Big Data Has Big Potential, But Also Data Security Concerns
Enterprises are embracing big data like never before, using powerful analytics to drive decision-making, identify opportunities, and boost performance. But with the massive increase in data usage and consumption comes a whole set of big data security concerns. Ultimately, big data adoption comes down to one question for many enterprises: how can you leverage big data’s potential while effectively mitigating big data security risks?
Regulated Enterprises Face Additional Big Data Security Issues
Concerns surrounding the storage, management, transmission, mining, and analyzing of data are an even bigger issue when regulations come into play. A key example is the HIPAA privacy guidelines for healthcare providers, contractors, and other business associates who may come into contact with, use, or even be responsible for storing sensitive healthcare data.
One of the biggest challenges facing enterprises is the sense of loss of control over data that comes with utilizing cloud storage providers and third-party data management and analytics solutions. The impact of this is significant, as many regulations hold enterprises accountable for the security of data that may not be in their direct control.
Trends like BYOD Further Complicate Big Data Security
Add in trends like Bring-Your-Own Device (BYOD) and the rise in the use of third-party applications, and big data security issues quickly move to the forefront of top enterprise concerns. A December 2013 article from CSO Online states that many of the big data capabilities that exist today emerged unintentionally, eventually finding their place in the enterprise environment.
“Because security is not inherent, enterprises and vendors have to retrofit these systems with security,” notes CSO Online. But retrofitting big data security solutions on a system-by-system basis is not only not cost-effective, it makes the enterprise security process as a whole inefficient and unnecessarily complicated.
Big Data Security Risks Include Applications, Users, Devices, and More
Big data relies heavily on the cloud, but it’s not the cloud alone that creates big data security risks. Applications, particularly third-party applications of unknown pedigree, can easily introduce risks into enterprise networks when their security measures aren’t up to the same standards as established enterprise protocols and data governance policies.
Devices introduce yet another layer of big data security concerns, with workers embracing mobility and taking advantage of the cloud to work anywhere, at any time. With BYOD, a multitude of devices may be used to connect to the enterprise network and handle data at any time, so effective big data security for business must address endpoint security with this in mind.
Additionally there’s the issue of users. Particularly in regulated industries, securing privileged user access must be a top priority for enterprises. Certain users must be permitted access to highly sensitive data in certain business processes, but avoiding potential misuse of data can be tricky. Securing privileged user access requires well-defined security policies and controls that permit access to data and systems required by specific employee roles while preventing privileged user access to sensitive data where access isn’t necessary – a practice commonly referred to as the “principle of least privilege.”
These are just a few of the many facets of big data security that come into play in the modern enterprise climate.
A Multi-Faceted Approach to Big Data Security
Big data security requires a multi-faceted approach. When it comes to enterprises handling vast amounts of data, both proprietary and obtained via third-party sources, big data security risks become a real concern. A comprehensive, multi-faceted approach to big data security encompasses:
- Visibility into all data access and interactions
- Data classification
- Data event correlation
- Application control
- Device control and encryption
- Web application and cloud storage control
- Trusted network awareness
- Access and privileged user control
Many enterprises have slowly – sometimes rapidly – accumulated a series of point solutions, each addressing a single component of the full big data security picture. While this approach can address standalone security concerns, the best approach to big data security integrates these capabilities into a unified system capable of sharing and correlating security alerts, threat intelligence, and other activity in real time – an approach not unlike the concept of big data itself.
Dan Geer: The 5 Myths Holding Your Security Program Back
Dan Geer discusses how security teams of all sizes can get past common information security myths to more effective data protection and security.