Security
Security & Confidentiality
As a pure-play cloud offering, security, confidentiality, availability and the privacy of data are fundamental to Qubole. Not only do we leverage the inherent capabilities of public clouds in these four areas, but we provide additional capacities on top of that.
- Stronger compliance
- All data resides in user cloud accounts
- Strong encryption throughout QDS
- Flexible and granular user access roles
- Transparent availability and performance reporting
Ethical Disclosure of Security Issues
We take security very seriously at Qubole. If you believe that you have discovered a vulnerability or an exposure of sensitive data, please report it to [email protected]. We will investigate your issue immediately and respond in a timely manner.
We ask that you give us sufficient time to address the matter and that you do not disclose our sensitive data, violate our privacy issues, or disrupt our service, in the meantime.
Steps to report your issue:
- Send an email to [email protected]
- Include in the subject line: Security Report
- Clearly state the steps to reproduce the issue or identify the specific location of the issue (sending screenshots and video are much appreciated!)
- State the result of the vulnerable issue
Thank you so much for taking the time to bring this issue to our attention!
Legal and Compliance
Information on the technology,
legal compliance and privacy of
your data
Security and Compliance
Qubole takes the Security and Confidentiality of our customers and users seriously through advanced security systems, resources, and policy strategies designed to detect and avoid gaps that may lead to security or confidentiality concerns in the Qubole Data Service. Qubole continuously monitors compliance to security and confidentiality.
The Qubole Shared Responsibility Model
Customer
Responsibility for Security “of the Data” in the Cloud
Customer Data
Data Encryption
User Management
Infrastructure Identity & Access Management
Qubole Groups & Role Definitions
Data Residency
Qubole
Responsibility for Security “of the Platform” in the Cloud
Secure Access to Data Platform
Secure Transport of Commands
3rd Party Attestation/Validation (SOC2, HIPAA, PCI)
Operating System, Firewall Configuration
Metadata Security
Cloud Provider
Responsibility for Security “of the Cloud”
Storage
Availability & Redundancy
Compute
Networking
Encryption Technology, Key Management Capabilities
3rd Party Attestation/Validation (SOC2, HIPAA, PCI)
More information on how QDS is secure
Qubole on Amazon AWS: Security and Compliance
Five Ways to Optimize Big Data Processing Costs in the Cloud
3 Steps to Justify & Reduce The Cost of Your Data Lake
Availability
Qubole is committed to ensuring that the Qubole Data Service will be available 99.9% of the time, not including scheduled, communicated maintenance windows. Qubole continuously monitors our commitment to availability and provides transparent status updates.
| Service | Description | Status |
|---|---|---|
| api.qubole.com | QDS on AWS | Global | Status |
| us.qubole.com | QDS on AWS | SOC2 compliant | Global | Status |
| azureprod.qubole.com | QDS on Azure | Global | Status |
| oraclecloud.qubole.com | QDS on Oracle Bare Metal Cloud | Global | Status |
| eu-central-1.qubole.com | QDS on AWS | Central Europe | Status |
| in.qubole.com | QDS on AWS | India (Mumbai) | Status |
Legal & Compliance
Qubole understands that the confidentiality, integrity, and availability of our customers’ information are vital to their business operations, as well as to our own success. We use a multi-layered approach to protect that key information, constantly monitoring and improving our application, systems, and processes to meet the growing demands and challenges of security for cloud-based products.
Global Audit Compliance
SOC2® SOC for Service Organizations (SSAE-18) Type II Report
Privacy
Data Residency Compliance
AWS Germany (Frankfurt) region
(EU Directive 94/46/EC on Data Protection)
(Information Technology Act 2000 (21 of 2000) section 43A subsection 6 and 7)
