Big Data Requires Bigger Security, But Is It As Complex As It Dounds?
“Information is the oil of the 21st century, and analytics is the combustion engine.”
– Peter Sondergaard, Senior Vice President, Gartner Research.
In the age of such severe competition, it’s necessary to collect and analyze all the data you have, observe the trend and use the business insight gained to benefit your business. Like every technology, this also has its challenges, and the one challenge which unfortunately had been left for the end to tackle is its security. The data that is so important for you is, unfortunately, a gold mine for Hackers as well, and with so much data stored at one place, is too tempting for them to leave it alone. So while organizations are laying their focus on analyzing this data and information and using it for their benefit, it is also important for them to secure their companies’ and customer’s information.
What is Big Data?
Wikipedia defines Big Data as “an all-encompassing term for any collection of data sets so large and complex that it becomes difficult to process using on-hand data management tools or traditional data processing applications.” And big data has increasingly become important for businesses. Unstructured data, which was previously considered waste, is now being stored and analyzed to leverage the information it gives and to make better organizational decisions.
Data is being collected from everywhere and it varies in nature, formats, and consistency- data being collected is from satellites, transactional data, websites, social media and more. It can be in a structured or unstructured form, as numbers, in the form of emails or the videos-the list goes on.
Initially storing data was considered to be a big hurdle, but with the rapid increase in data storage companies and a decrease in data storage costs, that problem has been tackled. But the other problem which should have been considered first but like always occurred as aftermath, is this data security.
What is so big about big data?
In the fast paced world, we live in, it’s understandable that the data is also being collected, and stored at a fast pace. A huge amount of data inflows continuously and this pace is only expected to increase. And the fact that the data inflows in different formats, add to its complexity. Handling this data, merging it and segregating it in a format that can be easily analyzed, are some challenges that organizations struggle with.
The data flow can be highly unpredictable, heavily dependent on external and non-controllable factors. One major incident and everyone is talking about it. News, blogs, social media, organizations-all stow the flow of data in one direction, and mostly in different unstructured formats.
Organizations lay a lot of importance on big data because if utilized properly, it can serve as a big differentiator and a deal clincher for them.
Big Data Expanding Rapidly
A study by McKinsey Global Institute stated that 20 bn terabyte of fresh digital data will be generated in 2014, and is likely to hit 140 terabytes by 2020. By 2015, the size of big data is estimated to be $25bn and by 2020, a whopping $100bn.
Data is growing at a rapid pace. And bigger the data, bigger the data breach and equally big will be the repercussions. What can you do to ensure that your big data is not only big but also safe?
Tips for securing your “Big Data”
Big data security is not very different from traditional data security. There are things that can be done to bring that security in big data. The SANS Institute provided a list of security controls for this, many of which are included below:
- Application Security- Organizations are relying on open-source software, combined with few programs, and creating agile and cost-effective databases, easy enough to be set up by anyone. But no concern is given to security in this process, and what we end up with is a recipe for the data breach. Therefore it is necessary that the software and apps you are using are secure, to start with. Application security is a crucial component for any online application, irrespective of the size of the data stored.
- Devices holding sensitive data should have approved hard drive encryption software deployed– Data encryption, both in transit and at rest, helps provide a level of security in event of data compromise.
- Scrutinize the movement of data on both ends of your network– It is true that if your data is encrypted, it provides a certain level of assurance even if data is compromised, but despite this it is necessary to have some controls in place which enable in minimizing the chances of data theft in the first place.
- Storing data on the cloud? Review the cloud provider security practices for data protection- Organizations are moving data to the cloud and it’s important for them to have a thorough understanding of the security controls applied to data in the cloud environment. Emphasis on the proper application of encryption controls and security of keys is needed. Usage of security containers like HSM (Hardware security modules) should be encouraged.
- Detection and Monitoring of traffic- Automated tools should be used for network protection. An effective automated tool on the network perimeters checks the traffic for the presence of any sensitive information like PII (personally identifiable information), keywords, etc. and detects and informs of any unauthorized attempts to breach data. Tools should be used to monitor the traffic leaving the organization, to detect unauthorized use of encryption. This should be done because encrypted channels can be used to bypass network security devices. Therefore it is important that organizations can use the traffic to analyze and detect such infected connections, end them, and fix the infected system. Thereafter you can also block access to known file transfer and e-mail exfiltration websites.
- Protection from SQL injection– SQL injection is one of the most dangerous and common web application threats. Hackers are using SQL injections to take control of massive databases, even though simple steps like White box testing, Manual Penetration testing, and periodic manual checks can keep you informed of any vulnerability in your applications. All you have to do, if an SQL vulnerability is found is, update the code and fix the vulnerability. If in case, fixing the code cannot be done immediately, a WAF can be used for virtual patching after deployment.
- Ensure third party protection– The infamous Target breach happened due to infiltration through a third party vendor. Even a top-notch data protection program in place cannot save you if one of your vendors is lax about his business’ security. Insist that the vendors you work with are following are the necessary security norms, and if they breach this arrangement, make them accountable for the action.
Everyone is talking of big data not being safe and impossible to secure, and how it’s too late as the security measures should have been deployed as of yesterday. But there is no reason to panic as simple security measures can enable organizations in keeping their data secure and use it for their benefit. Hackers will always be there on the offensive, but proactive measures from our end can keep us a step ahead of them.