Brought to you by FireKing Security Group.
It’s easy to be afraid of the unknown. Because adopting a big-data strategy is new, it may seem daunting and cause a measure of anxiety. But that doesn’t mean small- and mid-size companies should shy away from it. That is why it is important to closely examine the sixth and final myth regarding big data.
Myth No. 6: Big data is dangerous.
Truth: There is a certain amount of danger in every new endeavor. But venturing into the world of big data is not any more perilous than embarking on any other new technology. If companies are concerned about security, they should be aware that big data requires the same controls and vigilance efforts inherent in any technology strategy, including:
- Proper password and authentication controls
- Encryption of data
- Hardened OS
- Disaster recovery
- Load balancing
- Read-only devices
- Outbound traffic, utilizing VPN where possible for bi-directional traffic
However, it is worth recognizing that there are risks associated with some big data technologies. For example, any technology that is not well understood will introduce new vulnerabilities. With the introduction of big data, there is a possibility that incoming data could be intercepted or corrupted in transit. Data in storage could be stolen. And data that is sent out could be vulnerable to hackers or other malicious parties. If there are attacks, these could crash the server and result in financial repercussions, including losses, litigation costs and fines.
All that said, securing data is not a complicated task. While there are many facets to securing big data, a few measures are critical. One of the best and simplest ways to guarantee security is encryption (mentioned above). Encrypting data means that both incoming and outgoing information is totally protected. Unless they have the keys to unlock it, bad players, such as hackers, will not be able to access encrypted data.
Building a strong firewall is another part of the security solution. This works to filter traffic that both enters and leaves servers. Storage management is a third key element of the security equation. If information is stored on the cloud, it’s important to make sure that the provider is using sufficient protection mechanisms. The provider should also conduct periodic security audits.
Other smart actions to put in place: endpoint security, which includes using trusted certificates; doing resource testing; and connecting only trusted devices to the network through a mobile device management solution (beyond antivirus and malware protection software). Finally, controlling who has access to analytics platforms is another way to secure the data. Only authorized users should have access.
If there is an attack, there should be a cohesive audit view, with a full audit trail. Audit information integrity and confidentiality are key components. Audit information should be stored separately and protected with granular user access controls and regular monitoring. Big data and audit data should stay separate.
There are always dangers when venturing into a new space. It’s important to keep in mind that while actions must be taken to safeguard the technology, the benefits of big data arguably outweigh the potential downsides. Among the upsides, it provides strategic insights, predicts outcomes and reduces risk. Risk must always be taken to attain reward. Without a doubt, it’s worth taking a chance on big data.
Click here for the first part in the series discussing myths 1-3.
Click here for the second part in the series discussing myths 4-5.