2 posts tagged with "security"

Handling secrets is one of the most critical aspects of maintaining a secure system. Secrets, such as API keys, passwords, and encryption keys, must be protected from unauthorized access and potential leaks.

At Datalayer, we take this responsibility seriously and have implemented robust measures to ensure that secrets are handled securely and efficiently.

Why Secrets Management Matters​

Secrets are often at the heart of modern cloud applications, providing access to databases, APIs, and services. However, storing these sensitive credentials in less-secure areas, such as system environments or configuration files, leaves them vulnerable to attacks. Even a single exposed secret can result in significant security breaches, data loss, and compromised systems.

To minimize these risks, it's essential to store secrets using specialized solutions designed to handle this specific challenge. These solutions ensure that secrets are properly encrypted, managed, and retrieved only when needed.

Using a Strong Vault​

At Datalayer, we have integrated HashiCorp Vault to store user secrets securely. HashiCorp Vault is one of the most trusted solutions for secret management, widely used by companies like Deutsche Bank and Airbnb. Vault provides an enterprise-grade approach to secrets management, offering encryption, access control, and auditing features that ensure secrets are only accessible by authorized entities.

How It Works at Datalayer​

Whenever a Remote Kernel is requested, we fetch user secrets securely from the Vault and inject them into the Remote Kernel as environment variables. This approach ensures that secrets are only available to the processes that require them, reducing the risk of leaks in more exposed parts of the system, such as logs or error messages.

Users can define personal secrets on the platform. If they do so, the secrets will be injected in all Remote Kernels as environment variables. The environment variable name be the secret name.

The secrets are stored in the HashiCorp Vault, ensuring the highest current security standards. This requires requesting the vault each time a Remote Kernel is assigned to a user and injecting the secrets into the running kernel process as environment variables. This injection is achieved by leveraging the kernel protocol. Specifically, the companion sidecar container opens a connection to the kernel and sends a code snippet to inject the secrets.

In the platform, you can now find a new section Secrets in the user settings to manage your secrets.

To learn more about how we have implemented the secrets injection in our platform, check out our technical documentation: Secrets and Env Vars Injection.

What's Next? Integrating SQL Cells and Data Sources​

Moving forward, we are working on the next phase of improving our platform by integrating SQL cells and popular storage and databases solutions like Google BigQuery, Snowflake, Amazon Athena and more.

This will allow for greater flexibility when working with data, as users will be able to securely connect to a variety of databases and query them directly from their remote environments.

With the Vault ensuring the security of database credentials, users can focus on deriving insights from their data without worrying about security breaches or unauthorized access.

Conclusion​

The protection of sensitive data is a top priority at Datalayer. With HashiCorp Vault, we ensure that user secrets are securely stored and managed, providing a safe and scalable solution for our platform.

As we continue to enhance our platform with new features like SQL cells and data source integrations, the strong foundation of security we've built with Vault will support us in delivering more powerful and secure tools for our users.

We are thrilled to announce that Datalayer, a SaaS platform for data analysis, has officially been awarded ISO 27001 certification, a significant milestone in our commitment to ensuring the highest levels of information security and data protection for our customers.

What is ISO 27001 and Why Does It Matter?​

ISO 27001 is an internationally recognized standard for Information Security Management Systems (ISMS). It outlines a rigorous framework of policies, procedures, and controls designed to protect sensitive information from threats, including cyber-attacks, data breaches, and unauthorized access.

Achieving this certification demonstrates that Datalayer has implemented best-in-class security practices, ensuring that your data is handled with the utmost care, integrity, and confidentiality.

What This Means for Our Customers​

Increased Trust and Assurance: ISO 27001 certification is a strong indicator that Datalayer adheres to stringent security standards. You can have peace of mind knowing that we are proactively managing and safeguarding your data at every step.

Compliance with Global Standards: For businesses handling sensitive data, compliance is critical. ISO 27001 is widely accepted across industries and geographies, meaning that using Datalayer helps support your own regulatory requirements in terms of data security.

Ongoing Risk Management: Security is not a one-time achievement but a continuous process. Our certification guarantees that we have a robust ISMS in place, which includes regular risk assessments, continuous monitoring, and periodic audits. This helps us identify and mitigate potential threats before they impact your operations.

Commitment to Continuous Improvement: Achieving ISO 27001 certification is just the beginning. We are dedicated to maintaining and enhancing our security practices to meet evolving challenges. Our team will continue to invest in security training, updates, and technologies to stay ahead in an increasingly complex threat landscape. You can follow our progress on our Trust Portal.

The Road to Certification​

Obtaining ISO 27001 certification is no small feat. It required a deep review of our internal processes and systems, comprehensive staff training, and a full assessment of how we protect and manage customer data. This certification, granted by an independent and accredited body, confirms that Datalayer has established, implemented, and will maintain an effective Information Security Management System.

To work with us on this journey, we have partnered with Vanta, a tool automate compliance, manage risk, and prove trust continuously, as well with Sensiba LLP, an external and independent auditor.

Looking Ahead​

As the data landscape continues to grow and evolve, so do the risks. Achieving ISO 27001 certification is a testament to our proactive approach to information security.

We are proud of this achievement, but our commitment doesn't stop here. We will continue to work tirelessly to ensure that Datalayer remains a trusted and secure partner for your data analysis needs, working also towards SOC2 and ISO 42001 certfications specifically tailored for Artificial Intelligence (AI) cases. Stay tuned to learn more.

Thank You to Our Team and Customers​

We want to extend a huge thank you to our incredible team for their dedication and hard work throughout this process. Additionally, we want to thank our customers for their trust and continued support. Your data security is, and will always be, our top priority.

To learn more about what this certification means for your business, or if you have any questions about our data security practices, feel free to reach out to us.

Stay secure, stay innovative - with Datalayer.

About Datalayer​

Datalayer is a leading SaaS platform that empowers businesses to perform robust data analysis, transform raw data into actionable insights, and make informed decisions. With our newly acquired ISO 27001 certification, we are further committed to delivering top-tier data security along with our world-class services.