Gartner Cloud DBMS Report Names MarkLogic a Visionary

Yes, NoSQL Can Be Secure

With another database breach in the news it’s a good time to stop and think about our obligations to our users. Companies are striving to build services that adapt quickly to customer needs, market shifts, and technology innovations. That’s great for customers and they’ve come to expect it. Customers also expect their information to be kept secure and private. All too often these days, we’re seeing that this second expectation goes unmet. In a number of cases, companies have unwittingly compromised security and privacy in an attempt to increase agility.


Agility and Security: Better Together

The key is, in 2016, there is no reason to trade off one for the other. Applying proven technologies and well-known best practices can significantly raise the security bar. Unfortunately, what we’re seeing time and time again, is that the hackers don’t have to work very hard. They don’t need to create complex malware to break these systems, they look for low hanging fruit. They find the systems that have been misconfigured, use weak technologies, or violate other well-known security practices.

The notion of a “minimum viable product” is an important and powerful one. It’s a way of zeroing in on what customers do (and don’t) want with minimal time/effort. Ultimately it can lead to better results faster — even though the initial offering may be fairly bare-bones. One thing we have to remember, though, is that protecting customer security and privacy is always a requirement and this is not truer anywhere than at the database level where all of this information is stored.

When building new features or deploying new services, DevOps teams need to incorporate security best practices and proven technologies into their everyday practices – it can’t be an afterthought. When it is an afterthought bad things can happen. First of all, afterthoughts sometimes just fall off the list. It’s a shame to see another report of a major breach because of a misconfigured database. The second problem is that when security is bolted on after the fact, it is much more likely that there will be noticeable gaps.

We feel very strongly about this at MarkLogic. Trillions of dollars’ worth of financial information flows through MarkLogic, as does healthcare information, and information relating to the security of individuals and nations. Moreover, MarkLogic is the place where people integrate data from dozens of siloes across their organizations. Each of those siloes carries sensitive information and MarkLogic is entrusted to hold and protect all of it. We take that responsibility very seriously which is why we are the only Common Criteria-certified NoSQL database in the market.

Don’t give up on security and privacy in the interests of speed and agility. You can have both.


For More Information

Introduction to Security

An interactive chapter from our User Guide giving an overview of MarkLogic security.

The Security Database An 8-minute tutorial that lets you learn about the role of the Security database within a MarkLogic cluster.
Security in MarkLogic 9 Announcement on new security features in MarkLogic 9.

Joe Pasqua - Executive Vice President, Products | MarkLogic

Joe Pasqua brings over three decades of experience as both an engineer and a leader. He has personally contributed to several game changing initiatives including the first personal computer at Xerox, the rise of RDBMS in the early days of Oracle, and the desktop publishing revolution at Adobe. In addition to his individual contributions, Joe has been a leader at companies ranging from small startups to the Fortune 500.

Most recently, Joe established Neustar Labs which is responsible for creating strategies, technologies, and services that enable entirely new markets. Prior to that, Joe held a number of leadership roles at Symantec and Veritas Software including VP of Strategy, VP of Global Research, and CTO of the $2B Data Center Management business.

Joe’s technical interests include system software, knowledge representation, and rights management. He has over 10 issued patents with others pending. Joe earned simultaneous Bachelor of Science Degrees in Computer Science and Mathematics from California Polytechnic State University San Luis Obispo where he is a member of the Computer Science Advisory Board.

Start a discussion

Connect with the community

STACK OVERFLOW

EVENTS

GITHUB COMMUNITY

Most Recent

View All

Multi-Model: The Next Step In Database Technology?

Does your database just store multiple data types, or can it also serve them back to the business with agility and flexibility? Get some tips on things to consider when evaluating multi-model database technologies.
Read Article

What Makes Complex Data Different

How do you know when you have complex data, and why is it important? Industry veteran Chuck Hollis explains.
Read Article

Standardizing Internal Data Models on FHIR

Learn about MarkLogic's work on a FHIR-based standardized data model to support persisted payer data for our Medicaid Accelerators.
Read Article
This website uses cookies.

By continuing to use this website you are giving consent to cookies being used in accordance with the MarkLogic Privacy Statement.