[BreachExchange] Getting Serious About Big Data Security
Audrey McNeil
audrey at riskbasedsecurity.com
Wed Aug 10 19:42:46 EDT 2016
http://www.smartdatacollective.com/melissa-thompson/427362/
getting-serious-about-big-data-security
Big data is not just a passing trend or a boardroom buzzword anymore. It’s
here to stay, and the benefits can be significant and far-reaching.
However, with the collection of all of this data comes the need to store
and protect it. Such large repositories of data, especially when it
contains sensitive information about customers and your business, are
attractive targets for cyber-criminals, and the results of a major breach
devastating on a number of levels.
And breaches are becoming all too common, to the point where it’s not so
much a question of if a company will experience a breach, but when there
will be a breach and how devastating it will be.
Because the risk of a data breach is so high, and the potential fallout is
so significant, it’s time for companies to get serious about big data
security.
Challenges to Data Security
For many companies, the issue isn’t necessarily that they need to secure
their big data, but that they face some major challenges in doing so. Among
the challenges that many companies face in securing data include:
Skills gaps. Cybersecurity, in general, is experiencing a shortage of
skilled workers, and the gap for those with experience in managing big data
is even wider. Many businesses do not have data scientists or analysts on
staff, and thus have difficulties identifying and correcting all of the
security holes and weaknesses.
Access controls aren’t always managed well. For many companies, it’s all
but impossible to parse out big data to ensure security and confidentiality
among all levels of the company. In addition, data encryption protocols for
big data can become outdated quickly, creating issues with access.
Audit limitations. Auditing the data collected for security risks is
difficult or impossible due to the amount of data being collected and
limitations to the technology.
Current security protocols weren’t designed for big data. Many of the
platforms that companies use to work with big data were not designed to
secure that data, and thus do not offer built-in security features like
encryption. Companies are then forced to build their own security features
into applications, something that can be expensive, time consuming, or
impossible due to skill limitations.
Big data is diverse. Big data often means collecting information from a
wide variety of sources, all of which require their own security protocols.
These are just a few of the challenges that businesses face when it comes
to securing big data. However, just because there are challenges doesn’t
mean that it’s impossible.
Improving Your Big Data Security
Given the challenges that are inherent in securing big data, it’s
imperative that you develop a plan and invest in advanced tools for data
security. As big data becomes a vital part of doing business, you can no
longer afford to sit back and rely on the same security measures you have
always used.
Big data security relies on developing a strategy that recognizes that this
data is different than your other data, and thus needs different
protection. Some of the tactics being put to use include:
Focusing on application security rather than endpoint security. As
previously mentioned, most big data technologies weren’t originally
designed with an eye toward security. Be sure that you are using secure
versions of all software, particularly open source software.
Consistently maintaining, monitoring, and analyzing audit logs. Upgrading
audit logging technologies to better manage big data is a must. Security
engineers should be charged with examining and monitoring logs, and that
this task is handled consistently across the entire organization.
Establishing stronger access controls. Access to big data must be granted
via managed accounts that follow password best practices and deactivate
inactive accounts. Monitor who has access to the data and when they access
it. If someone does not need access to a data cluster, they should not have
it.
Securing hardware and software. Manage all servers used for big data to
ensure their security. Install updates and patches as needed and limit
administrator privileges to only those who need it.
The most important point to remember when it comes to protecting big data
is that it needs to be handled differently and that you need to invest
resources in protection or risk serious consequences. Criminals are not
going to stop attacking your business, so you need to be on the defensive
and proactively protect your data.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20160810/66a3cd00/attachment.html>
More information about the BreachExchange
mailing list