Addressing large data security challenges identify a few points

"Enterprise Network D1net" March 26 News

In the age of large data, security issues are still not to be overlooked, with the gradual deepening of large data applications, now, around the large data analysis related to the relevant privacy issues have a lot of concern: enterprises and national government agencies have the right to such a wide range of personal and community information? Meanwhile, Are there any laws or policies in place to guide and discipline them in the collection and processing of such data? One of the most important but not often discussed and focused issues is security.

are corporate and government agencies collecting, storing, analyzing, and distributing large amounts of data information facing security risk challenges? If so, what should they do to mitigate these challenges?

Big data is more than just a lot of data.

In a sense, when a company began to collect and store a large amount of data information, it has become a fairly prominent target for hackers. More broadly, however, there may not be any fundamental new threat to the data information for businesses that collect a large amount of valuable unstructured data information.

Robert McGarvey quotes David Topping, vice president of global marketing at Brainloop, as saying: "For hacker attacks, the large data information for the Petabyte storage is safe because the amount of data is too large for hackers." Perhaps in addition to the well-funded sponsors, the average hacker lacks the analytical tools to extract meaningful information from such a large amount of data. In other words, businesses, like these hackers, face the same grim and significant problem: how to extract valuable things from the vast data they collect. Therefore, for individual large data repositories, it is not very important to consider adding any security measures beyond other types of databases, especially given the limited ability of these hackers to compare with the major institutions. ”

Environment and fine-grained security

But just because the data is unstructured or harder to sift through, does not mean that large data is necessarily more secure. If all large data repositories are useful, it is not possible to maintain all the information in the same way. As InfoWorld, Andrew Oliver, points out, "the more data your organization collects, the harder it is to maintain the fine-grained tasks and challenges of these data." How can an enterprise firmly grasp the ownership of all this data without sacrificing the performance of large data and comply with relevant regulations? This prompts the enterprise to choose a large data solution first. ”

Fine-grained data security partitions classify data access. For example, some employees of an enterprise may have access to non-financial data only, while higher-level employees have access to more information. In addition, some information may be owned by another department, or its use may be limited. The challenge we face is how to maintain a well-organized and secure system, despite some environmental difficulties. So when companies are faced with a trade-off between security and profitability, they can easily respond: "Yes, we have standard network security, so our data is secure." ”

Large data cannot be anonymous

The more detailed the data you receive from your business, the more likely it is to involve more personal information, and therefore the concern for privacy and security issues should be increased. "Computer scientists say they can use data that does not involve personally identifiable information to reconstruct the identity data of the person concerned," says CSO. For example, if a brand enterprise or government agency obtains a list of customer GPS records covering a region for a year, they can use the list to understand the identity of one or more people. "In this case, finding a person's identity is very simple. For example, locate the GPS at a certain time period, and then search the Internet for the name of the user who is related to that location. In general, this process may be a little more complex, but conceptually, it is a simple problem that can be easily solved.

Although companies are trying to make big data anonymous, the best way for companies to do that is to "kana" the data-to make some information kana and, of course, still be associated with a real identity. This restrictive anonymity is part of a large data risk: hackers and other malicious parties may not be able to perform fine-grained analysis of the data, but given the richness of these limited types of information, they can gather all sorts of available conclusions for fraud, theft or worse behavior.

Although the raw data needs to be protected, even if it is part of a large, unstructured data repository, the larger threat to large data is that companies pay huge costs to get valuable information from large data analysis. McGarvie again quoted David Topping as saying: "Many companies waste too much of their budgets to protect large data stores." And their real risk is in the output of relevant data information. Because companies often rarely monitor or protect these data, the insights that come out of enterprise analytics produce how the output is produced ... Most security experts believe that employees are often innocent, but some are the most common culprits of large data destruction. ”

Businesses need to protect large data, although it involves some raw information, but we need to focus more on the insights gained from analyzing raw data. In particular, these insights must be viewed at least as more important than the original data.

Security issues with large data

The next question is how to address the security concerns of these companies. One approach is to provide hackers with an attractive fake target so that companies can learn more secure research methods to respond to attacks and implement protection measures. This strategy is not ideal because it can only work if there are loopholes in the system. But these weaknesses are likely to be identified and resolved.

Citing Forrester's research, "future data security and privacy reports: Control over big Data" IBM points out, "security professionals have the best control over the edge of the network." However, if attackers penetrate your perimeter, they will have full and unrestricted access to your data. "Of course, the solution is to provide a layer of security for the data, so that simply accessing the network is not enough to get such a large privilege."

Encryption, especially when dealing with large data analysis insights, is an effective way to protect information, but it is certainly not a new concept.

The privacy implications of large data are indeed being widely watched, especially in the context of the U.S. National Security Agency's monitoring of major IT companies. A different but closely related issue is security: in particular, how businesses should protect raw unstructured data and insights from large data analysis. Unfortunately, full anonymity is not possible because data information needs to be associated with individuals and for a variety of purposes (sometimes in combination with other private or public sources). While hackers may not be able to steal data to perform complex analyses, they are often enough to collect valuable information (such as in the case of GPS data) by cursory viewing. As the data collected by the enterprise is gradually stored in large data warehouses, such as the Federal Data Service center, more scrutiny is urgently needed for large data security.

D1net Comments:

Enterprises to deal with large data security challenges, need to recognize the above several points, only on the basis of a positive understanding, to calmly deal with, security issues, the Internet is the most headlines in the world, in the era of large data, this problem is still unresolved, solve the security problem is not once and for all, enterprises should be ready for long-term combat.