Big Data Security Challenges
In the recent years, due to various economic, social & technological advancements, IT has enabled enterprises to accumulate huge amount of data from various channels and it is continuing grow in multiples. This has created the need to innovate, understand and leverage these Big data.
In the digital era, Big data is evolving as a game changer for any business. Most of the enterprises started giving importance to leverage their data which could help in Data monetization. Big Data Industry shaping to a new level of maturity by stream lining the data organization & processing methodologies, thru data science and data analytical techniques, machine learning etc. In this fast moving business trend, often enterprises overlook the security aspects around Big data management. Lack of security focus on data management could lead to serious potential threats to business.
While most of the conventional Security aspects of an Enterprise are applicable and adapted, they are often overseen due to big data characteristics (like huge volumes, raw/unstructured nature of data, diversified data etc.). Following points would try and help to look in to some of the security aspects which need to be considered during Big data management. While the objectives behind the below points is not to provide a standard security solutions, at the same time it is an attempt to trigger few thoughts around security practices which needs to be adopted while performing Big data operations. Later it should ignite the security practices which need to be implemented.
- Enterprise security: All the enterprise security guidelines and principles which include infrastructure, technology, and application security are still applicable. But sometimes enterprises ignore the standards & compromise in order to meet the required speed to process high volumes of data.
- Secure Data persistence: Due to high volumes of data, often it is overlooked to secure the data using encryption patterns before storing it in the persistent stores. But any leak around sensitive data could lead to potential threat/loss to business. I understand that we will end up with performance challenges in encrypting the complete data. However at least it is very important to secure sensitive or critical data.
- Security best practices for non-relational data: Industry has already gone thru the matured trend of relation data technologies and seen robust security enforcements. However NoSQL is still evolving and we expect to see some more improvements. In general all the non-relational data is stored in the form of Key-value or key-data structure, which are transparent in nature. Some of the vendors in this area do provide security for their products which deal with unstructured data. However these security best practices, still needs to be matured to eliminate data leak issues.
- Secure data processing: Most of the time, big data processing is done as part of the back-end processing activity, hence there will be less focus on processing the data in secured environments. The processing environments with weak access controls could lead to potential hacking issues. The servers should be secured with proper authentication and authorization controls. Also the data which floats between the servers needs to be protected with SSL/Digital certificates.
- Transaction Logs: Since Big data operations has back-end operational characteristics, often due course, developers ignore the need of securing transactional data and end up logging sensitive information which can be seen by anyone.
- Enable Audit Control: Whether data is big or small, it needs continuous monitoring to avoid misuse/corruption. Proper audit controls needs to be built and executed on top of data processing and accessing layers. It is very important to enforce the granular audits by process engineering team to ensure that big data operations are secured and in compliance.
- Access to Granular Data: Often big data operations include running adhoc queries, which could lead to access to valuable information. Having programmable audits to deal this situation may also be a bit tough. Hence, these process needs to be streamlined with robust access controlling mechanisms.
- Protecting results: Big data processing results are most valuable and game changers for any organization. Any information leak of the results to a competitor could lead to severe damage to the organization. Hence the organizations should emphasize on the protecting data operations and its results.
- Disclosing sensitive information: It talks about the information which should not be accessible to mass segment of stake holders. It is the responsibility of enterprise Governance team to ensure that, security layers are established around the sensitive information to ensure that it is not disclosed intentionally or un-intentionally.
- Raw collected information: In lots of cases, Big data is generated thru many diversified data sources, which is in raw form. Though this data may not give significant meaning without proper analytical operations, still, it is very important to safeguard this type of data, channels, and repository.
I am sure, as and when, we continue to work more on Big data engagements, we might experience few more new challenges. Well, I also understand that all of the above security measures implementation may not be possible overnight and might take some time to inculcate the security solutions in to enterprise. It is the responsibility of enterprise governance team to assess the need, prioritize & act. I wish & hope very soon, Industry would come up with Big data standards, which helps organizations to deal with ongoing and upcoming issues.
Thank you so much for sharing the details, what tools are available to check Big Data security?
Pretty much crisp but comprehensive source of information Naveen. Loved reading.. The days are passing, we all are having access to more and more digital devices, through which we are 'creating' data/information all the time. Every moment of us is being tracked(whether we wish or not!) by apps in our smart phone/tabs/car infotainment systems; Now those data if come together have to be really 'Big' and surely 'Bigger' every next year. To process that big chunk of unstructured data we(IT industry) have to move towards fast analytical methodologies and practices, and for handling that distributed enormous data processing we definitely need 'Giant' computational power (Cloud computing) as Super computer is not a feasible idea! To feed this entire two big wings of IT industry, data has to be flown freely every where. So the ISPs will play key role to give people access to internet data in very cheap cost(one day may be 100GB/1000INR monthly).And in this new 'mobility world' no body wants to sit in table chair PC laptop fashion!! So Smarter phone is the way ahead; today's mobile companies just have to feed enormous data to run the show, and security will be the key concern in that era. No doubt, IT has its future! :)
Nice piece of information Naveen.
Good article. Good job Naveen Kumar Patha
Informative write up, Naveen !!! Exposing all kinds of vulnerabilities. This would definitely help managers look for better Risk Management Strategies in Digital transformation engagements.