We seem to need more and more big data solutions. More and more people are getting a device and connect and share lots of data. Data volume increases at a rapid paste, which leads to new possibilities. But this also brings new challenges as we see in the news. Personal data leaks, new methods of onlinebanking attacks and ransomware are becoming a normality. The need for good data security becomes more important every day.
Big data offers of lot of opportunities for companies and governments but to reap the full benefit big of big data, data security is a absolute necessity. The way big data is structured makes it a big challenge.
When securing big data companies face a couple of challenges:
When transferring sensitive data from point to point encryption is a must some would say. But still a number of the companies that deal with big data have no encryption at all.
While Edward Snowden emphasizes in an interview with the NYTimes that encryption is a absolute must for journalist to protect their identitty. Some say that end-to-end encryption is not always necessary, for example when dealing with some scientific- or IoT data. When the sender and reciever are trusted the only protection needed is the encryption of the transport layer.
There are two states that data can be encrypted, those are when the data is stored, referred as: data-at-rest and when data is transferred or moving from one point to another: data-in-transit. Re Evaluating these forms of data retention and processing can help companies efficiently manage their data security.
When processing and dealing with big data, companies face a huge challenge in order to meet the local and global compliance rules. Especially companies that use sensitive information as personal or financial data. And with the growth of big data and the increase in compliance rules this becomes a serious challenge.
Usually companies have authorization- and authentication policies that should ought to prevent big data leaks. But these are not always carefully executed as they should. A big factor is the sharing of account privileges with others (sometimes even other companies). Although other companies may seem “trustworthy” and maybe they are, one can simply not rely on external security. When data or privileges leave the company it increases the risk of a data breach.
The most important part of Big Data is analysing the information. Data analytics are not often not concerned by the security of big data, how it was gathered. They want to access all the data and start with the analysing process.
The balance that needs to be sought here is to make sure the data analyst can “do his work” and the data is being secured at all times. This shouldn’t be a big problem if the analyst is processing the data under the umbrella of the companies security.
But when accessing the data from a remote computer or the data is taken by the analyst outside of the company this becomes a security risk.
As in all connection related security, as the famous proverb says: A chain is as strong as it weakest link. Which in most cases are the employees when maintaining big data structures and the security policies. A company can have the best big data security tools and security policies, but they are wasting time resources and money if the employee does not uphold the security standards. Educating the employees is thus as important as the implementation of big data security measures.
- Complicance Challenges