Bringing the issue of security into the big data discussion often produces two divergent schools of thought from IT professionals-categorical denial that big data should be treated differently from existing network infrastructure, and an opposite response towards over-engineering the solution given the actual (or perceived) value of the data involved.
Yet, while big data presents new security challenges, the starting point to resolve these challenges remain the same as creating any other data security strategy: By determining data confidentiality levels, identifying, and classifying the most sensitive data, deciding where critical data is to be located, and establishing secure access models for both the data and analysis.
Plan Around the Big Data Lifecycle
Properly defended big data necessitates defining specific security requirements around the big data lifecycle. Typically, this begins with securing the collection of data followed by securing access to the data. Like most security policies, a proper assessment of the threats to the organization’s big data never ends but revolves around ensuring the integrity of data at restand during analysis.
Performance is a key consideration while securing the collected data and the networks. Firewalls and other network security devices, such as those for encryption, must be of sufficiently high performance so they can handle the increased throughput, connections, and application traffic. In a big data environment, policy creation and enforcement are more critical than usual because of the larger volumes of data and the number of people who will require access to it.
The sheer amount of data also proportionately increases the need to prevent data leakage. Data loss prevention technologies should be employed to ensure that information is not being leaked to unauthorized parties. Internal intrusion detection and data integrity systems must be used to detect advanced targeted attacks that have bypassed traditional protection mechanisms. The inspection of packet data, flow data, sessions and transactions should all be scrutinized. Because big data involves information residing over a wide area from multiple sources, so the organizations also need to have the ability to protect data wherever it exists.
In this regard, virtualized security appliances providing a complete range of security functionality must be positioned at key locations throughout the public, private, and hybrid cloud architectures frequently found in big data environments. Resources must be connected in a secured manner and data transported from the sources to the big data storage must also be secured, typically through an IPSec tunnel.
Leveraging Big Data with the Right Tools
While big data presents challenges, it also offers opportunities. With the right tools, vast amount of information can be analyzed, and this allows an organization to understand and benchmark normal activities. This effort is aided by competent IT staff and efficient deployment of the appropriate security tools. These tools include dedicated logging, analysis, and reporting appliances that can securely aggregate log data from security and other syslog-compatible devices. These appliances will also analyze, report, and archive security events, network traffic, web content, and messaging data. Policy compliance could then be measured and easily customized reports can be produced.
The difficulty in capturing, managing, and processing information quickly in big data environments will continue to make security an after thought in many firms. As portable storage and bandwidth continue to grow, the mobility of these larger datasets will also increase, resulting in breaches and disclosure of sensitive datasets. Threats will likely come from intruders manipulating the big data in such a way that business analytics and business intelligence tools could generate false results and lead to management decisions that could profit the intruders.
Even small changes in big data can have a big impact on results. So, organizations must not ignore the need to secure big data assets for security reasons, business intelligence or otherwise. They must address big data’s main needs in terms of authentication, authorization, role-based access control, auditing, monitoring, and backup and recovery. Going forward, big data analytics involving behavioral benchmarking and monitoring will also become increasingly crucial in addressing next-generation information security challenges.
