Datanova: Taking Data Mesh from Theory to Practice. Join us September 29th for a free half-day virtual event! Register Now

×
Home  »  Platform  »  Features  »  Security

Enterprise-grade security

Treat your most valuable asset like it’s your most valuable asset

Starburst Enterprise Security Guide

Security is our highest priority.

The largest organizations in the world trust Starburst to deliver critical insights and improve business outcomes.

Fine-grained access control

Starburst provides access control over all connected data sources and clients.

  • Integrated built-in role-based access control (RBAC) system with table, column, and row level access control
  • Easy to configure any user’s correct access rights to catalogs and to individual schemas, tables, and views
  • Restrict or allow access to specific rows or columns
  • Manage access for data products and UI screens
  • Audit logs of all access control changes
  • Row-level filtering and column-level masking

“One of the core missions of my team is to make the Data Mesh happen while still maintaining everything that we need to maintain in terms of policies and data privacy constraints. Starburst is making my life a lot easier by creating the first mesh [platform] for business metrics, that we can start operating within.”

Alexander Seeholzer
Director, Data Services

“We recognized that we can deliver greater value to our customers by enabling them with the latest technology to carry out analytics at scale.”

Richard Jarvis
Chief Analytics Officer

“We just want one place to
configure security for all data access and Starburst Trino allows us to do that”

Mike Prior
Principal IO Engineer

End-to-end data encryption and authentication

Encrypting User Access

Connected clients can use ODBC or JDBC drivers and other supported drivers. All connections can use TLS and therefore transfer encrypted data only.

Authenticating Users

Starburst Enterprise enables authentication through the industry standard LDAP protocol. Starburst Enterprise also provides alternative authentication options including password with local user database, certificate, JWT, OAuth2 and Kerberos.

Securing Internal Communication

Full end-to-end encryption of internal traffic between cluster nodes is possible for highly secure environments. Securing internal communication ensures that intermediate data exchanged inside Starburst Enterprise during query processing is encrypted in transit.

Securing Connectors

Starburst Enterprise provides secured access to your data source depends on the particular connector and the source system capabilities. Specifically, Starburst provides end-user impersonation and credential passthrough through credentials of Identity Provider (IdP), Kerberos, and password.

Securing Sensitive Data

To better be in compliance with data security regulations, Starburst Enterprise provides the ability to securely authenticate to sensitive data in various data sources without having to store the plaintext passwords and usernames in the configuration files.

Single sign-on (SSO)

 

Starburst Enterprise and Galaxy both support log-in via Identity Provider (IdP). Starburst Enterprise currently has support for Okta while Starburst Galaxy supports Okta, Azure AD and Google.

Monitoring and logging

 

Starburst offers the ability to log each query in great detail to a remote database. From here, this data can be queried with Starburst or pulled into an existing event logging system.

Real-time usage monitoring

Insights provides a graphical interface to view query history. Users can easily search and view queries that were executed on the cluster. In addition, detailed statistics are available for each query. Insights provides a visual overview of important metrics about your Starburst Enterprise cluster for all types of users, from platform administrators to data consumers. From the Insights interface, you can access detailed query history, including single-query statistics and query plans, and cluster performance information from a selected date range.

Learn more about Insights

Partners

With Starburst as a single point of access and Immuta as a single point of access control, data teams can optimize performance and streamline self-service data access from a centralized access control plane.  Learn more.

Privacera combined with Starburst provides enterprises with centralized, secure access to data that includes end-to-end governance and compliance. Privacera integrates with Starburst Enterprise enabling users to seamlessly integrate with a secure infrastructure to run federated queries across multiple databases without sacrificing privacy, governance, or compliance.  Learn more.

Get started with Starburst

 

Install anywhere

Starburst includes everything you need to install and run Trino on a single machine, a cluster of machines, or even your laptop.

Download Free

Cloud-native, frictionless, and fully managed. The fastest path from big data to better decisions.

Start Free

Marketplace offerings

Try Starburst in your preferred marketplace

 

Start Free with
Starburst Galaxy

Up to $500 in usage credits included

  • Query your data lake fast with Starburst's best-in-class MPP SQL query engine
  • Get up and running in less than 5 minutes
  • Easily deploy clusters in AWS, Azure and Google Cloud
For more deployment options:
Download Starburst Enterprise

Please fill in all required fields and ensure you are using a valid email address.

By clicking Create Account, you agree to Starburst Galaxy's terms of service and privacy policy.