Configure enhanced security and compliance settings

Preview

The automatic cluster update feature and the ability to enable Enhanced Security and Compliance features from the account console are in Public Preview.

The compliance security profile (with compliance standards) and enhanced security monitoring are generally available.

This article describes how to configure it on your Databricks workspace or account. See the pricing page.

This add-on requires the Enterprise pricing tier.

Enable enhanced security and compliance features on a workspace

Account admins can enable the compliance security profile, add compliance standards, enable enhanced security monitoring, and enable automatic cluster update on a workspace.

  1. As an account admin, go to the account console.

  2. Click Workspaces.

  3. Click on your workspace’s name.

  4. Click Security and compliance.

  5. To enable the compliance security profile, next to Compliance security profile, click Enable.

    In the Compliance security profile dialog, optionally select compliance standards and click Save.

    Important

    • If you enable the compliance security profile or if you add compliance standards, the effect is permanent for that workspace.

    • Before you process PHI data, it is your responsibility to ensure that you have a BAA agreement with Databricks.

  6. To enable enhanced security monitoring, select the checkbox Enhanced security monitoring.

    If you enable the compliance security profile, enhanced security monitoring is automatically enabled.

  7. To enable automatic cluster update, select or unselect the checkbox Automatic cluster update.

    If you enable the compliance security profile, automatic cluster update is automatically enabled.

Set account-level defaults for new workspaces

Account admins can configure settings for security profile (with compliance standards) or enhanced security monitoring at an account level to apply to all new workspaces. When you enable the compliance security profile as a default for new workspaces, enhanced security monitoring and automatic cluster update are also enabled for new workspaces.

  1. As an account admin, go to the account console.

  2. In the sidebar, click Settings.

  3. Click the Security and compliance tab.

  4. In the sidebar, click Enhanced Security and Compliance Settings.

  5. To enable the compliance security profile, next to Compliance security profile, click Configure.

    In the Compliance security profile for new workspaces dialog, select Enabled, select one or compliance standards or select None and click Save.

    Important

    Before you process PHI data, it is your responsibility to ensure that you have a BAA agreement with Databricks.

  6. To enable enhanced security monitoring, select the checkbox Enhanced security monitoring for new workspaces.