Big-data will gain momentum in 2013 thanks to the maturing of advanced databases and semantic technologies. While the business side is dreaming of the riches big-data promises in the form of new products and business insights, your IT department gets stuck with a monumental task: security.
As fields and records continue to grow within databases such as Hadoop (a frequent topic here), things can get overwhelming. At some point, database managers can lose focus and allow human error to kick in. Access to sensitive datasets can easily be granted to the wrong groups of users. That can lead to a downward spiral where confidential data begins leaking out of your massive database without your ever learning about it.
This is especially troubling for companies that are looking to build big-data stacks for highly sensitive subject matter, such as financial information or health records. Smaller databases are easier to manage and have fewer groups of users looking to tap that information. But with big-data, everything is stored under one roof, and there are lots of users who are clamoring to get their hands on all that malleable (and valuable) information.
If they're going to have all this data, it is important for CIOs to concentrate on the basics first, including security. They need to make sure their database administrators are careful to organize the data in a clear and meaningful way. They must always have a sharp eye on the most sensitive pieces of information. They need to know where this data resides at all times and who should have access. Data classification and data flow mappings are crucial, especially from a compliance perspective. It's best that both your database administrators and your security administrators fully understand how these function within the database.
It is also important to monitor and regularly audit data requests from various groups. Ask why a particular user or group needs to be granted access to specific datasets -- or access to the database at all. Databases should be treated with the utmost respect, and that includes strictly limiting access to a narrow group of users. You may end up looking like the bad guy, but at least you'll keep your data safe. And from a career longevity standpoint, it's better to protect your data than it is to make friends with the marketing or sales team.
Before you take your ambitious big-data goals and run with them, take the time to plan out your organization's strategy. Make sure all administrators understand the ground rules and have detailed policies to handle day-to-day operations, as well as security incidents. Believe me -- they will occur. When you're dealing with the amounts of data these databases can collect and manipulate, even the most organized database administrators are likely to make mistakes from time to time.
Educating end users on best practices is crucial. Now is an important time to do so. Performing risk assessments is a good way to mitigate. Understanding where a lot of the risk and vulnerabilities are can add to prevention and identify problems. Good risk management practices can prevent emerging security risks and threats.
@Curtis: Well, if its the doing of insiders, I believe there is no power in this world that can "stop" them. Yes, they might get caught in the end, however, blocking an intrusion of data from the inside will be as tough as trying to stop a suicide attack.
Yes, data security and breaches are a known fact. Amongst all types of organizations to date. The majority of these attacks can be prevented by implementing basic security measures. There has to be faster adoption to learning how to deal with these issues and more aggressively.
It freaks me out a little that as a tiny part of that big data my finacial data and health data is floating around as companies try to come to grips with who get access to it. For any companies starting to handle big data, how are you changing your security to compensate?
@Andrew, you're absolutely right: If companies really wrapped their collective heads around the fact that some of the biggest dangers to their data come from insiders it would make for much different policies in much of the industry.
You're right Curt - There's just no interest in it from job or responsibility change perspective. I think much of the reason has to do with people thinking "well, they're still part of the company, so the risk is low". But as we all know, this type of thinking can lead to all kinds of problems down the road.
The blogs and comments posted on EnterpriseEfficiency.com do not reflect the views of TechWeb, EnterpriseEfficiency.com, or its sponsors. EnterpriseEfficiency.com, TechWeb, and its sponsors do not assume responsibility for any comments, claims, or opinions made by authors and bloggers. They are no substitute for your own research and should not be relied upon for trading or any other purpose.
Enterprise Efficiency is looking for engaged readers to moderate the message boards on this site. Engage in high-IQ conversations with IT industry leaders; earn kudos and perks. Interested? E-mail: firstname.lastname@example.org
Now that TGen has broken new ground in genomic research by using Dell's storage, cloud, and high-performance computing solutions, the company discusses what will come next for it and for personalized medicine.
The Translational Genomics Research Institute wanted to save lives, but its efforts were hobbled by immense computing challenges related to collecting, processing, sharing, and storing enormous amounts of data.
At the GigaOM Structure conference, a startup announced a cloud and virtualization storage optimizing approach that shows there's still a lot of thinking to be done on the way storage joins the virtual world.
We always hear about "Big" data, but a real issue in cloud storage is not just bigness but also persistence. A large data model is less complicated than a big application repository that somehow needs to be accessed. The Hadoop send-program-to-data model may be the answer.
EMC's Project Lightning has matured into a product set, and it's important, less because it has new features or capabilities in storage technology and management, than because it may package the state of the art in a way more businesses can deploy.