Data is money. For some organisations, data has become the highest commodity, and this means consumers now hold the power. By gathering these large data sets, businesses can analyse human behaviour and interactions through trends, market patterns and associations which will fundamentally lead them to make business decisions to tailor experiences for consumers. Big data is big business and enterprises of all sizes are investing in data science and analytical platforms. Whenever data is mentioned, security should automatically follow; especially when you consider big data is everywhere – on-premise, in the cloud, streaming from sensors and devices, and moving further across the internet.
Yet, the security aspect of protecting these data sets is often overlooked. In the last five years, the surge of data breaches has seemingly run parallel with the amount of data organisations are now demanding. Yahoo, Facebook, Dropbox, Equifax, Twitter and Google are just some of the high-profile companies that are well known to collect big data, but also share the unwanted tag of experiencing a data breach. With much of the collected data by companies classified as sensitive personal information, cybercriminals are determined now more than ever to get their hands on it for malicious use.
Carrying the baton for protection of personal information in this area is data-centric security. Data-centric security attempts to focus on the data itself – altering or disguising it as a means of protection from misuse and prying eyes - rather than traditional routes which may focus on the IT infrastructure or security of systems. Yet, choosing the right solution from an increasing array of data-centric options can prove tricky. Vendors are quick to state they provide a solution that is data-centric, but often such solutions fail to also meet the stringent demands of being able to use it in a big data analytics environment.
- Building reliable data pipelines with AI and DataOps
- Strangers in your servers: data security and the gig economy
- Tackling cybercrime with a culture of security
The ideal data-centric solution requires a number of crucial aspects to meet the needs of tomorrow’s analytical workloads. To protect big data effectively and adequately, solutions need to incorporate the following
Naturally, big data environments will be in constant use and so housing security that can keep pace is a must.
Therefore, the data-centric solution needs to have the ability to scale any workload regardless of whether it’s in real-time or for historical use cases and without any visible impact or hinderance to performance.
With the involvement of artificial intelligence and machine learning in many of today’s software programs, businesses are looking to take advantage and incorporate this technology within their systems. The reason: the ability to process more data with less man-power.
With ‘speed is key’ as the motto, security needs to keep up with the pace of the business. The only way to achieve this is by seeking a data-centric security solution that delivers on its intelligence features for both streaming and load distribution.
Availability and adaptability
Vital qualities such as availability and adaptability are required, and security should never hinder these elements. If for any reason issues arise, the security technology needs to function with built-in fault tolerance capabilities to guarantee these are resolved automatically and without interruption to overall system functionality.
To achieve maximum value and protection, the data-centric solution will need total access to wherever the data may lie.
Many enterprises employ big data frameworks such as Spark, MapReduce and Hadoop to provide interconnected platforms, systems and standards to carry out big data projects.
However, these open source environments are operating on legacy systems, and with new technologies continually sprouting up, the data-centric solution needs to offer a degree of flexibility to ensure it does not become outdated.
All environments covered
With the rise of digital transformation, cloud environments have become very attractive for all businesses. Part of the security checklist requires the solution to support an organisation’s current and future big data analytics environment, whether that’s on-premise, in the cloud or both (hybrid) – or even in a multi-cloud setup.
When it comes to implementing a security solution with big data analytics tools and platforms, to minimise needlessly wasting resources and any time taken to change already installed applications, the platform should be accommodating in terms of being able to handle both native and API-based integration.
Ultimately, the best way to protect sensitive data and enable analytics is through tokenisation or substituting a sensitive data element with a non-sensitive equivalent (known as a token). By tokenising critical data, the analysts are able to extract insights without the risk of exposing personal, confidential data. This eliminates one of the prime issues with classic security solutions which can’t protect sensitive data wherever it goes. Organizations need to implement security and privacy protection that travels with the data itself across hosting models, locations, and devices. Tokenisation is a key capability when it comes to enabling a zero trust architecture across the Enterprise.
Data-centric security solutions that meet these criteria will better serve companies for years to come as the amount of data collected grows and privacy and data protection concerns become mainstream and litigious.
Anna Russell, VP of Enterprise Data Centric Security EMEA at comforte AG
- We've also highlighted the best data recovery software