On Fri, Sep 30, 2011 at 4:50 PM, Kyle Quest <kcq.li...@gmail.com> wrote:
> I'm not here to define a perfect infrastructure for securing NoSQL > databases and Riak and go into implementation details... It's not my > intention because I simply don't have time to dedicate to this big > project and it's impossible to come up with a perfect solution right > away. Either way asking customers to be security experts is asking for > trouble... And I base this statement on the actual real world > experience in security, which I have quite a bit. I'll leave it on > this note :-) And let's talk in 10 or 15 years :-) > -- If you've been in security that long, you know that every security measure has a cost associated. In general, Riak is deployed deep in infrastructure, and secured in ways that are almost always already in-place for other purposes. It is almost never exposed to the outside world. The lack of authentication/authorization/etc has more often been an annoyance factor than a deal-breaker for our customers. And if you think we only have startups as customers, you haven't looked closely -- many of our customers are "big enterprises" and that segment is the one growing fastest. Sean Cribbs <s...@basho.com> Developer Advocate Basho Technologies, Inc. http://www.basho.com/
_______________________________________________ riak-users mailing list riak-users@lists.basho.com http://lists.basho.com/mailman/listinfo/riak-users_lists.basho.com
