Safety finest practices for the Databricks Information Intelligence Platform

At Databricks, we all know that knowledge is certainly one of your Most worthy belongings. Our product and safety groups work collectively to ship an enterprise-grade Information Intelligence Platform that allows you to defend towards safety dangers and meet your compliance obligations. Over the previous yr, we’re proud to have delivered new capabilities and sources akin to securing knowledge entry with Azure Personal Hyperlink for Databricks SQL Serverless, holding knowledge personal with Azure firewall assist for Workspace storage, defending knowledge in-use with Azure confidential computing, reaching FedRAMP Excessive Company ATO on AWS GovCloud, publishing the Databricks AI Safety Framework, and sharing particulars on our method to Accountable AI.

In keeping with the 2024 Verizon Information Breach Investigations Report, the variety of knowledge breaches has elevated by 30% since final yr. We consider it’s essential so that you can perceive and appropriately make the most of our safety features and undertake beneficial safety finest practices to mitigate knowledge breach dangers successfully.

On this weblog, we’ll clarify how one can leverage a few of our platform’s prime controls and not too long ago launched safety features to ascertain a sturdy defense-in-depth posture that protects your knowledge and AI belongings. We may even present an outline of our safety finest practices sources so that you can stand up and operating rapidly.

Shield your knowledge and AI workloads throughout the Databricks Information Intelligence Platform

The Databricks Platform gives safety guardrails to defend towards account takeover and knowledge exfiltration dangers at every entry level. Within the beneath picture, we define a typical lakehouse structure on Databricks with 3 surfaces to safe:

1. Your shoppers, customers and purposes, connecting to Databricks
2. Your workloads connecting to Databricks companies (APIs)
3. Your knowledge being accessed out of your Databricks workloads

Let’s now stroll by means of at a excessive stage a few of the prime controls—both enabled by default or accessible so that you can activate—and new safety capabilities for every connection level. Our full listing of suggestions based mostly on completely different risk fashions could be present in our safety finest follow guides.

Connecting customers and purposes into Databricks (1)

To guard towards access-related dangers, it is best to use a number of components for each authentication and authorization of customers and purposes into Databricks. Utilizing solely passwords is insufficient as a result of their susceptibility to theft, phishing, and weak person administration. In truth, as of July 10, 2024, Databricks-managed passwords reached the end-of-life and are now not supported within the UI or through API authentication. Past this extra default safety, we advise you to implement the beneath controls:

1. Authenticate through single-sign-on on the account stage for all person entry (AWS, SSO is routinely enabled on Azure/GCP)
2. Leverage multi-factor authentication provided by your IDP to confirm all customers and purposes which might be accessing Databricks (AWS, Azure, GCP)
3. Allow unified login for all workspaces utilizing a single account-level SSO and configure SSO Emergency entry with MFA for streamlined and safe entry administration (AWS, Databricks integrates with built-in identification suppliers on Azure/GCP)
4. Use front-end personal hyperlink on workspaces to limit entry to trusted personal networks (AWS, Azure, GCP)
5. Configure IP entry lists on workspaces and to your account to solely enable entry from trusted community places, akin to your company community (AWS, Azure, GCP)

Connecting your workloads to Databricks companies (2)

To forestall workload impersonation, Databricks authenticates workloads with a number of credentials throughout the lifecycle of the cluster. Our suggestions and accessible controls rely in your deployment structure. At a excessive stage:

1. For Basic clusters that run in your community, we suggest configuring a back-end personal hyperlink between the compute airplane and the management airplane. Configuring the back-end personal hyperlink ensures that your cluster can solely be authenticated over that devoted and personal channel.
2. For Serverless, Databricks routinely gives a defense-in-depth safety posture on our platform utilizing a mix of application-level credentials, mTLS shopper certificates and personal hyperlinks to mitigate towards Workspace impersonation dangers.

Connecting from Databricks to your storage and knowledge sources (3)

To make sure that knowledge can solely be accessed by the proper person and workload on the proper Workspace, and that workloads can solely write to approved storage places, we suggest leveraging the next options:

1. Utilizing Unity Catalog to control entry to knowledge: Unity Catalog gives a number of layers of safety, together with fine-grained entry controls and time-bound down-scoped credentials which might be solely accessible to trusted code by default.
2. Leverage Mosaic AI Gateway: Now in Public Preview, Mosaic AI Gateway permits you to monitor and management the utilization of each exterior fashions and fashions hosted on Databricks throughout your enterprise.
3. Configuring entry from approved networks: You’ll be able to configure entry insurance policies utilizing S3 bucket insurance policies on AWS, Azure storage firewall and VPC Service Controls on GCP.
   • With Basic clusters, you possibly can lock down entry to your community through the above-listed controls.
   • With Serverless, you possibly can lock down entry to the Serverless community (AWS, Azure) or to a devoted personal endpoint on Azure. On Azure, now you can allow the storage firewall to your Workspace storage (DBFS root) account.
   • Sources exterior to Databricks, akin to exterior fashions or storage accounts, could be configured with devoted and personal connectivity. Here’s a deployment information for accessing Azure OpenAI, certainly one of our most requested eventualities.
4. Configuring egress controls to stop entry to unauthorized storage places: With Basic clusters, you possibly can configure egress controls in your community. With SQL Serverless, Databricks doesn’t enable web entry from untrusted code akin to Python UDFs. To find out how we’re enhancing egress controls as you undertake extra Serverless merchandise, please this type to hitch our previews.

The diagram beneath outlines how one can configure a non-public and safe surroundings for processing your knowledge as you undertake Databricks Serverless merchandise. As described above, a number of layers of safety can defend all entry to and from this surroundings.

Outline, deploy and monitor your knowledge and AI workloads with industry-leading safety finest practices

Now that we’ve outlined a set of key controls accessible to you, you most likely are questioning how one can rapidly operationalize them for your corporation. Our Databricks Safety workforce recommends taking a “outline, deploy, and monitor” method utilizing the sources they’ve developed from their expertise working with a whole lot of consumers.

1. Outline: It’s best to configure your Databricks surroundings by reviewing our greatest practices together with the dangers particular to your group. We have crafted complete finest follow guides for Databricks deployments on all three main clouds. These paperwork provide a guidelines of safety practices, risk fashions, and patterns distilled from our enterprise engagements.
2. Deploy: Terraform templates make deploying safe Databricks workspaces straightforward. You’ll be able to programmatically deploy workspaces and the required cloud infrastructure utilizing the official Databricks Terraform supplier. These unified Terraform templates are preconfigured with hardened safety settings just like these utilized by our most security-conscious prospects. View our GitHub to get began on AWS, Azure, and GCP.
3. Monitor: The Safety Evaluation Instrument (SAT) can be utilized to observe adherence to safety finest practices in Databricks workspaces on an ongoing foundation. We not too long ago upgraded the SAT to streamline setup and improve checks, aligning them with the Databricks AI Safety Framework (DASF) for improved protection of AI safety dangers.

Keep forward in knowledge and AI safety

The Databricks Information Intelligence Platform gives an enterprise-grade defense-in-depth method for shielding knowledge and AI belongings. For suggestions on mitigating safety dangers, please consult with our safety finest practices guides to your chosen cloud(s). For a summarized guidelines of controls associated to unauthorized entry, please consult with this doc.

We repeatedly improve our platform based mostly in your suggestions, evolving {industry} requirements, and rising safety threats to raised meet your wants and keep forward of potential dangers. To remain knowledgeable, bookmark our Safety and Belief weblog, head over to our YouTube channel, and go to the Databricks Safety and Belief Heart.