This is a great Big Data webinar(15 min), hosted by CISO Platform and briefly points out the Security Challenges and also Recommends Some Fixes. It is presented by Head of Development at Iviz.
What will you learn:
- Key Insights on Existing Big Data Architecture
- Unique Security Risks and Vulnerabilities of Big Data Technologies
- Top 5 Solutions to mitigate these security challenges
Watch the 15min Power Webinar:
(Read more: Technology/Solution Guide for Single Sign-On)
View Presentation/PPT:
3 Major Subheads Covered:
Key Insights on Big Data Architecture
- Big Data is Distributed architecture eg. Hadoop
- Data Partition, Replication and Distribution among nodes
- 2 types of data- Hot(used more frequently) & Cold data(used less frequently)
- Auto-Tiering feature- Hot data->high performance disk drive & Cold data->low performance disk drive
- Easier to move Code instead of Data
- Real Time Streaming and Computation
- Collects data from various sources -Social Media,Meter Metadata,GIS etc.
- Supports AdHoc Queries
- Massive Parallel & Powerful Programming Framework
Top 5 Big Data Security Risks
- Insecure Computation - Risks of loss of sensitive data, DOS, Data Corruption
- Input Validation and Filtering - Huge data flow, Challenge to validate the sources & Behavioral data, Risk of Rogue code
- Granular Access Control - Performance Vs Security, AdHoc Queries can reveal sensitive data,Access Control default disabled
- Insecure Data Storage(in nodes) - Authorization, Authentication & Encryption is challenging, Autotiering -> Moves cold data to less secure medium, Secure communication -> Between End user & Node is disabled by default
- Privacy concern in data control & Analytics - Monetization models mostly include this, Sharing these results face challenges like privacy & marketing intrusion, Unintentional data disclose
Example-AOL, Netflix
Top 5 Best Practices
- Secure computation code
- Implement Comprehensive Input Validation & Filtering
- Implement Granular Access Control
- Secure Data Storage and Computation
- Review & Implement Privacy (preserving data mining & analytics)
(Read more: CISO Guide for Denial-of-Service (DoS) Security)
Comments