Security was an afterthought for the popular distributed computer framework Apache Hadoop. Companies with big data projects haven't done much better.
Organizations take different approaches to securing their big data clusters, said Adrian Lane, the senior security strategist and chief technology officer at Securosis, an information security research and advisory firm. While most companies adopt some form of NoSQL security, many enterprises back into a security model and implement what they can after their cluster has launched. Hadoop is the poster child for big data frameworks, but there are upwards of 150 platforms that may require different approaches to security.
Four common reference architectures can help organizations address security head-on while still allowing big data to scale horizontally: the walled garden (also known as the mainframe or "moat" model); cluster security; a data-centric model; and a re-architected security model based on the controls cloud service providers offer.
It's important to remember there is no right approach to big data security, said Lane. Any NoSQL security architecture should address the risks the company deems important, and leverage its existing infrastructure and skill sets.
IT security teams often find that traditional RDBMS tools won't work with NoSQL technologies -- many of these tools do not "speak" SQL. With the multi-node architecture, and different types of queries allowed, the sheer scale, variety and velocity of data outpace the capabilities of many security tools, said Lane. Protecting big data environments is akin to securing an entire data center. But big data is the database of the future, according to Lane. With guidance from these NoSQL security reference architectures, security teams can prepare for what's ahead.