Vulnerabilities in Data Security in Big Data World

 

Introduction
In today’s world, every individual is generating a huge chunk of data from varied sources, from using a mobile phone to downloading various applications from google play store we provide access to our personal details to the applications and hence we generate data as a customer for the application.
Have you ever thought how amazon is able to provide each one of us with some product recommendation based on our interest, all of this depends on customer analytics which amazon does with your personal data which you authenticate during registration as a new user on their platform. Similarly, we generate millions of data through different applications, devices, websites etc which is huge in number and termed as big data.
This data needs to be secured as this data is personal to an individual and if misused can impact badly. So here comes the role of data security in big data where we need to be sure that the data collected by an individual, entity, organisation has to be secured.
Data sensitivity and privacy are hurdles which organisation needs to look up these days
 
In the article we have summarised data security, challenges and the domains using big data along with their applications.
 
What is data?
Data is defined as facts, figures, or information which is used for analysis or reference.
Example: The customer data collected by amazon during new customer registration is customer data which is used by amazon for segmenting the customers into different types of user personas.

What is big data?
According to @Gartner,

"Big data is high volume, velocity and variety information assets that demand cost effective, innovative forms of information processing for enhanced insight and decision making"

Big data is a collection of large data i.e huge in number which is used by different industries or in different domains like retail, healthcare etc for analysing the patterns and trends in the data which predicts the customers behaviours and helps in profitable decision making.
 
Example: Facebook has around 290M customers in India and it has data of every individual hence a big data repository of customer data .
 
Now, you might be wondering about what is the big deal – and what makes big data so special and challenging.
 
The problem is that the big analytics platforms have large repositories or huge chunks of data about sensitive customers, partners, stakeholders, products and any other data which usually have insufficient data security and are prone to cyber-attacks.
 
What is big data security?
 
Big data security is a collective term for all the methods and tools used to protect the data and analytics from thefts, attack or any other malicious activity that could cause a problem for the data aggregator or organisation storing data.
 
Big data has become fundamental as we now have many opportunities to collect data through mobile phones, internet or devices and gadgets and 2.5 quintillion bytes of data is generated by humans each day, but the problem with such a huge amount of data lies in its security.
The consequences in data security can even get worse in case of banking domain where they store the details of customer account, credit card details and passwords which are prone to more cyber attacks and these organisation may even face fines as they failed to follow the basic data security laws and privacy mandates like the General Data Protection Guidelines (GDPR).
Additional attacks on organisation big data can cause serious financial losses, cost, fines and sanctions. Hence data security becomes very important and a serious matter of concern for everyone.
 
What are the challenges/ issues in big data security?

As big data is prone to attacks by hackers, therefore the data professionals need to play an active role in providing data security. The rise in third party applications and bring your own device (BYOD) have given rise to more concerns related to big data security.
 
Big data security issues have incremental risk by usage of applications, devices, users and more
 
Big data relies heavily on cloud storage but it's not just the cloud which has induced security issues, third party applications can easily introduce risk in the enterprise network when security measures are not upto the established government standards and policies.
 
Here are some of the obvious data security issues which need to be considered.
  

  1. Access authentication – The data access is about accessing the data for different purposes in an organisation and each individual cannot be given the data access, therefore it is necessary to provide data access to credible sources only.
  2. Data security – Both the raw data and the analytics data (used for predictive analytics or decision making) must be kept secured, encryption methods should be used to prevent data leakage and hence maintain data security.
  3. Data Mining – Data is extracted from the repositories according to the usage and the data may contain confidential or transactional data for that reasons an extra layering of data security is required to protect any sort of data attack or theft.
  4. Intrusion detection and prevention – An IPS (intrusion prevention system) enabled security system can be used which enables the security teams to protect the big data platforms from any intrusions by examining the incoming traffic and source and ensuring they are authenticated for data access.
  5. Protect communications – Data when shared for communications with the stakeholders, internal teams etc must be adequately protected to ensure its confidentiality and integrity.
  6. Key Management – Cryptographic keys can be used for preventing data mis-use and leakage. A centralised management system acts as a single point of data and logs access and if placed can help organisations in managing their sensitive data.
  7. Storage –  In case of big data architectures, the data is stored in multiple tiers and has business dependencies of performance, cost etc and hence data storage needs to be taken into consideration. in case of cloud data storage make sure the provider has appropriate security mechanisms for preventing data theft and leakage.
  8. Real time data security Monitoring – Data access needs to be monitored in real time and threat intelligence should be used to prevent data leakage.
  9. Distributed frameworks - Big data implementations include processing of huge jobs for faster analysis. Hadoop is a well known open source distribution network and the technology involved in it does not involve data security . Distributed processing involves less data processing by anyone systems but it means a lot of systems may need more data security. 
  10. Data provenance - primarily concerns metadata , it can be extremely helpful in determining data source(From where data came from), who accessed it, or what was done with it. Usually, this kind of data should be analysed with exceptional speed to minimize the time in which a breach is active. 

Now you all might have a question in your mind regarding who is actually responsible for data security!!!

 So the responsibility of data security is of everyone, the it firm and government agencies can frame policies, standards, procedures and software’s that can prevent the data from malware attacks and unauthorised access but its implementation is on us, the data security team needs to work ensuring successful implementation of policies and standards for a safe environment to work upon.
 

According to Information Security Buzz

Data security ‘was & is & will be’ always pivot for any organization dealing with data. Now the question is which company does not deal with data. The simple answer to this question is ‘None’. Hence data security continues to be pivotal to the success of any company irrespective of the industry, domain or sector. With hackathons becoming call of the season, world’s leading hackers are invited to break into the systems of the Fortune 100 companies who boast of extremely robust security systems.

Read More

Call Us