sunhux
asked on
Cloud Data analytics security/risk assessment
Would like to assess the data analytics solution in terms of security/risk for service below
(which uses Cloud):
"AAA Solutions, a local- based data and analytics consultancy, provides Information Management and Analytics support to our clients. Our seasoned practitioners bring established tried and trusted models developed through years of practical hands-on implementation and successful project delivery of Data Warehouse, Business Intelligence & Analytics systems. We apply an optimum mix of descriptive, diagnostic, predictive and prescriptive methods to drive business value, cost efficiencies and manage risk.
To establish the Forecasting & Analytics System (FAS) integrating with the top-of-the-line Business Intelligence system and automation of the external variable extraction process to streamline analytics workflow.
Data Source is using Qlik N-printing;
Data Integration & Transaction svcs is using MS SSIS;
Data Marts layer is by MS SQL 2017;
Power BI is by O365;
our on-prem AD sync to O365 AD"
Can only currently think in terms of encryption of data in transit, at rest & at endpoint.
What about data integrity (ConnectDirect did checksumming), cloud security (esp this one)?
I like MS SQL 2017 (as MS SQL 2016 only offers DB encryption in Enterprise Edition) offers
DB encryption even for the non-Enterprise edition
(which uses Cloud):
"AAA Solutions, a local- based data and analytics consultancy, provides Information Management and Analytics support to our clients. Our seasoned practitioners bring established tried and trusted models developed through years of practical hands-on implementation and successful project delivery of Data Warehouse, Business Intelligence & Analytics systems. We apply an optimum mix of descriptive, diagnostic, predictive and prescriptive methods to drive business value, cost efficiencies and manage risk.
To establish the Forecasting & Analytics System (FAS) integrating with the top-of-the-line Business Intelligence system and automation of the external variable extraction process to streamline analytics workflow.
Data Source is using Qlik N-printing;
Data Integration & Transaction svcs is using MS SSIS;
Data Marts layer is by MS SQL 2017;
Power BI is by O365;
our on-prem AD sync to O365 AD"
Can only currently think in terms of encryption of data in transit, at rest & at endpoint.
What about data integrity (ConnectDirect did checksumming), cloud security (esp this one)?
I like MS SQL 2017 (as MS SQL 2016 only offers DB encryption in Enterprise Edition) offers
DB encryption even for the non-Enterprise edition
ASKER
We'll enable TDE for MS SQL & AWS offers agentless AV
(ie can scan even a stripped-down VM guest OS)
(ie can scan even a stripped-down VM guest OS)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
(for critical data integrity) but it's out of scope. 2FA/MFA is out of
scope too (I just want to discourage credentials sharing within
staff tho staff can still share OTP by forwarding) but it's more
difficult.
More inputs: API security requires certification?
"Data required from 3rd Party Data Providers will be retrieved (on
schedule) via API calls using purpose-built Python scripts, running
on the Amazon EC2 VM.
Forecasting analysts (ie our users) can update each run’s parameters
in a customised Excel configuration file. When ready, this configuration
file can be “uploaded” into the Amazon S3 Bucket using AWS CLI or
other (possibly payable) GUI client tools (e.g. CloudBerry S3 Explorer)
as appropriate"