SlideShare a Scribd company logo

Big data security challenges and recommendations!

C
cisoplatform

The document outlines key insights and security risks associated with big data architecture, such as insecure computation, inadequate access controls, and privacy concerns. It emphasizes best practices to mitigate these risks, including securing computation code, implementing granular access controls, and conducting privacy-preserving analytics. Additionally, it highlights the importance of continuous evaluation and validation of data handling processes to ensure security.

Technology
1 of 19
1
2
Most read
3
Most read
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
Big Data Security Top 5 Security Risks and Best Practices Jitendra Chauhan Head R&D, iViZ Security jitendra.chauhan@gmail.com
Agenda • Key Insights of Big Data Architecture • Top 5 Big Data Security Risks • Top 5 Best Practices
Key Insights of Big Data Architecture
Distributed Architecture (Hadoop as example) Data Partition, Replication and Distribution Auto-tiering Move the Code
Real Time, Streaming and Continuous ComputationIntegration Patterns Real time Variety of Input Sources Adhoc Queries
Parallel & Powerful Programming Framework Example: • 16TB Data • 128 MB Chunks • 82000 Maps Java vs SQL / PLSQL Frameworks: • MapReduce • Storm Topology (Spouts & Bolts)
Big Data Architecture No Single Silver Bullet • Hadoop is already unsuitable for many Big data problems • Real-time analytics • Cloudscale, Storm • Graph computation o Giraph and Pregel (Some examples graph computation are Shortest Paths, Degree of Separation etc.) • Low latency queries o Dremel
Top 5 Security Risks
Insecure Computation Sensitive Info • Information Leak • Data Corruption • DoS Health Data Untrusted Computation program
Input Validation and Filtering • Input Validation o What kind of data is untrusted? o What are the untrusted data sources? • Data Filtering o Filter Rogue or malicious data • Challenges o GBs or TBs continuous data o Signature based data filtering has limitations  How to filter Behavior aspect of data?
Granular Access Controls • Designed for Performance, almost no security in mind • Security in Big Data still ongoing research • Table, Row or Cell level access control gone missing • Adhoc Queries poses additional challenges • Access Control is disabled by default
Insecure Data Storage • Data at various nodes, Authentication, Authorization & Encryption is challenging • Autotiering moves cold data to lesser secure medium o What if cold data is sensitive? • Encryption of Real time data can have performance impacts • Secure communication among nodes, middleware and end users are disabled by default
Privacy Concerns in Data Mining and Analytics • Monetization of Big Data generally involves Data Mining and Analytics • Sharing of Results involve multiple challenges o Invasion of Privacy o Invasive Marketing o Unintentional Disclosure of Information • Examples o AOL release of Anonymzed search logs, Users can easily be identified o Netflix faced a similar problem
Top 5 Best Practices • Secure your Computation Code • Implement access control, code signing, dynamic analysis of computational code • Strategy to prevent data in case of untrusted code • Implement Comprehensive Input Validation and Filtering • Implement validation and filtering of input data, from internal or external sources • Evaluate input validation filtering of your Big Data solution
Top 5 Best Practices • Implement Granular Access Control • Review Role and Privilege Matrix • Review permission to execute Adhoc queries • Enable Access Control • Secure your Data Storage and Computation • Sensitive Data should be segregated • Enable Data encryption for sensitive data • Audit Administrative Access on Data Nodes • API Security
Top 5 Best Practices • Review and Implement Privacy Preserving Data Mining and Analytics • Analytics data should not disclose sensitive information • Get the Big Data Audited
Thank You jitendra.chauhan@ivizsecurity.com http://www.ivizsecurity.com/blog/
Big Data Architecture Key Insights • Distributed Architecture & Auto Tiering • Real Time, Streaming and Continuous Computation • Adhoc Queries • Parallel and Powerful Computation Language • Move the Code, Not the data • Non Relational Data • Variety of Input Sources
Top 5 Security Risks • Insecure Computation • End Point Input Validation and Filtering • Granular Access Control • Insecure Data Storage and Communication • Privacy Preserving Data Mining and Analytics

