Nearly all data is either stored or passed through network related channels these days, increasing the potential for a major compromise. The elevated risk is just a byproduct of digital-heavy and internet-reliant operations in the modern world. Few organizations still maintain a local or private data system, with most opting to take advantage of the cloud.
Although there are many reasons for this, the most pertinent is the always-on and mobile-friendly benefits of cloud technologies. In addition, there’s an opportunity for organizations to take a step back and allow cloud providers to manage the more complex aspects of a network, including security, maintenance and more.
But it should come as no surprise that opening up the data and related systems to the greater internet also means introducing greater risk, particularly when it comes to system vulnerabilities. No system is perfect, which means it’s likely there is a way for its hardware or software to be compromised, in turn meaning that any related data can be stolen or manipulated.
To put it simply, big data systems are more vulnerable than you might think. This can and will affect your data, which means that employees, partners, and customers can all end up as collateral.
There are ways to better lock down systems — even cloud-facing ones — but you have to know what you’re looking for first. What vulnerabilities exist? What could you be missing? How can you protect your organization, your network and your data?
1. Back to Basics with The Big Three
When you’re talking about big data or cloud technologies, there are three stages that most systems deal with particularly when it comes to the flow of content.
Those three stages are:
- Data ingress or data sources, which means what’s coming in and from where
- Stored data, which means what’s staying and being stored
- Data output or data sent, which means what’s going out to other parties, individuals, applications and tools
Immediately, you can see that any and all data is being routed in several directions, making it difficult not just to secure but also to track down. You must be able to see this flow of content — whether that’s in or out — as well as discern what parties are involved, what’s happening with the data and what it contains as far as sensitive information or details. Without any of these things, you cannot properly secure your content and or network.
For example, ingress data from an unknown source can flow into a system already compromised. The opposite can be true, as well, where data remains secure inside your network but becomes compromised upon leaving.
This is where you should start with any big data or network-focused system. Once you truly understand your data and how it’s affected by these three stages you can implement stronger security.
2. Administrative Authentication
When it comes to accessing sensitive content most administrators understand the importance of proper authentication and user access. Only the right people should have access to the information, and there must be controls in place to both prevent and allow access when necessary. This is also referred to as identity access management.
It’s easy to forget that big data administrators or cloud providers may also have access to your data. Theoretically, they could mine, view or manipulate the content without permission, and if there are no monitoring tools in place you’d be none the wiser. No notifications would come through about what’s happening.
They could be doing it for criminal profit. They could be doing it out of curiosity. There could be another reason such as a mistake on the provider’s part — maybe an employee accessed the wrong system?
Whatever the case, it’s a huge security vulnerability and a definite challenge when working with third-party providers or services. You must ensure there are proper monitoring tools in place that can detect unauthorized activities including those of cloud administrators.
3. Big Data Provider Responsibilities
You can have the absolute best security tools and protocols in place, but they won’t do any good if the systems, hardware or solutions you’re using are out of date. One benefit of using cloud services is that it’s the owner or provider’s responsibility to maintain the systems and technologies. But what happens when they don’t fulfill their duties?
If a big data provider does not regularly update security for the environment or tools, it puts everyone else at risk for not just data loss but cyber attacks and major breaches. You’re essentially trusting and relying on someone else to maintain the necessary systems. While there’s no reason why they wouldn’t do this — and most providers are great at keeping up with such practices — it’s still a vulnerability that exists and will continue to exist.
You cannot force the big data owner or provider to properly maintain their systems, but you can stay informed. Keep an eye on what’s happening, how long systems are out of date, and what that means for your own data and content.
4. Data Provenance Challenges
Data generally contains more than just the basic information, it also includes historical records about the digital content, as well, and this is called data provenance. In simpler terms, it’s a collection of metadata that reveals inputs, systems, entities and processes that have interacted with it. Then there’s data lineage, which shows when content was accessed, by whom, if it was manipulated or edited and much more. Often, the two concepts are considered to be the same thing.
Imagine just how massive a trove of metadata information truly is, as big data stores are huge on their own. Each and every file, document or piece of data also contains a long list of descriptors and details about how it was influenced.
In terms of security, this additional metadata can cause a series of problems. For starters, some details can be manipulated or changed, revealing false information or completely affecting how the data is organized and stored. In addition, this information is not usually encrypted like the data contained within, which means snooping is possible.
This problem is tough to overcome, especially when you’re talking about visible details or information that is not encrypted or protected. Using appropriate authentication and general security helps, as well as minding where the content is stored and how it’s made available to internal and external parties.
5. Lax NoSQL Database Security
The high-speed and ever-evolving nature of NoSQL databases means that they’re constantly being adapted and revised. Couple that with the fact that most NoSQL solutions are fairly new, meaning they’re in active development and modified by support teams too. This creates several glaring vulnerabilities, as security is often mistreated altogether.
Most big data users hope that security is handled externally, and even trust that it’s happening. That’s actually a big reason why administrative authentication is important, as mentioned earlier. In reality, security is often ignored at a higher level, leaving the resulting data incredibly vulnerable.
Securing a database should always be a top priority, which calls for putting proper control and defense measures in place. The four pillars of security are important here: authentication, authorization, auditing and encryption. Pay attention to the security architecture of a system to ensure it both manages and deals with security properly. If that’s not happening then you should either consider another system or another method, where applicable.
Who Is Responsible for Security?
Many security problems exist merely because the proper checks and balances are not in place, and nothing is done to ensure standards are being upheld. It’s easy to fall into the trap of thinking that security should always be managed by a provider or big data owner, but no matter how much you trust a partner that’s just not a safe philosophy anyway.
The truth is that everyone is responsible for the security of a big data system and the data being stored, processed and exchanged by it. From the owner to the users, everyone should understand what it takes to keep digital content secure. And better yet, everyone should exercise the proper security measures be it applying encryption, or locking content access down to only select groups or individuals.
Adopting a proactive strategy is the best — and only — way to secure a big data solution.
About the Author
Contributed by: Kayla Matthews, a technology writer and blogger covering big data topics for websites like Productivity Bytes, CloudTweaks, SandHill and VMblog.
Sign up for the free insideBIGDATA newsletter.
Speak Your Mind