While big data technologies and data lakes have the potential to improve the overall security posture of enterprises that implement them, maintaining security in big data tools themselves is an ongoing issue that needs to be tackled. "Initially, as big data was beginning to develop as a discipline and as a specific set of tools and techniques, it evolved with very little security in mind and with very little security implemented," says John Burke, CIO and principal research analyst at Nemertes Research.
In this podcast, Burke discusses the three main reasons why this is a huge concern for enterprises, and the steps they can take to address security in big data implementations.
Burke explains that while security features do exist in most big data environments, the actual use of them has not picked up as quickly as it should. An enterprise's data lake could contain personally identifiable information, company financial information, valuable intellectual property and more. Considering that many big data tools are used for security analysis, if compromised, these tools can also leak information about the enterprise's firewall and card key system into the wrong hands. Enterprises need to be aware of what data is included in the lake in order to best protect it. They also have to know who has the ability to view the data and make changes to the data.
The first step that enterprises should take to protect them and improve security in big data implementations is to use access control. In addition to the user and services controls available within the environment, enterprises can also use network or operating systems authorization controls. Other security tools can be included at a granular level, depending on the type of information contained in the data lake.
Listen to John Burke's podcast on security in big data tools to learn more about the existing risks and how to mitigate them.
Find out which big data security analytics tool is best for your enterprise
Read about privacy and ethics concerns with big data use
Learn from the Cloud Security Alliance's guidance on cloud-based big data strategies