July 3, 2013 By Kimberly Madia 3 min read

How To Protect Big Data Without Breaking Analytics

The new era of computing has arrived: Organizations are anxious to process, analyze and derive maximum value from the power of big data.  However, as the opportunity increases, the challenge of ensuring information is trusted and protected becomes exponentially more difficult. If not addressed head on, confidence in big data outcomes is lost and the desire to act upon new insights is stifled.

With the average consolidated total cost of a data breach estimated to be $3.8 million, there has never been a better time to focus on data protection. Not mention that it is required by more than 50 international laws such has Canada’s Privacy Act, Germany’s Federal Data Protection Act, Argentina’s Personal Data Protection Act and Korea’s Act on Personal Information Protection.  Oh, and one more thing, according to the 2013 IBM XForce Report, data breaches are up 40%!

Now hopefully you are convinced to read on.

Three Quick Tips for Protecting Sensitive Data

The question becomes, how can you support business goals and real time analysis while also ensuring the protection of sensitive data no matter what form it takes – structured, streaming, files and more?

While this may seem like a daunting task, specific data protection issues can be addressed with a focused practical approach that offers concrete benefits in the near term.  The protection of sensitive information from eyes that don’t need to see it—whether the eyes reside within the organization or within a contractor or other trusted partner—is a reasonable and achievable objective.  Let’s break down the problem into three quick tips.

1. Discover and Understand Sensitive Data

Ask 5 of your colleagues what data records constitute payment card information and you are likely to get 5 different answers. Before rolling out an enterprise data protection strategy, you should convene a cross functional team to decide what constitutes sensitive data and what should be protected.

Not all data is high risk. Many have failed, because they don’t understand the distributed data landscape and where the sensitive data resides.  Keep in mind, sensitive data is duplicated and shared across production systems, non-production systems and with third parties like business partners and vendors.

2. Monitor and Audit Data Activity Without Slowing Down Performance

Monitoring and auditing data activity will give you complete insight into the who, what, when and how of all data transactions. With a complete access history, you can understand data and application access patterns, prevent data leakage, enforce data change controls and respond to suspicious in real time.

Leading monitoring solutions also deliver automated compliance reports on a scheduled basis, distribute them to oversight teams for electronic sign-offs and escalation and document the results of remediation activities. Beware of solutions that rely on native logging as they will likely inhibit rather than support your ability to do analytics in real time.

3. Mask Sensitive Information in Applications, Databases, Reports, Analytics and Documents

Mask sensitive information in applications, databases, reports, analytics and documents facilitates information sharing and analytics without compromising data privacy

Yes – You got that right. You can mask data inside your analytics platforms without breaking anything! The technology known as semantic masking de-indentifies data in context based on rules to ensure accurate and consistent results for analytics.  The value of semantic masking is to retain the utility (usefulness) of the data while also adhering to compliance/regulation requirements.

Let’s explore an example scenario. Semantically masked data will have the same symptoms and gender but the age, family income and ethnicity are intelligently masked to the proper range and to a valid set of data points.  The result is researchers achieve valid results while protecting privacy.

With 2.5 quintillion bytes of data created every day, now is the time to understand sensitive data and establish business-driven security policies to keep customer, business, personally identifiable information (PII) and other types of sensitive data safe. A focus on discovery, monitoring and auditing and data masking are the foundation of a successful data security strategy.

The bottom line – the increasing number of analytics systems storing sensitive data exponentially increases the risk of a breach– more data stores means far greater risk.

More from Data Protection

SpyAgent malware targets crypto wallets by stealing screenshots

4 min read - A new Android malware strain known as SpyAgent is making the rounds — and stealing screenshots as it goes. Using optical character recognition (OCR) technology, the malware is after cryptocurrency recovery phrases often stored in screenshots on user devices.Here's how to dodge the bullet.Attackers shooting their (screen) shotAttacks start — as always — with phishing efforts. Users receive text messages prompting them to download seemingly legitimate apps. If they take the bait and install the app, the SpyAgent malware gets…

Exploring DORA: How to manage ICT incidents and minimize cyber threat risks

3 min read - As cybersecurity breaches continue to rise globally, institutions handling sensitive information are particularly vulnerable. In 2024, the average cost of a data breach in the financial sector reached $6.08 million, making it the second hardest hit after healthcare, according to IBM's 2024 Cost of a Data Breach report. This underscores the need for robust IT security regulations in critical sectors.More than just a defensive measure, compliance with security regulations helps organizations reduce risk, strengthen operational resilience and enhance customer trust.…

Skills shortage directly tied to financial loss in data breaches

2 min read - The cybersecurity skills gap continues to widen, with serious consequences for organizations worldwide. According to IBM's 2024 Cost Of A Data Breach Report, more than half of breached organizations now face severe security staffing shortages, a whopping 26.2% increase from the previous year.And that's expensive. This skills deficit adds an average of $1.76 million in additional breach costs.The shortage spans both technical cybersecurity skills and adjacent competencies. Cloud security, threat intelligence analysis and incident response capabilities are in high demand. Equally…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today