Thales Blog

#Infosec13: ‘Big Data Raises Big Security Questions’

April 9, 2013

Big Data raises big security questions

I’m sure that ‘Big Data’ will garner the big interest from visitors at Infosecurity Europe 2013 later this month. The term itself has been around for a while, but it’s only fairly recently that we’ve seen real evidence of the business benefits accruing from Big Data projects.

As part of our #Infosec13 blog series, this week I’m looking at what firms need to think about in terms of ensuring that Big Data implementations don’t create big security and privacy risks.

Businesses have always called on the data stored in their databases to inform business decisions at some level. Significant reductions in the cost of storage coupled with rocketing quantities of available data mean that companies can now keep hold of vast amounts of information in the hope of one day turning it into useful business intelligence – and there’s now real evidence to support the business benefits of mining these Big Data reserves.

For example, a recent report by consultancy firm McKinsey & Company estimated that retailers embracing Big Data initiatives could increase operating margins by more than 60 percent. Businesses with substantial data reserves can use them to unlock competitive advantage.

A big caveat here is that these reserves can also contain information that could cause damage in the event of an accidental leak or intentional hack. Indeed, a Forrester Research report warned that “these massive data stores contain significant amounts of ‘toxic’ data. Toxic data is any data that could be damaging to an organisation if it leaves that organisation's control.”

When you consider that the most well-known Big Data platforms – Hadoop, MongoDB, Cassandra and CouchDB – don’t provide significant security features, businesses must take it upon themselves to implement the appropriate security measures if they wish to avoid leaking any toxic data or running afoul of data protection laws.

The best way to address this is to place strong controls around the data itself, independent of file format, size or location. Creating a data firewall of sorts that includes advanced encryption, putting in place fine-grained access policies, and centrally managing the keys to decrypt sensitive data appropriately ensures that the information in Big Data platforms is protected against unauthorised disclosure, without having to modify applications or re-architect the storage infrastructure.

We’ll be talking more about Big Data and how to properly secure it at Infosecurity. Come chat with us at our booth if this is an issue your business is currently facing.

Paul Ayers is Vormetric’s VP EMEA.