All Articles

Big Data Security Challenges and Recommendations!

Posted by pritha on February 2, 2015 at 1:00am

This is a great Big Data webinar(15 min), hosted by CISO Platform and briefly points out the Security Challenges and also Recommends Some Fixes. It is presented by Head of Development at Iviz.

What will you learn:
- Key Insights on Existing Big Data Architecture
- Unique Security Risks and Vulnerabilities of Big Data Technologies
- Top 5 Solutions to mitigate these security challenges

Watch the 15min Power Webinar:

(Read more:  Technology/Solution Guide for Single Sign-On)

View Presentation/PPT:

3 Major Subheads Covered:

Key Insights on Big Data Architecture

  • Big Data is Distributed architecture eg. Hadoop
  • Data Partition, Replication and Distribution among nodes
  • 2 types of data- Hot(used more frequently) & Cold data(used less frequently)
  • Auto-Tiering feature- Hot data->high performance disk drive & Cold data->low performance disk drive
  • Easier to move Code instead of Data
  • Real Time Streaming and Computation
  • Collects data from various sources -Social Media,Meter Metadata,GIS etc.
  • Supports AdHoc Queries
  • Massive Parallel & Powerful Programming Framework

Top 5 Big Data Security Risks 

  • Insecure Computation - Risks of loss of sensitive data, DOS, Data Corruption
  • Input Validation and Filtering - Huge data flow, Challenge to validate the sources & Behavioral data, Risk of Rogue code
  • Granular Access Control - Performance Vs Security, AdHoc Queries can reveal sensitive data,Access Control default disabled
  • Insecure Data Storage(in nodes) - Authorization, Authentication & Encryption is challenging, Autotiering -> Moves cold data to less secure medium, Secure communication -> Between End user & Node is disabled by default
  • Privacy concern in data control & Analytics - Monetization models mostly include this, Sharing these results face challenges like privacy & marketing intrusion, Unintentional data disclose
    Example-AOL, Netflix

Top 5 Best Practices

  • Secure computation code
  • Implement Comprehensive Input Validation & Filtering
  • Implement Granular Access Control
  • Secure Data Storage and Computation
  • Review & Implement Privacy (preserving data mining & analytics)

(Read more: CISO Guide for Denial-of-Service (DoS) Security)

Views: 144
E-mail me when people leave their comments –
Follow
Posted by pritha

CISO Platform

You need to be a member of CISO Platform to add comments!

Join CISO Platform

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Join CISO Community Share Your Knowledge (Post A Blog)