https://community.databricks.com/t5/data-engineering/security-threats-in-databricks-for-file-upload/m-p/34808#M25525 <P>Dear community, </P><P></P><P>we are using the Azure Databricks service and wondering if uploading a file to the DBFS (or to a storage accessed directly from a notebook in Databricks) could be a potential security threat. </P><P>Imagine you upload some files with 'malicious code', macros etc. that could be executed and destroy our databricks setup in any kind. Is that possible/realistic?</P><P></P><P>Did not really find anything on this, so would be helpful if you guys could share your opinion. </P><P></P><P>Thank you!</P><P></P><P></P> Thu, 18 Nov 2021 14:31:11 GMT CAN 2021-11-18T14:31:11Z https://community.databricks.com/t5/data-engineering/security-threats-in-databricks-for-file-upload/m-p/34808#M25525 <P>Dear community, </P><P></P><P>we are using the Azure Databricks service and wondering if uploading a file to the DBFS (or to a storage accessed directly from a notebook in Databricks) could be a potential security threat. </P><P>Imagine you upload some files with 'malicious code', macros etc. that could be executed and destroy our databricks setup in any kind. Is that possible/realistic?</P><P></P><P>Did not really find anything on this, so would be helpful if you guys could share your opinion. </P><P></P><P>Thank you!</P><P></P><P></P> Thu, 18 Nov 2021 14:31:11 GMT https://community.databricks.com/t5/data-engineering/security-threats-in-databricks-for-file-upload/m-p/34808#M25525 CAN 2021-11-18T14:31:11Z https://community.databricks.com/t5/data-engineering/security-threats-in-databricks-for-file-upload/m-p/73737#M34658 <P>Uploading a file to the Databricks File System (DBFS) or accessing storage directly from a notebook in Azure Databricks could pose potential security risks if not managed properly. Here are some considerations:</P><OL><LI><P><STRONG>Sensitive Data Exposure</STRONG>: Uploading sensitive files containing confidential information without proper encryption or access controls could lead to data exposure.</P></LI><LI><P><STRONG>Unauthorized Access</STRONG>: If access controls are not configured correctly, unauthorized users may gain access to sensitive data uploaded to DBFS or stored in connected storage.</P></LI><LI><P><STRONG>Data Integrity</STRONG>: Uploading files with malicious content could compromise the integrity of the Databricks environment or the data stored within it.</P></LI><LI><P><STRONG>Compliance Concerns</STRONG>: Violating data protection regulations or internal compliance policies by mishandling sensitive data could result in legal or regulatory penalties.</P></LI></OL><P>To mitigate these risks:</P><UL><LI>Implement proper access controls and permissions to restrict who can upload files and who can access them.</LI><LI>Encrypt sensitive data before uploading it to DBFS or connected storage.</LI><LI>Regularly audit access logs and monitor for suspicious activities.</LI><LI>Educate users on best practices for handling data securely within Azure Databricks.</LI></UL><P>By proactively addressing security concerns, you can leverage Azure Databricks' powerful capabilities while safeguarding your data and infrastructure.</P><P>Krunal Medapara,</P><P>CTO</P><P>NewEvol</P><P><A href="https://www.newevol.io/solutions/threat-hunting.php" target="_self">https://www.newevol.io/solutions/threat-hunting.php</A></P> Thu, 13 Jun 2024 07:23:09 GMT https://community.databricks.com/t5/data-engineering/security-threats-in-databricks-for-file-upload/m-p/73737#M34658 KrunalMedapara 2024-06-13T07:23:09Z