Like cloud computing, big data has long promised to improve the state of data centers, and enterprises are beginning to seriously warm to the technology. But also like the cloud, big data has unique security concerns, which should be top of mind for the enterprise to ensure the safety of data, according to a recent survey by SANS Institute.
The survey—sponsored by Cloudera and written by Barbara Filkins, SANS senior analyst and healthcare IT specialist—polled 206 organizations about their plans for big data, and found that the majority of them either already had big data systems in place or would implement them in the short term.
Twenty-eight percent of those surveyed said they had big data applications in development; 27 percent said they have big data applications in production; and 28 percent plan big data applications in the next two years.
These systems are home to sensitive data, with 73 percent containing personally identifiable information, 72 percent containing business information and 83 percent needing to meet a certain level of compliance, according to the survey. With larger volumes of this type of data being stored in these systems, enterprises also then have a greater responsibility to reduce the level of risk for that information, Filkins wrote.
“As with traditional data-oriented systems, big data implementers need to be able to establish the appropriate level of trust both in the information derived … and the source data,” she wrote. “That means you need to fully understand each data source and its consistency, uncertainties and integrity limitations. Especially with the volumes of data being stored and the diversity of users accessing it, information governance is a critical part of big data applications.”
SANS is a private company that provides training and certification in cybersecurity skills. Cloudera offers products and solutions for enterprise data security, including options for big data systems.
While many enterprises already have traditional security methods in place to protect data as they roll out big data applications, they also are eyeing new solutions that bring security closer to the data, the survey found. “Data-centric security and information governance will grow in importance in proportion to the amount of sensitive information gathered in these systems,” Filkins wrote.
Fifty-four percent of respondents said they are focused on integrating big data with existing identity and access management infrastructure, while 45 percent will implement role-based authorization controls on their big data applications, according to the survey. Twenty-seven percent said they would deploy monitoring around data aggregation to protect these systems.
There also are points where big data and cloud computing will merge, with policies and controls following these systems into the cloud, according to the survey.
Of those respondents who already implemented a big data solution, 15 percent said they have a unified interface to that system provided by their cloud service. However, others will provide infrastructure to ensure tighter security, with 22 percent still using separate controls for tracking access and protecting sensitive data in the cloud, and another 21 percent planning to cover big data access and security in the cloud within the next 12 months, according to the survey.