Is This The Best Guide To Big Data Security Yet?

15th September, 2016 by
As we’ve been banging on about for some time, ensuring privacy and security are key to the ongoing acceptance and success of big data. But it’s been very hard for businesses to find a simple, comprehensive guide that outlines the steps an organization must work through to ensure its big data systems and initiatives effectively minimize the risk of any breaches. Fortunately, the Cloud Security Alliance (CSA)’s Big Data Security and Privacy Handbook, published at the end of August, could be just what’s needed.

The freely downloadable handbook, entitled ‘100 Best Practices in Big Data Security and Privacy’, is arguably the best attempt yet at breaking down all the areas of concern into digestible, bite-sized chunks that reveal both the ‘whys’ and the ‘hows’ of securing today’s cloud-based big data systems.

10 Challenges, 100 Checkpoints

Split into 10 sections of 10 points each, the handbook covers all the major big data security and privacy challenges faced by organizations, and the essential strategies for overcoming them. It doesn’t shy away from the technical specifics – which are, after all, critical – but it’s succinct enough to give even less technical IT managers a comprehensive checklist to ensure not only that their teams and are doing everything by the book, but that they can also effectively evaluate and monitor third-party big data service providers.

Based on previous research, the CSA identifies the following top-line challenges:

  1.     Securing computations in distributed programming frameworks such as Hadoop.
  2.     Best practice for securing non-relational data stores (e.g. NoSQL databases).
  3.     Securing data storage and transaction logs.
  4.     Endpoint input validation and filtering.
  5.     Real-time security and compliance monitoring.
  6.     Preserving the privacy of users when analyzing big data.
  7.     Big data cryptography.
  8.     Effective granular access control.
  9.     Implementing granular audits.
  10.  Data provenance security.

For each of these areas, the handbook drills down into ten different aspects that must be considered, outlining specific strategies and technologies that need to be in place. To secure computations in distributed frameworks, for instance, it explains (among other things) how to implement robust identity and access control, effectively strip identifying elements from data, prevent unauthorized access and ensure compliance with company security policies.

“An Important And Significant Initiative”

The CSA’s executive VP of research, JR Santos, believes the handbook is an important and significant initiative. “New security challenges have arisen from the coupling of big data with public cloud environments. As big data expands through streaming cloud technology, traditional security mechanisms tailored to secure small-scale, static data on firewalled and semi-isolated networks are inadequate,” he said. “Security and privacy issues are magnified by this volume, variety, and velocity of big data.”

Security: The Key To Survival

Although it is difficult to quantify the business impact and precise costs of big data breaches, a comprehensive new report from Deloitte suggests they can be staggeringly high. The report highlights the case of one US health insurer, for instance, which lost a laptop containing 28 million personal health records.

Given the terabytes and petabytes of big data that a growing number of organizations are storing and analyzing now – and hope to expand exponentially in future – this breach of several years ago would today rank at the lower end of what we now consider ‘big’ data.  Nonetheless, factoring in the ‘below the surface’ impacts since the incident occurred, the report shows how it has cost the insurer in excess of $1.67 billion. This illustrates how critical it is for firms to get big data security right – not just to ensure the field succeeds, but also to avoid jeopardizing their own financial survival.