10 reasons why Hadoop has huge data security risks
Source: Internet
Author: User
KeywordsSecurity presence large data security large data
Hadoop has 10 reasons for huge data security risks:
1. Hadoop is not designed for enterprise data
Like many pioneering it technologies (such as TCP/IP or UNIX), the concept of Hadoop does not come from enterprise users, and enterprise security is not. The original purpose of using Hadoop is to manage publicly available information, such as Web links. It is designed for a large number of http://www.aliyun.com/zixun/aggregation/13739.html "> unstructured data in a distributed computing environment and does not produce written protocols such as security, compliance, encryption, policy support, and risk management.
2. The security of Hadoop is completely dependent on Kerberos
Hadoop uses Kerberos for authentication. However, this protocol may be difficult to implement because it does not cover the security requirements of the enterprise, such as role-based authentication, LDAP and Active Directory policy support. Hadoop also does not support the encryption of transmitted data between nodes and nodes.
3, Hadoop cluster contains many nodes
The traditional concept of data security is based on the protection of a physical entity (such as a database or server), which differs from the unique large data distributed computing environment of the Hadoop cluster. Traditional security technology can not play an effective role in this distributed and large-scale environment.
4. Traditional backup and disaster recovery data are not the same in Hadoop environments
The distributed nature of the Hadoop cluster also makes many traditional backup and recovery methods and policies ineffective. If users use Hadoop, they need to replicate, backup, and store data in a separate, secure environment.
5. Hadoop rarely works alone
To gain the benefits of large data processing results, Hadoop needs to combine the use of other technologies. While these tools can help with the access and use of large data, most of them lack real enterprise-class security. Hardening Hadoop itself is only part of the challenge of big data security.
6, large data workload compliance with the Uniform Rules
Large data is not accompanied by separate regulations and requirements. Whether it is used to store or manage data, enterprise organizations must establish data protection and security policies that meet regulatory requirements, such as HIPAA, PCI, and so on. But on this basis, the traditional security technology still cannot completely solve the challenge under the big Data environment.
7, maintenance cost is not sure
So far, no one has been able to determine how much risk the cost of a security vulnerability does not cause. Without a comprehensive security risk assessment, businesses will not be able to assess their security vulnerabilities or determine how much money they invest in security.
8, large data users by their own strength to maintain security
At present, enterprise users on the maintenance of the Hadoop cluster security practices include control of external access, and limit the number of people allowed to access the cluster.
9. Additional steps needed to protect the data cluster
If the vulnerabilities in the Hadoop environment still exist, then the extra steps to maintain data security are essential. Users must periodically scan their cluster environment to find their vulnerabilities. This is also the best practice for storing data in a separate security environment while replicating and backing up it.
10, Hadoop users must always keep the update
Large data analysis and processing increasingly become the mainstream business of enterprises, the application of it technology throughout the company from entrepreneurship to the operation of the always, the purpose is to make large data analysis for the enterprise to bring more benefits. The best practices for IT managers to maintain security include regular feedback on the Web site, including all parts of large data: security, storage, servers, and data center systems as a whole.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.