More Related Content

PPTX
Security bigdata
Jitendra Chauhan
 
PPTX
Big data security the perfect storm
Ulf Mattsson
 
PPTX
Information Security in Big Data : Privacy and Data Mining
wanani181
 
PPT
Information security in big data -privacy and data mining
harithavijay94
 
PPTX
Big Data Security Analytics (BDSA) with Randy Franklin
Sridhar Karnam
 
PPTX
Security issues associated with big data in cloud
sornalathaNatarajan
 
PPTX
A Little Security For Big Data
Saurabh Kheni
 
PPTX
The REAL Impact of Big Data on Privacy
Claudiu Popa
 
Security bigdata
Jitendra Chauhan
 
Big data security the perfect storm
Ulf Mattsson
 
Information Security in Big Data : Privacy and Data Mining
wanani181
 
Information security in big data -privacy and data mining
harithavijay94
 
Big Data Security Analytics (BDSA) with Randy Franklin
Sridhar Karnam
 
Security issues associated with big data in cloud
sornalathaNatarajan
 
A Little Security For Big Data
Saurabh Kheni
 
The REAL Impact of Big Data on Privacy
Claudiu Popa
 

What's hot (19)

PDF
Big Data Meets Privacy:De-identification Maturity Model for Benchmarking and ...
Khaled El Emam
 
PDF
Expanded top ten_big_data_security_and_privacy_challenges
Tom Kirby
 
PDF
Solve Big Data Security Issues
Editor IJCATR
 
PPT
Big Data (security Issue)
Export Promotion Bureau
 
PPTX
Big Data and Security - Where are we now? (2015)
Peter Wood
 
PDF
Big Data Security and Governance
DataWorks Summit/Hadoop Summit
 
PDF
Atlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Ulf Mattsson
 
PDF
Network Security‬ and Big ‪‎Data Analytics‬
Allot Communications
 
PDF
Security and Audit for Big Data
Nicolas Morales
 
PDF
Threat Ready Data: Protect Data from the Inside and the Outside
DLT Solutions
 
PPTX
Hadoop and Big Data Security
Chicago Hadoop Users Group
 
PDF
Big Data Analytics to Enhance Security
Data Science Thailand
 
PPTX
Security Analytics and Big Data: What You Need to Know
MapR Technologies
 
PDF
To Serve and Protect: Making Sense of Hadoop Security
Inside Analysis
 
PPT
Data Leakage Presentation
Mike Spaulding
 
PDF
Privacy and Security by Design
Unisys Corporation
 
PDF
The Definitive Guide to Data Loss Prevention
Digital Guardian
 
PDF
Security and privacy of cloud data: what you need to know (Interop)
Druva
 
PPTX
Privacy Secrets Your Systems May Be Telling
Rebecca Leitch
 
Big Data Meets Privacy:De-identification Maturity Model for Benchmarking and ...
Khaled El Emam
 
Expanded top ten_big_data_security_and_privacy_challenges
Tom Kirby
 
Solve Big Data Security Issues
Editor IJCATR
 
Big Data (security Issue)
Export Promotion Bureau
 
Big Data and Security - Where are we now? (2015)
Peter Wood
 
Big Data Security and Governance
DataWorks Summit/Hadoop Summit
 
Atlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Ulf Mattsson
 
Network Security‬ and Big ‪‎Data Analytics‬
Allot Communications
 
Security and Audit for Big Data
Nicolas Morales
 
Threat Ready Data: Protect Data from the Inside and the Outside
DLT Solutions
 
Hadoop and Big Data Security
Chicago Hadoop Users Group
 
Big Data Analytics to Enhance Security
Data Science Thailand
 
Security Analytics and Big Data: What You Need to Know
MapR Technologies
 
To Serve and Protect: Making Sense of Hadoop Security
Inside Analysis
 
Data Leakage Presentation
Mike Spaulding
 
Privacy and Security by Design
Unisys Corporation
 
The Definitive Guide to Data Loss Prevention
Digital Guardian
 
Security and privacy of cloud data: what you need to know (Interop)
Druva
 
Privacy Secrets Your Systems May Be Telling
Rebecca Leitch
 
Ad

Viewers also liked (19)

