July 3, 2013 By Kimberly Madia 3 min read

How To Protect Big Data Without Breaking Analytics

The new era of computing has arrived: Organizations are anxious to process, analyze and derive maximum value from the power of big data.  However, as the opportunity increases, the challenge of ensuring information is trusted and protected becomes exponentially more difficult. If not addressed head on, confidence in big data outcomes is lost and the desire to act upon new insights is stifled.

With the average consolidated total cost of a data breach estimated to be $3.8 million, there has never been a better time to focus on data protection. Not mention that it is required by more than 50 international laws such has Canada’s Privacy Act, Germany’s Federal Data Protection Act, Argentina’s Personal Data Protection Act and Korea’s Act on Personal Information Protection.  Oh, and one more thing, according to the 2013 IBM XForce Report, data breaches are up 40%!

Now hopefully you are convinced to read on.

Three Quick Tips for Protecting Sensitive Data

The question becomes, how can you support business goals and real time analysis while also ensuring the protection of sensitive data no matter what form it takes – structured, streaming, files and more?

While this may seem like a daunting task, specific data protection issues can be addressed with a focused practical approach that offers concrete benefits in the near term.  The protection of sensitive information from eyes that don’t need to see it—whether the eyes reside within the organization or within a contractor or other trusted partner—is a reasonable and achievable objective.  Let’s break down the problem into three quick tips.

1. Discover and Understand Sensitive Data

Ask 5 of your colleagues what data records constitute payment card information and you are likely to get 5 different answers. Before rolling out an enterprise data protection strategy, you should convene a cross functional team to decide what constitutes sensitive data and what should be protected.

Not all data is high risk. Many have failed, because they don’t understand the distributed data landscape and where the sensitive data resides.  Keep in mind, sensitive data is duplicated and shared across production systems, non-production systems and with third parties like business partners and vendors.

2. Monitor and Audit Data Activity Without Slowing Down Performance

Monitoring and auditing data activity will give you complete insight into the who, what, when and how of all data transactions. With a complete access history, you can understand data and application access patterns, prevent data leakage, enforce data change controls and respond to suspicious in real time.

Leading monitoring solutions also deliver automated compliance reports on a scheduled basis, distribute them to oversight teams for electronic sign-offs and escalation and document the results of remediation activities. Beware of solutions that rely on native logging as they will likely inhibit rather than support your ability to do analytics in real time.

3. Mask Sensitive Information in Applications, Databases, Reports, Analytics and Documents

Mask sensitive information in applications, databases, reports, analytics and documents facilitates information sharing and analytics without compromising data privacy

Yes – You got that right. You can mask data inside your analytics platforms without breaking anything! The technology known as semantic masking de-indentifies data in context based on rules to ensure accurate and consistent results for analytics.  The value of semantic masking is to retain the utility (usefulness) of the data while also adhering to compliance/regulation requirements.

Let’s explore an example scenario. Semantically masked data will have the same symptoms and gender but the age, family income and ethnicity are intelligently masked to the proper range and to a valid set of data points.  The result is researchers achieve valid results while protecting privacy.

With 2.5 quintillion bytes of data created every day, now is the time to understand sensitive data and establish business-driven security policies to keep customer, business, personally identifiable information (PII) and other types of sensitive data safe. A focus on discovery, monitoring and auditing and data masking are the foundation of a successful data security strategy.

The bottom line – the increasing number of analytics systems storing sensitive data exponentially increases the risk of a breach– more data stores means far greater risk.

More from Data Protection

Data security tools make data loss prevention more efficient

3 min read - As businesses navigate the complexities of modern-day cybersecurity initiatives, data loss prevention (DLP) software is the frontline defense against potential data breaches and exfiltration. DLP solutions allow organizations to detect, react to and prevent data leakage or misuse of sensitive information that can lead to catastrophic consequences. However, while DLP solutions play a critical role in cybersecurity, their effectiveness significantly improves when integrated with the right tools and infrastructure. Key limitations of DLP solutions (and how to overcome them) DLP…

Defense in depth: Layering your security coverage

2 min read - The more valuable a possession, the more steps you take to protect it. A home, for example, is protected by the lock systems on doors and windows, but the valuable or sensitive items that a criminal might steal are stored with even more security — in a locked filing cabinet or a safe. This provides layers of protection for the things you really don’t want a thief to get their hands on. You tailor each item’s protection accordingly, depending on…

What is data security posture management?

3 min read - Do you know where all your organization’s data resides across your hybrid cloud environment? Is it appropriately protected? How sure are you? 30%? 50%? It may not be enough. The Cost of a Data Breach Report 2023 revealed that 82% of breaches involved data in the cloud, and 39% of breached data was stored across multiple types of environments. If you have any doubt, your enterprise should consider acquiring a data security posture management (DSPM) solution. With the global average…

Cost of a data breach: The evolving role of law enforcement

4 min read - If someone broke into your company’s office to steal your valuable assets, your first step would be to contact law enforcement. But would your reaction be the same if someone broke into your company’s network and accessed your most valuable assets through a data breach? A decade ago, when smartphones were still relatively new and most people were still coming to understand the value of data both corporate-wide and personally, there was little incentive to report cyber crime. It was…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today