BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Information privacy and Big Data

From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Mon, 2 Feb 2015 19:05:00 -0700
http://www.scmagazine.com/information-privacy-and-big-data/article/393036/

Big Data is arguably one of the killer apps to emerge over the past decade.
The technology originated from a technique developed by Google called
MapReduce, which uses parallel processing to generate analytics from
massive amounts of data. An open source version of MapReduce, called
Hadoop, has effectively “democratized” the availability of Big Data. With
this easy-to-use platform, enterprises are finding new ways to solve
problems and extract value from data.

However, Big Data analytics often involve access to data that should be
protected, such as medical records, tax information and personally
identifiable information (PII). Security and compliance professionals need
to ensure Big Data deployments do not violate access control policies with
respect to this information.

Within a Hadoop infrastructure there are several levels of authorization,
including access to the Hadoop cluster, inter-cluster communications and
access to the data sources. Many of these authorizations are based on
Secure Shell (SSH) because the authentication protocol is considered secure
and has good support for automated machine-to-machine (M2M) communication.
The access control issues are straightforward:

First, who sets up the authorizations to run Big Data analytics? Next, we
need to ask how are those authorizations and credentials managed and what
happens when there are personnel changes? As well, we must determine
whether authorizations are based on “need to know” security principles.

To protect sensitive information accessed by Big Data analytics, the
following best practices are recommended:

Discover: Take an inventory of the authorizations and identities within the
Big Data environment.
Monitor: Track the use of those identities. Find out which identities are
not needed and can be removed.
Manage: Establish centralized control over identity management in the Big
Data environment.

Big Data has opened up new access to business-critical data. Organizations
need to keep pace with resulting security concerns and bring Big Data under
a sound identity and access management umbrella.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!
Previous By Date Next
Previous By Thread Next

Current thread: