| |||||||||
| |||||||||
Current Filter: Network>>>>>Opinion> Big data, big security Editorial Type: Opinion Date: 01-2015 Views: 1926 Key Topics: Networking Storage Security Big Data Key Companies: MWR InfoSecurity Key Products: Key Industries: | |||
| When it comes to Big (unstructured) data, security is a process and not an objective. Guillermo Lafuente, Security Consultant at MWR InfoSecurity explains. The storage of big data can be a challenge in terms of security, for many reasons. Not only does the amount of data stored have a direct effect on the consequences of a breach, but it also influences the strategic and tactical approaches that should be taken to ensure compliance and privacy. When producing information for big data, organisations have to ensure that they have the right balance between the utility of the data and its privacy. This follows a process of anonymising the data, encrypting it, putting proper access controls in place with security monitoring and risk assessment, and then making sure that storage complies with local regulations.
ANONYMISING DATA
ENCRYPTION
ACCESS CONTROL AND SECURITY MONITORING One problem that may need to be overcome is that software commonly used to store big data, such as Hadoop, doesn't always come with default user authentication. This makes access control a little trickier, as a default installation would leave the information open to unauthenticated users. By using real-time security monitoring, access to the data can be monitored and threat intelligence applied in order to prevent unauthorised data access.
RISK ASSESSMENT AND COMPLIANCE If the data is shared with other organisations then careful consideration needs to be given to how this is done. Deliberately released data that turns out to infringe privacy can have a huge impact on an organisation, including both reputational and economic consequences. Anyone using third party cloud providers to store or process their data needs to ensure that their providers actually comply with regulations. The main challenge introduced by big data is how to identify sensitive pieces of information that are stored within the unstructured data set, so it is crucial to bear in mind that security is a process, not a product. Therefore, organisations using big data will need to introduce adequate processes and apply traditional information lifecycle management that helps them effectively balance managing and protecting the data, as well as their customers' privacy. NC | ||
Like this article? Click here to get the Newsletter and Magazine Free! | |||
Email The Editor! OR Forward Article | Go Top | ||
PREVIOUS | NEXT |