A year ago, big data had just become the most popular word in the industry. Now, everyone is talking about big data that will become one of the most serious challenges to corporate security. But many practitioners are still trying to understand the concept, just as they tried to figure out the concept of cloud security a few years ago.
However, Zions Bancorporation company chief information security officer and Security http://www.aliyun.com/zixun/aggregation/3886.html "> Executive Vice President Preston Wood ( Preston Wood) is puzzled by the notion that so many people have difficulty understanding large data.
For decades, Wood has been using big data to bolster its security plan. In recent years, Wood and his team have made significant changes to their plans to better deal with data on free and rapid access to the company's network. By using tools such as Hadoop, they increase the amount of data that can be analyzed at once. They also figured out how to analyze the data in real time, shortening the work that had to be done before a complete workday. The following is the story of how the Zions company completes the Big Data Analysis task.
Big Data already has
Although the vocabulary of large data is new, Zions has been applying this concept since the 90. At the time, the company began using its vast source of information to figure out its security posture. ' We've adopted a big data strategy before the word big data has emerged, ' Mr. Wood said.
Zions has many data sources. It has 8 banking operations and has 500 physical sites in the western part of the United States. It is also an early adopters of security information and event Management (SIEM) technology, which is used to better analyze data flows.
When it comes to big data, experts tend to focus on how to use large data to provide revenue. To a lesser extent, experts may point out and assess the security risks of valuable business intelligence and analysis of large warehouses. But what Zions does is different: it decides to make the method of large data a central part of its security, rather than seeing it as another potential security vulnerability it wants to defend.
Application of SIEM Technology
In order to better analyze the data and apply the data to the security Department, Wood and the company became the earliest adopters of Siem Technology. This technology allows the security Department to do the following things:
• Consolidate data from multiple sources, including networks, security, servers, databases, and applications. This allows you to merge monitored data and avoid missing important events.
• Divide events into smaller portions so that they can be used to study similarities. Such research may detect attack activity.
• Abnormal activity can be reported to the police immediately.
Hadoop technology is a driving factor
Wood's team is looking for the missing part of the puzzle and soon found it in Hadoop.
Open source Hadoop technology is the engine that drives today's more successful large data security program. Companies use this technology to collect, share, and analyze large amounts of structured and unstructured data through their networks.
Zions began using Hadoop technology in 2010. As Zions's large number of tools and devices produce several terabytes of data a week, it takes a whole day to load a day's records into the system. Now, this process can be done in real time.
For years, Hadoop technology has made large data easier to access and cheaper, according to Adrian Leine Securosis, chief technology officer and security analyst at Adrian Lane. Free tools like Hadoop have become an important driver.
The workings of Hadoop technology
The Apache Hadoop Web site interprets this technology as a framework that allows the use of simple programming models for distributed processing of large datasets in a cluster of computers. This technology is designed to upgrade from one server to thousands of servers, each providing local computing and storage. Without relying on hardware to provide high availability, the library itself is designed to detect and handle application-tier failures, providing high-availability services based on a cluster of computers that may fail for each computer.
Get ready for the job
As with any technology, the application of Hadoop needs to understand the security vulnerabilities of the tool itself and the multiple compatibility and setup issues that any similar tool can present.
"As with some of the installed GRC (governance, risk and compliance) applications that we've seen, this could be a huge explosion and a waste of money," said Alex Hutton, Zions's manager for technology and operational risk and governance, Alex Herton.
Hutton's advice is to be prepared before using this technique. Use all the time you need to figure out the roadmap details of the data you're looking for, and carefully assess how Hadoop technology can get along with the rest of your network, develop a clear taxonomy model, and do it strictly according to the model.
Because Wood's team was well prepared before the new warehouse was launched, Zions's deployment was quite smooth. As long as other companies are prepared, they will achieve the same success. (Compiled/Populus euphratica)
(Responsible editor: The good of the Legacy)