Most recent

New Big Data Security Guidelines in the Cloud

By Eitan Bremler
big data security

If you're in retail, ecommerce, finance, insurance, or sales (and the list goes on), you're probably using big data —or you're envious of companies that do. Big data is largely what it sounds like—the process of generating reams of data from customers and clients, and crunching those numbers to uncover hidden trends. Big data is growing at 12.8% per year, and 40% of analytics firms have capitalized on big data already.

Like every revolutionary digital technology from the last decade, big data presents convenience in one hand—and security concerns in the other. Big data involves parsing a lot of customer information that customers would prefer to keep confidential. Moreover, most companies don't own the physical infrastructure that big data calculations are performed on—it's all done in the cloud. How do you keep vast reams of customer data secure when you don't own the infrastructure it's stored on?

What Are the Biggest Challenges for Big Data Security?

Essentially, the largest problem facing big data right now is the question of access control. Extremely detailed data about thousands of customers is being put in play. This posits a few challenges.

  1. Secrecy: Much of the data being processed—names, addresses, emails, and credit card numbers—should be kept secret and restricted to authorized personnel.

  2. Roles: Determining who is allowed to see sensitive data vs. who is restricted to non-sensitive intelligence. Further more, who has permission to edit this data—to create it, delete it, run analysis on it, and transfer it?

  3. Implementation: Making sure that individuals who aren't supposed to view or transfer sensitive data cannot do it.

Software Defined AccessLargest Concerns for Big Data Security

Recently, the Cloud Security Alliance has published a series of recommendations for companies seeking to implement good access control in the cloud. Big data security risk isn't fully baked into big data—but there are definitely ways for companies to easily cut down on unauthorized data transfers. Here are a few tips from the handbook:

  1. Keep an eye on your administrators: Data suggest that most data breaches are the responsibility of insider threats. Either a bad actor gets ahold of user credentials, or an employee becomes a bad actor. Administrator accounts are prime targets for this reason—and should be subject to intense scrutiny.

  2. Use strong encryption to protect data at rest: The CSA recommends that organizations automatically apply encryption to all data that's uploaded to the cloud. As always, use AES encryption, RSA, or SHA-256. Store all encryption keys offline in a location where they can't easily be accessed.

  3. Scale: They don't call it small data. Not only is the amount of data extremely large, the amount of applications accessing, storing and analyzing this data is large. The pool of users isn't small either. Users, applications, and data all need to be connected by a data transfer protocol that can implement the requirements above, and more.

Safe-T + Big Data: Scalable Security

If you've been reading our blog, you know that SDE is adept at a number of different tasks. Automatically applying encryption, meshing together a large number of different applications, and providing granular authorization and access control are only a few of these.

The Cloud Security Alliance had made many recommendations about how companies can provide their big data implementations with security while they're hosted in the cloud. With SDE, you can actualize those recommendations, while barely changing any aspect of the way you do business. For more information, download the whitepaper today.

Download the White Paper: Access and Usage via Software-Defined Access

 Editor's Note: This post was originally published in November 2016 and has been updated for accuracy and comprehensiveness.

All posts