Big Data Security

Big Data Security

Big Data Needs Big Security

Michael Connaughton,
Big Data Leader EMEA, Oracle @mikeconna1


As organizations increasingly rely on data for their everyday work they must ensure it is adequately protected from the ever-present threat of malicious attacks

Intel

Organizations collect, store and utilize a greater volume and variety of data than ever before. They do this to maximize their insights into customer preferences and behaviours that simply can’t be obtained any other way, and to ensure that crucial business decisions are data-driven wherever possible rather than based on assumptions. For most organizations, data is the core driver of their business.

So it’s surprising that organizations often don’t put the safeguards in place that this precious resource warrants. We know that data is can be poorly protected just by the major breaches that are regularly reported in the press. For every headline hitter there are many other data breaches that are unreported, including those in which data ransoms are paid.

Michael Connaughton

Michael Connaughton, Big Data Leader EMEA

As the amount of data stored by organizations grows, so the number of attacks rises, and the sheer number of data records at risk increases. The Verizon 2015 Data Breach Investigations Report identified 79,790 security incidents and 2,122 confirmed data breaches. It points out that in 60 percent of breaches organizations can be compromised in minutes, and yet more than half of organizations took months to discover a breach.

Why are there so many data breaches?

Because data in its increasing array of forms is valuable. Information from security logins to personal health records, competitor information, financial management data and much more is all of commercial interest to competitors, and hackers are often able to either ransom data or offer it for sale on the black market.

As Oracle, in association with Intel, recently highlighted in an enterprise security whitepaper,  two-thirds of focused budgets go to protect the network. Yet this is often ineffective. For example, in 2014 less than one percent of security breaches were detected using network perimeter controls like switches, firewalls and routers, according to Verizon.

 As the amount of data stored by organizations grows, so the number of attacks rises, and the sheer number of data records at risk increases. 

Network protection is of course important. But it’s part of the mix, not the main event. Too often the data itself sits within vulnerable systems. Take Apache Hadoop, for example. A highly scalable open-source technology with an architecture that can handle distributed data processing, Hadoop is favoured for its ability to support big data projects. But it is not built for security.

Organizations need a platform-based approach to data security that reflects how they use data across its lifecycle, from acquisition or creation, through to storage, usage, archiving and deletion. This kind of comprehensive strategy is particularly relevant when you consider the huge range of information now being processed by big data technology. It means embedding security in every layer of the IT infrastructure from databases through to middleware and into applications.

 Organizations need a platform-based approach to data security that reflects how they use data across its lifecycle, from acquisition or creation, through to storage, usage, archiving and deletion. 

At the same time, it is necessary to put user controls and permissions in place as well as smart techniques for monitoring what’s happening to data so that suspicious activity can be identified and shut down.

In this respect a good data security platform is no different to the measures someone would take to secure their own home. An alarm system protects access to the building itself at all points of entry, while room sensors act as a fall-back. Meanwhile locked doors and safes provide additional layers of protection, and only those people granted access have keys.

Oracle and Intel are applying technologies, policies, and procedures developed over several decades to secure the big data landscape. Their complementary portfolio of layered, defense-in-depth solutions ensures data privacy, protects against insider threats, and simplifies regulatory compliance. This comprehensive security architecture protects the entire big data environment both on-premises and in the cloud.

 With the increasing opportunity for business insights derived from big data sources, alongside the growth of the Internet of Things, the volume of data that organizations need to collect and curate will only grow. 

Implementing effective big data security is not just about getting the technology right. Organizations need great data governance policies too. As well as ensuring that legal requirements and industry standards are met, a policy will enshrine the need for the right platform in the organizational culture. This is no different to a home insurance provider requiring appropriate locks or alarm systems before providing cover.

With the increasing opportunity for business insights derived from big data sources, alongside the growth of the Internet of Things, the volume of data that organizations need to collect and curate will only grow.

Any organization without a robust data security platform already in place should give serious thought to implementing one. Yes, it means looking broad and deep to secure all possible points of weakness, but the alternative could be disaster. Failing to ensure an appropriate strategy is in place is simply not an option.


This Big Data article is brought to you by Oracle and Intel®.

Intel® and the Intel logo are trademarks of Intel Corporation in the U.S. and/or other countries.


Learn More