PDF
Big Data Security with Hadoop
Cloudera, Inc.
 
PPTX
Cyber crime and security ppt
Lipsita Behera
 
PPT
Big data
Palash Jain
 
PPT
Overview of policies for security and data sharing
bdemchak
 
PDF
ciso-platform-annual-summit-2013-Fgont-ipv6-myths-dynamic
Priyanka Aash
 
PPTX
Big Data Security (ChinaNetCloud - Guiyang Conference)
ChinaNetCloud
 
PPT
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
Yiannis Verginadis
 
PDF
Enterprise 2.0: What it is and why it matters
digitallibrary
 
PDF
SMB Security Opportunity –Use and Plans for Solutions and Profile of "Securit...
Motty Ben Atia
 
PPT
Keynote Address at 2013 CloudCon: A day in the life of the SMB by Michael To...
exponential-inc
 
PPT
Winning the war against data- Strategies to beat your arch nemesis: files - G...
Spiceworks
 
PPTX
Keeping up with the Revolution in IT Security
Distil Networks
 
PPTX
Building a database security program
matt_presson
 
PPT
Box.net overview
Eric McDuffee
 
PPTX
Security Essentials for the SMB IT Network (on a Shoestring Budget!) - Adam W...
Spiceworks
 
PDF
Advanced IT and Cyber Security for Your Business
Infopulse
 
PPTX
modern security risks for big data and mobile applications
Trivadis
 
PDF
VO Course 10: Big data challenges in astronomy
Joint ALMA Observatory
 
PPTX
The next generation of IT security
Sophos Benelux
 
Big Data Security with Hadoop
Cloudera, Inc.
 
Cyber crime and security ppt
Lipsita Behera
 
Big data
Palash Jain
 
Overview of policies for security and data sharing
bdemchak
 
ciso-platform-annual-summit-2013-Fgont-ipv6-myths-dynamic
Priyanka Aash
 
Big Data Security (ChinaNetCloud - Guiyang Conference)
ChinaNetCloud
 
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
Yiannis Verginadis
 
Enterprise 2.0: What it is and why it matters
digitallibrary
 
SMB Security Opportunity –Use and Plans for Solutions and Profile of "Securit...
Motty Ben Atia
 
Keynote Address at 2013 CloudCon: A day in the life of the SMB by Michael To...
exponential-inc
 
Winning the war against data- Strategies to beat your arch nemesis: files - G...
Spiceworks
 
Keeping up with the Revolution in IT Security
Distil Networks
 
Building a database security program
matt_presson
 
Box.net overview
Eric McDuffee
 
Security Essentials for the SMB IT Network (on a Shoestring Budget!) - Adam W...
Spiceworks
 
Advanced IT and Cyber Security for Your Business
Infopulse
 
modern security risks for big data and mobile applications
Trivadis
 
VO Course 10: Big data challenges in astronomy
Joint ALMA Observatory
 
The next generation of IT security
Sophos Benelux
 
Ad

Similar to Big data security challenges and recommendations! (20)

