We’re excited to share a brand new set of safety controls and compliance certifications that may assist with regulatory compliance on Azure Databricks and AWS Databricks SQL Serverless. Typically obtainable at present, Azure Databricks is now licensed PCI-DSS (Traditional) and HIPAA (Databricks SQL Serverless) compliant. Moreover, AWS Databricks SQL Serverless is licensed HIPAA, PCI and FedRAMP Reasonable compliant as a public preview. These capabilities can be found by means of the Databricks Enhanced Safety and Compliance Add-On.
Clients all around the world belief us with their most delicate knowledge. Databricks has applied and continues including controls to satisfy the distinctive compliance wants of our extremely regulated prospects. Amongst our commonest requests are safety controls permitting prospects to course of regulated and delicate knowledge inside Databricks to adjust to Cost Card Trade Knowledge Safety Commonplace (PCI-DSS), Well being Insurance coverage Portability and Accountability Act (HIPAA), and Federal Threat and Authorization Administration Program (FedRAMP).
This weblog will present an outline of our new compliance certifications on Azure Databricks and AWS Databricks SQL Serverless and spotlight the capabilities which are obtainable that can assist you configure your setting with all the obligatory controls to help these new certifications with the Databricks Enhanced Safety and Compliance Add-On.
Azure Databricks is now PCI-DSS (Traditional) and HIPAA (Databricks SQL Serverless) compliant
We’re excited to announce that Azure Databricks is now compliant below PCI-DSS, and Azure Databricks SQL Serverless is compliant below HIPAA. Each of those certifications are actually typically obtainable. This enhances the present compliance certification controls already obtainable on the Azure Databricks Traditional compute aircraft.
To configure your Azure Databricks workspaces to course of PCI knowledge, it’s essential to allow the Compliance Safety Profile, a part of the Databricks Enhanced Safety and Compliance Add-On, now typically obtainable.
AWS Databricks SQL Serverless is now HIPAA, PCI and FedRAMP Reasonable compliant
AWS Databricks SQL (DB SQL) Serverless offers the very best efficiency with on the spot and elastic compute, lowers prices, and lets you concentrate on delivering probably the most worth to your corporation somewhat than managing infrastructure. We’re thrilled to announce that AWS DB SQL Serverless is licensed compliant below HIPAA, PCI-DSS, and FedRAMP Reasonable. This enhances the present HIPAA, PCI-DSS, and FedRAMP Reasonable compliance controls already obtainable for the Databricks AWS Traditional compute aircraft.
The Compliance Safety Profile, a part of the Enhanced Safety and Compliance Add-On, now helps AWS SQL Serverless Warehouses. This help is in public preview and shall be obtainable initially on the AWS us-east-1 area. If you have already got the Databricks Enhanced Safety and Compliance Add-On and your workspace is already configured with the Compliance Safety Profile, AWS DB SQL Serverless Warehouses shall be obtainable in these workspaces over the subsequent few weeks.
Benefit from the very best normal for Databricks safety with the Enhanced Safety and Compliance Add-On
At Databricks, we acknowledge that sustaining knowledge safety and compliance is a high precedence for our prospects. Some prospects need further safety controls, particularly safety monitoring, and others require options like FIPS 140-2 encryption and cluster replace enforcement for compliance. That’s the reason Databricks launched Enhanced Safety and Compliance Add-On to assist simplify the complexity of assembly safety and regulatory necessities for our prospects. Two choices make up Enhanced Safety and Compliance Add-On:
Enhanced Safety Monitoring: Enhanced Safety Monitoring offers prospects with elevated visibility, risk safety and safety hardening for his or her workloads. Advantages of this providing embrace:
- Canonical Ubuntu Benefit VMs with enhanced CIS Degree 1 hardening
- Conduct-based malware monitoring and file integrity monitoring
- Malware and antivirus detection
- Vulnerability reviews of the host OS
With Enhanced Safety Monitoring, safety occasion logs from safety monitoring brokers are made obtainable alongside along with your common Databricks audit logs, offering complete safety monitoring in your group’s SIEM or Databricks platform. These logs include contextual data that assists analysts in shortly figuring out the origin of suspicious exercise with out requiring a prolonged investigation.
Compliance Safety Profile: The Compliance Safety Profile facilitates compliance governance for workspaces by offering a validated safety baseline that mixes the safety capabilities of Enhanced Safety Monitoring with further safety features to deal with the relevant controls of PCI-DSS and HIPAA. The Compliance Safety Profile is our most safe baseline for the Databricks compute aircraft, serving to prospects to satisfy and handle their compliance management necessities a lot simpler. Key advantages of this providing embrace:
- The Enhanced Safety Monitoring safety enhancements listed above
- FIPS 140-2 Degree 1 validated encryption modules (AWS solely)
- AWS Nitro VM enforcement for knowledge at relaxation and in transit encryption (AWS solely)
- Computerized Cluster Replace lets you configure a workspace with a month-to-month or twice-monthly schedule to restart compute assets mechanically. This functionality helps admins and customers plan downtime for restarting compute assets to get the most recent photographs and safety updates.
You may activate Databricks Enhanced Safety and Compliance as an add-on SKU for the enterprise (AWS) and premium (Azure) tiers.
Getting Began
Go to our pricing web page for extra data on activate the Databricks Enhanced Safety and Compliance Add-On. Consult with our documentation for step-by-step directions on enabling Enhanced Safety Monitoring (AWS | Azure) or the Compliance Safety Profile (AWS | Azure) to harden your Azure Databricks, AWS SQL Serverless, and AWS Traditional compute aircraft workspaces.
Please go to our Safety and Belief Middle for extra details about Databricks safety features and compliance certifications.
