers can control all access from Looker to their application via a Support toggle. Monitored user access Access to your Looker environment is uniquely identified, logged, and monitored. Network and application vulnerability scanning Looker’s front-end application and back-end infrastructure are scanned for known security vulnerabilities at least monthly. Centralized logging Logs across the Looker production and corporate environments are collected and stored centrally for monitoring and alerting on possible security events. Reputation monitoring/threat intelligence Collected logs and network activity are checked against commercial threat intelligence feeds for potential risks. Anomaly detection Anomalous activity, like unexpected authentication activity, triggers alarms.
Data Security Encryption
AES encryption Locally-stored sensitive application data, including database connection configurations and cached query data, is encrypted and secured using AES encryption. Secure credential storage & encryption Native usernames and passwords are secured using a dedicated password-based key derivation function (bcrypt) with hashing and salting. TLS encryption Data in transit is encrypted and secured from the user’s browser to the application via TLS 1.2. SSL / SSH encryption Looker enables you to configure your database connection via encrypted TLS 1.2 or SSH.

Source Article

Next Post

Overview of the Certified Business Intelligence Professional Certification

Thu Apr 2 , 2020
WHAT IS CBIP? TDWI’s Certified Business Intelligence Professional (CBIP) credential is the business intelligence and data warehousing industry’s most meaningful and credible certification program. Your achievement of the CBIP credential tells the world—including current and prospective employers—that you are serious about business intelligence. Let your résumé […]

You May Like