PPTX
Security issues in big data
Shallote Dsouza
 
PDF
Five_Big_Data_Security_Pitfalls
Laris Orman
 
PDF
IRJET- Big Data Privacy and Security Challenges in Industries
IRJET Journal
 
PDF
Keith prabhu global high on cloud summit
administrator_confidis
 
PDF
Security for Big Data
Joey Jablonski
 
PPTX
Real callenges in big data security
balasahebcomp
 
PDF
Big Data - Cyberroot Risk Advisory
CR Group
 
PPTX
Big data in term of security measure
Yaakub Idris
 
DOCX
Handling and Analyzing Big Data_ A Professional Guide
javedmileiahmed
 
PDF
BIG DATA
Dr. Shashank Shetty
 
PPTX
Generating actionable consumer insights from analytics
Mohammad Shazri Shahrir
 
PDF
Big data analysis concepts and references by Cloud Security Alliance
Information Security Awareness Group
 
PDF
Data Analytics Governance and Ethics
HPCC Systems
 
PDF
Big Data & Security Have Collided - What Are You Going to do About It?
EMC
 
PDF
Big Data Everywhere Chicago: The Big Data Imperative -- Discovering & Protect...
BigDataEverywhere
 
PPTX
Innovation Without Compromise: The Challenges of Securing Big Data
Cloudera, Inc.
 
PPTX
Dev Lakhani, Data Scientist at Batch Insights "Real Time Big Data Applicatio...
Dataconomy Media
 
PDF
BDW16 London - Deenar Toraskar, Think Reactive - Fast Data Key to Efficient C...
Big Data Week
 
PPTX
ppt about big data analysis in the indusry
PheoNix35
 
PPTX
21312312312ppt about big data analysis in the indusry.pptx
PheoNix35
 
Security issues in big data
Shallote Dsouza
 
Five_Big_Data_Security_Pitfalls
Laris Orman
 
IRJET- Big Data Privacy and Security Challenges in Industries
IRJET Journal
 
Keith prabhu global high on cloud summit
administrator_confidis
 
Security for Big Data
Joey Jablonski
 
Real callenges in big data security
balasahebcomp
 
Big Data - Cyberroot Risk Advisory
CR Group
 
Big data in term of security measure
Yaakub Idris
 
Handling and Analyzing Big Data_ A Professional Guide
javedmileiahmed
 
BIG DATA
Dr. Shashank Shetty
 
Generating actionable consumer insights from analytics
Mohammad Shazri Shahrir
 
Big data analysis concepts and references by Cloud Security Alliance
Information Security Awareness Group
 
Data Analytics Governance and Ethics
HPCC Systems
 
Big Data & Security Have Collided - What Are You Going to do About It?
EMC
 
Big Data Everywhere Chicago: The Big Data Imperative -- Discovering & Protect...
BigDataEverywhere
 
Innovation Without Compromise: The Challenges of Securing Big Data
Cloudera, Inc.
 
Dev Lakhani, Data Scientist at Batch Insights "Real Time Big Data Applicatio...
Dataconomy Media
 
BDW16 London - Deenar Toraskar, Think Reactive - Fast Data Key to Efficient C...
Big Data Week
 
ppt about big data analysis in the indusry
PheoNix35
 
21312312312ppt about big data analysis in the indusry.pptx
PheoNix35
 

Recently uploaded (20)

PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PDF
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
PPTX
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
PDF
KodekX | Application Modernization Development
KodekX
 
PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
PPTX
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
PPTX
breach-and-attack-simulation-cybersecurity-india-chennai-defenderrabbit-2025....
defencerabbit Team
 
PPTX
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PDF
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
PDF
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
 
PDF
solutions_manual_-_materials___processing_in_manufacturing__demargo_.pdf
AbdullahSani29
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
Approach and Philosophy of On baking technology
30anthuong17
 
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
KodekX | Application Modernization Development
KodekX
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
breach-and-attack-simulation-cybersecurity-india-chennai-defenderrabbit-2025....
defencerabbit Team
 
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
 
solutions_manual_-_materials___processing_in_manufacturing__demargo_.pdf
AbdullahSani29
 
Cloud computing and distributed systems.
kkkkkhan
 

Big data security challenges and recommendations!

