Data Protection November 17, 2016
By Gregg Barrow 3 min read

Big data has become a critical business tool and a transformative force for enterprises across multiple industries and geographies. Vast amounts of data are now organized, available and ready to be analyzed, leading to advanced tactics and strategies that were previously impossible.

But prior to adopting a big data and analytics solution, business leaders should answer a few fundamental questions: How will big data solutions affect my organization’s security profile? What governance is needed? Are my existing technology solutions sufficient?

Big Data Solutions: Handy Tools and Juicy Targets

Data proliferation has led to greater amounts of data passing through networks. Through big data solutions, organizations can aggregate, index and analyze many types of data. These solutions allow organizations to find patterns and correlations in the data that can potentially reveal new business insights.

The ability to consume and process this data makes big data solutions appealing to many organizations. However, what makes these solutions attractive to business leaders also makes them attractive to bad actors. Think of big data as a digital library that provides organizations with an index to easily locate and access files. If a cybercriminal were to gain access to this index, he or she would have a direct line to the organization’s most sensitive information.

Big data environments are tempting targets, and defending them puts additional stress on the security personnel and systems tasked with data protection. In addition, the exponential growth of data is leading to challenges beyond security, including governance issues related to data accuracy, accessibility, completeness and consistency. Organizations can avoid feeling overwhelmed when implementing a big data solution by effectively managing and protecting their environments with an integrated governance and technology strategy.

Governance and Data Reservoirs

With respect to governance, big data solutions call for an agile approach to profiling and understanding data as it is ingested. This enables organizations to implement appropriate controls as the data is profiled without inhibiting the speed and flexibility of technologies.

Data lakes, for example, present a unique security challenge since they allow organizations to access and process many types of data within a distributed environment. To address these challenges, organizations can utilize enhanced, agile governance to better organize data lakes, creating what is known as a data reservoir.

Within a data reservoir, organizations ensure that data is properly cataloged and protected as it is ingested by the data lake. To do so, a data owner classifies the information sources that feed the reservoir and determines how the data should be managed, including access control, quality control, masking of sensitive data and data retention periods. No data should enter the reservoir without being cataloged upfront, which enables the immediate application of appropriate security controls. This agile governance approach should be applied across all big data solutions.

Technology Considerations

From a technology standpoint, organizations should leverage existing platforms where possible and supplement with additional tools as required. At a minimum, organizations should consider coverage of the following areas:

  • Configuration and vulnerability management: Are traditional security tools sufficient to protect and secure the data?
  • Identity and access management (IAM): Are the requests for sensitive information authorized and valid?
  • Network traffic encryption: Are attackers able to intercept and access the data in motion?
  • Metadata management: Is your metadata sufficient to let you know where and how that information came into existence? Is your data usable?
  • Encryption and masking for structured data and redaction for unstructured data: Are the sensitive information assets protected from unprivileged users?
  • Data activity monitoring: Are there unusual error patterns indicating a possible attack?
  • Blocking and prevention: Are there new requests for analysis that were not scheduled or known?

The effort to strike the right balance of governance and technology is a continuous process and will be unique to each organization. However, by focusing first on governance and fundamental security components, an enterprise will be well on its way to securing its big data solution.

Read the solution brief: Top tips for Big Data Security

 |  |  |  |  |  | 
Gregg Barrow
Vice President & Managing Partner, Americas Security Services, IBM Security

Gregg is the Americas’ Security Services Leader for IBM Security. In this role he manages consulting, systems integration and managed services across the U...

More from Data Protection
Cloud Security   March 15, 2023

The Importance of Modern-Day Data Security Platforms

Data is the backbone of businesses and companies everywhere. Data can range from intellectual property to critical business plans to personal health information or even money itself. At the end of the day, businesses are looking to grow revenue, innovate, and operationalize but to do that, they must ensure that they leverage their data first because of how important and valuable it is to their organization. No matter the industry, the need to protect sensitive and personal data should be…

Data Protection   March 7, 2023

Meeting Today’s Complex Data Privacy Challenges

Pop quiz: Who is responsible for compliance and data privacy in an organization? Is it a) the security department, b) the IT department, c) the legal department, d) the compliance group or e) all of the above? If you answered "all of the above," you are well-versed in the complex world of compliance and data privacy! While compliance is a complex topic, the patchwork of regulations imposed by countries, regions, states and industries further compounds it. This complexity has turned…

Data Protection   March 1, 2023

The Digital World is Changing Fast: Data Discovery Can Help

The rise in digital technology is creating opportunities for individuals and organizations to achieve unprecedented success. It’s also creating new challenges, particularly in protecting sensitive personal and financial information. Personally identifiable information (PII) is trivial to manage. It’s often spread across multiple locations and formats and can be challenging to find and classify. Organizations need a modern data discovery and classification solution to identify sensitive data across physical, virtual and public clouds. The Current State of Sensitive Data Discovery and…

Intelligence & Analytics   February 21, 2023

Backdoor Deployment and Ransomware: Top Threats Identified in X-Force Threat Intelligence Index 2023

Deployment of backdoors was the number one action on objective taken by threat actors last year, according to the 2023 IBM Security X-Force Threat Intelligence Index — a comprehensive analysis of our research data collected throughout the year. Backdoor access is now among the hottest commodities on the dark web and can sell for thousands of dollars, compared to credit card data — which can go for as low as $10. On the dark web — a veritable eBay for…

© 2023 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature