[BreachExchange] 5 Tips to Overcome Big Data Security Issues

Audrey McNeil audrey at riskbasedsecurity.com
Fri Mar 23 22:23:07 EDT 2018


https://insidebigdata.com/2018/03/22/5-tips-overcome-
big-data-security-issues/

Businesses are now collecting and using a huge amount of data. Much of this
flows from an increasing range of smart devices, all interconnected as the
IoT (Internet of Things). Our computer capacity continues to grow rapidly,
but there is still concern over security issues that can compromise even
locally generated information. In business, highly sensitive information is
stored, and it’s necessary to observe government regulations to protect
consumers. At the same time, incidents of data breaches continue to rise.
This is why it’s essential to make data protection a priority and establish
strict security measures.

Here are five tips that can help you guard data against breaches in both
big data deployments and any software accessing the data.

Secure Data Storage

Managing storage is a critical part of any data strategy. Auto-tiering is
necessary when you’re looking at petabytes of information. New data is
automatically assigned to different storage levels to make managing huge
volumes of data simpler. However, this can create other problems due to
issues like unverified services or contradictory protocols. Auto-tiering
also generates logs of its storage activities which also have to be
protected and maintained. SUNDR (secure untrusted data repository) helps
with this by monitoring for and detecting unauthorized file operations.
These can come from malicious software agents. SUNDR utilizes consistency
checks to ensure data is stored securely.

Secure Non-Relational Data

Many organizations handle a large volume of unstructured data such as
images. They turn from standard SQL relational databases to NoSQL
deployments. These solutions are becoming more common but are still
vulnerable to injection attacks where malignant code is inserted.
Recommended security measures include hashing or encrypting passwords. You
should also use effective end-to-end encryption algorithms such as RSA,
AES, and SHA-256, as well as SSL encryption.

Ensure Endpoint Security

Trusted certificates at each endpoint will help to ensure that your data
remains secured. Additional measures that your organization should use
include regular resource testing and allowing only trusted devices to
connect to your network through the use of am MDM (mobile device
management) platform.

One challenge lies in ensuring that all data is valid, given the wide scope
of devices and data collection technologies. Many input devices and
applications are vulnerable to hackers and malware. Intruders can mimic
multiple logon IDs or corrupt the system with false data. Your big data
solution should be capable of both preventing intrusion and identifying
false data.

Prevent Inside Threats

Your company is also exposed to internal security risks, whether from
disgruntled or simply careless employees. This is especially challenging in
business environments where employees working with the data are not fully
educated on proper security practices and behavior, including data
scientists and software developers.

It’s important that you provide digital security training to all employees.
They should know about password safety, logging off unused computers,
granting permissions to other employees and risks of accessing data via
public Wi-Fi.

Your company should also have user logs in place to help identify workers
who might attempt to steal intellectual property, use stolen logon
credentials, or otherwise try to compromise or bypass network security
protocols.

Analyze and Monitor

A big data solution that includes tools for both analysis and monitoring in
real time can raise alerts the instant network intrusion is detected. But
this can result in large amounts of network data. Your goal is to provide
an overall picture of what’s happening over sometimes large networks from
moment to moment. Your organization may not have the resources to monitor
and analyze all the feedback generated, including false alarms as well as
real threats.

The solution is that big data analytics itself can be used to improve
network protection. Your security logs can be mined for anomalous network
connections. This will make it easier for you to identify actual attacks as
opposed to false positives going forward.

Final Thoughts

Automated data collection is increasing the exposure of companies to data
loss. When considering a big data solution, you can best mitigate the risks
through strategies such as employee training and varied encryption
techniques. But it’s also crucial to look for solutions where real security
data can be analyzed to drive improvements.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20180323/d51a6064/attachment.html>


More information about the BreachExchange mailing list