  • 1. Big Data Security Top 5 Security Risks and Best Practices Jitendra Chauhan Head R&D, iViZ Security jitendra.chauhan@gmail.com
  • 2. Agenda • Key Insights of Big Data Architecture • Top 5 Big Data Security Risks • Top 5 Best Practices
  • 3. Key Insights of Big Data Architecture
  • 4. Distributed Architecture (Hadoop as example) Data Partition, Replication and Distribution Auto-tiering Move the Code
  • 5. Real Time, Streaming and Continuous ComputationIntegration Patterns Real time Variety of Input Sources Adhoc Queries
  • 6. Parallel & Powerful Programming Framework Example: • 16TB Data • 128 MB Chunks • 82000 Maps Java vs SQL / PLSQL Frameworks: • MapReduce • Storm Topology (Spouts & Bolts)
  • 7. Big Data Architecture No Single Silver Bullet • Hadoop is already unsuitable for many Big data problems • Real-time analytics • Cloudscale, Storm • Graph computation o Giraph and Pregel (Some examples graph computation are Shortest Paths, Degree of Separation etc.) • Low latency queries o Dremel
  • 9. Insecure Computation Sensitive Info • Information Leak • Data Corruption • DoS Health Data Untrusted Computation program
  • 10. Input Validation and Filtering • Input Validation o What kind of data is untrusted? o What are the untrusted data sources? • Data Filtering o Filter Rogue or malicious data • Challenges o GBs or TBs continuous data o Signature based data filtering has limitations  How to filter Behavior aspect of data?
  • 11. Granular Access Controls • Designed for Performance, almost no security in mind • Security in Big Data still ongoing research • Table, Row or Cell level access control gone missing • Adhoc Queries poses additional challenges • Access Control is disabled by default
  • 12. Insecure Data Storage • Data at various nodes, Authentication, Authorization & Encryption is challenging • Autotiering moves cold data to lesser secure medium o What if cold data is sensitive? • Encryption of Real time data can have performance impacts • Secure communication among nodes, middleware and end users are disabled by default
  • 13. Privacy Concerns in Data Mining and Analytics • Monetization of Big Data generally involves Data Mining and Analytics • Sharing of Results involve multiple challenges o Invasion of Privacy o Invasive Marketing o Unintentional Disclosure of Information • Examples o AOL release of Anonymzed search logs, Users can easily be identified o Netflix faced a similar problem
  • 14. Top 5 Best Practices • Secure your Computation Code • Implement access control, code signing, dynamic analysis of computational code • Strategy to prevent data in case of untrusted code • Implement Comprehensive Input Validation and Filtering • Implement validation and filtering of input data, from internal or external sources • Evaluate input validation filtering of your Big Data solution
  • 15. Top 5 Best Practices • Implement Granular Access Control • Review Role and Privilege Matrix • Review permission to execute Adhoc queries • Enable Access Control • Secure your Data Storage and Computation • Sensitive Data should be segregated • Enable Data encryption for sensitive data • Audit Administrative Access on Data Nodes • API Security
  • 16. Top 5 Best Practices • Review and Implement Privacy Preserving Data Mining and Analytics • Analytics data should not disclose sensitive information • Get the Big Data Audited
  • 18. Big Data Architecture Key Insights • Distributed Architecture & Auto Tiering • Real Time, Streaming and Continuous Computation • Adhoc Queries • Parallel and Powerful Computation Language • Move the Code, Not the data • Non Relational Data • Variety of Input Sources
  • 19. Top 5 Security Risks • Insecure Computation • End Point Input Validation and Filtering • Granular Access Control • Insecure Data Storage and Communication • Privacy Preserving Data Mining and Analytics

Editor's Notes

  • #5: Partitioned, Distributed and Replicated among multiple Data Nodes 1000,s of Data nodes Autotiering: Moving hottest data to high performance drive, coldest data to low performance, less secure drive