While strong authentication with kerberos is added in Hadoop as early as in 2011, only few companies have enabled security in Hadoop clusters. It is quite surprising that some large and famous companies have not bothered to enable security in their clusters. This means that it is possible for a rogue employee to issue a command to delete their full data even though he is not authorized. Without strong authenticaion, authorization is ineffective.
Here are a few companies which has given importance to securing customer data by securing their Hadoop cluster which hold majority of the user data.
- Yahoo (now oath)
- City Bank
if you want to add your company in this list , please add a comment.