Big Data Security – Not There Yet

Print Friendly, PDF & Email

When it comes to security, Big Data is a two-edged sword.

On one hand it can be used to analyze mountains of data in order to foil intruders, head off attacks and neutralize a wide variety of other threats. But the network architecture required to support Big Data analytics is itself vulnerable to attack.

Writing in CSO Magazine, John P. Mello, Jr. notes that Hadoop is frequently used in order to manage the computer clusters that are at the heart of Big Data deployments.  This, he says, can create problems for security people, especially if they are relying on traditional security tools.

He quotes a white paper from Zettaset, a Big Data security company, which asserts, “Incumbent data security vendors believe that Hadoop and distributed cluster security can be addressed with traditional perimeter security solutions such as firewalls and intrusion detection/prevention technologies. But no matter how advanced, traditional approaches that rely on perimeter security are unable to adequately secure Hadoop clusters and distributed file systems.”

Traditional security products are designed to protect a single database.  But when these products are called upon to protect a distributed cluster of computers that may number in the thousands, they fall short.

Mello interviewed Zettaset CTO Brian Christian.

When you put them (traditional security products) on a large scale distributed computing environment, they become either a choke point or a single point of failure for the entire cluster,” Christian said. “They could potentially be extremely dangerous running them on a cluster, because if they do fail, there is the potential to deny everybody on the cluster access to petabytes of data or a corruption of data in some of the encryption security technologies.”

Other problems arise when security is “bolted on” to an existing Big Data infrastructure, a costly and often ineffective procedure.

And, the story notes, when it comes to business versus security, business requirement takes precedence over implementing an ideal security solution.  Says Chris Petersen, CTO of LogRhythm, “While security catches up, there is going to vulnerability. My guess is that there is a lot of vulnerability right now in organizations adopting Hadoop.”

Read the Full Story.

Speak Your Mind