Interviews

Big data management

by Mark Rowe

Big data can be of significant value and extremely useful to an organisation, but its use can also be a primary privacy concern, writes Guillermo Lafuente, Security Consultant at MWR InfoSecurity.

As big data contains such significant quantities of information that can be used to identify users, the penalties that follow from a data breach can be largely disruptive and damaging. Organizations not only risk having their reputation tarnished, but also have to face heavy legal consequences. By acknowledging the challenges that are frequently faced, and by following a selection of best practices, companies can make sure they’re doing all they can to protect the privacy of their users’ sensitive data and information.

Data anonymisation

Prior to the data being stored, it should be anonymised sufficiently to an acceptable degree so that any key identifiers for individual users have been totally removed. Another essential step to this is encryption. Encryption of the information is crucial, as simply removing the data makes no guarantee that it will remain absolutely unidentified.

Data encryption

Encryption is without doubt one of the most secure ways to protect information. However, it can also be the source of issues when it comes to data storage in the cloud. When sent to the cloud, data cannot be encrypted in case the cloud has to perform operations over the data. To bypass this problem, Fully Homorphic Encryption (FHE) should be used. By using FHE, the cloud data is then able to perform operations over the encrypted data – this results in new encrypted data being created.

Ownership and access

When data is being held within the cloud, it should be previously determined who has exact ownership of the information. It’s also quite vital that a trust boundary is agreed and established between the data owners and the data storage owners. Another important part in protecting data is access control mechanisms. Access controls are key in keeping data secure. Usually, operation systems and applications provide the access control and limit the access to the data. If the operating system suffers a breach, then the data is unavoidably exposed. Encryption can be used to enhance the security. By incorporating encryption, then the data can only be decrypted if the person who is trying to access it, has permission by an access control policy.

Be aware that software that usually stores big data, such as Hadoop, normally has the default setting of no user authentication being needed. The problem with this is that it leaves the information vulnerable to the access of any unauthorised individual. It is so important for organizations to regulate the settings and check that some form of authentication is needed before a user can access the information.

Big data management is still quite a new notion, so a standardised list of best practices is not yet in existence. This doesn’t mean, however, that organisations can’t still follow several suggested steps to ensure the best security for their data. If big data is handled with its security in mind, then organisations can make sure they’re keeping themselves and their customers safe:

– Examine your cloud providers at length: when storing big data in the cloud, you need to be certain about whether your cloud provider has satisfactory protection mechanisms in place. Make sure that the provider carries out sporadic security audits and agree on penalties in case appropriate security standards haven’t been met.
– Produce a decent access control policy: generate policies that consent access to authorised users only.
– Guard the data: Both the raw data and the product from analytics should be protected. Encryption has to be used accordingly so that no sensitive data is leaked.
– Protect communications: Data in transit should be adequately protected to ensure its confidentiality and integrity.
– Use real-time security monitoring: Access to the data should be constantly monitored. Threat intelligence should be used to thwart unauthorised access to the sensitive data.

Related News

  • Interviews

    Data protection in 2016

    by Mark Rowe

    Mike Weston, pictured, CEO of data science consultancy Profusion, discusses what issues will affect data protection and security in 2016. When we…

  • Interviews

    IT survey

    by Mark Rowe

    Most executives and IT managers don’t know the number of shadow IT apps within their organisation; but they want to. That’s according…

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing