Every action in life has consequences, and that goes especially for data breaches. Big data contains a major amount of information that can lead to the identification of individual users – this means that a primary concern of big data usage is the privacy of users but also that the consequences of a breach can be even more destructive than usual.
After a big data breach, not only does the aftermath serve to damage the reputation of an organisation, but it can also negatively impact the company from a legal stand point. A security breach will affect an extensively larger group of people; therefore, organisations must make sure that they achieve the correct equilibrium between the use of the data and their users’ privacy.
> See also: Big security: big data and the death of SIEM
Accomplishing this balance can be achieved by combining a selection of best practices suitable for handling the security of big data, as detailed below with the most commonly presented challenges.
Prior to data storage, the information must be anonymised to a standard that’s considered acceptable by all, so that any identifiers for individuals are entirely removed. Encryption of the data is also highly essential, as removing the unique identifiers alone does not certify that the data will definitely remain unidentified.
One of the most secure methods to protect information is known to be encryption. However, it can also cause problems of its own when it comes to storing data in the cloud. Since data can’t be encrypted when sent to the cloud, in case the cloud needs to perform operations over the data, Fully Homorphic Encryption (FHE) should be used. FHE is a way to sidestep the problem. With FHE, cloud data is capable of performing operations over encrypted data resulting in the creation of new encrypted data.
Ownership and access control
Establishing the exact ownership of the information needs to happen when data is being stored in the cloud. In the condition that the data is stored in the cloud, a trust boundary must be determined between the data owners and the data storage owners.
Access control mechanisms play a very necessary part in sustaining the data security and protection. It is the norm for applications and operation systems to provide the access control and to limit the access to the data. However, if the operation system is breached, the information is next exposed. A better way to ensure the protection of the data is with the use of encryption that can only be decrypted if the person trying to obtain access has been granted permission by an access control policy.
Software can create yet another issue for big data and the control over it. Software, like Hadoop for example, that stores big data usually has the default setting of no user authentication being needed. This can create a major issue as it leaves the information vulnerable and exposed to any unauthorised user gaining access. It is very important that organisations check the settings and make sure that some form of authentication is necessary before a user can access the data.
As it’s still a relatively novel concept, a standardised collection of best practices is not yet in existence for big data management. However this does not mean that you can’t still take recommended steps to make sure you’re keeping your data as safe and secure as it can be, such as generating a decent access control policy and producing policies that consent access to authorised users only.
Broadly examine your cloud providers: when storing big data in the cloud, it is necessary for you to know whether your provider has satisfactory protection mechanisms in place.
Guarantee that the provider carries out intermittent security audits and agree on penalties in case appropriate security standards haven’t been met, and guard the data: both the raw data and the product from analytics. Encryption has to be used accordingly so that no sensitive data is leaked.
Communications should also be guarded and sata in transit should also be sufficiently protected to ensure its integrity and confidentiality.
Access to the data should be constantly monitored in real time. Threat intelligence should be used to thwart unauthorised access to the sensitive data.
Not only does the amount of data stored have a direct effect on the consequences of a security breach but it also influences the strategic and tactical approaches that should be taken to ensure compliance and privacy. But by handling data while maintaining security at the core, organisations can keep both themselves and their customers safe.