David valovcin big data - big risk
Download as PPTX, PDF2 likes1,007 views
This document discusses the security risks of big data and how to protect sensitive information. It notes that while big data provides opportunities, it also poses big security risks if data is breached. It recommends asking key questions about data discovery, classification, access controls and monitoring to help secure data. The document also describes IBM tools like InfoSphere Guardium that can help organizations monitor user activity, detect anomalies and protect sensitive data in both traditional and big data environments.
David valovcin big data - big risk
- 1. © 2014 IBM Corporation October 2014 Big Data – Big Risk How do you protect your sensitive data? David Valovcin dvalovcin@us.ibm.com
- 2. A New Era of Smart The Big Data opportunity comes with big security risks What is big data? Requirement: All kinds of data Large volumes Valuable insight, but difficult to extract Often extremely time sensitive Extracting insight from an immense volume, variety and velocity of data, in a timely and cost-effective manner. • What kind of information is stored in big data? • Who’s watching big data access? • How do you ensure compliance? • Security is the key to enabling enterprise rollouts of big data • If it’s not secure, it can be breached. 2 © 2014 IBM Corporation
- 3. A New Era of Smart Data breaches are in the news every week A “Fear Factor” is causing some orgs to hold back on new mobile, cloud, and big data initiatives Data-breach costs take toll on Target profit … its profit in the fourth quarter fell 46 percent on a revenue decline of 5.3 percent as the breach scared off customers worried about the security of their private data. Canadian Breach: Sorting Out the Cause Gaps in carrying out security policies led Account to the exposure of Takeover: 583,000 records Bank Faces last year at Two Suits Employment and Social Development totaling $1.5 million Canada, Health Breach Tally: 30 Million Victims More than 30.6 million individuals have been affected by major healthcare data breaches since September 2009 in allegedly fraudulent wires 3 © 2014 IBM Corporation
- 4. A New Era of Smart Risks are increasing . . . 4 © 2014 IBM Corporation
- 5. A New Era of Smart 5 © 2014 IBM Corporation
- 6. A New Era of Smart 6 © 2014 IBM Corporation
- 7. A New Era of Smart Time span of events by percent of breaches http://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012_en_xg.pdf?CMP=DMC-SMB_Z_ZZ_ZZ_Z_TV_N_Z038 7 © 2014 IBM Corporation 7 Minutes to compromise, months to discover & remediate Time span of events by percent of breaches
- 8. A New Era of Smart Compliance – many regulations both internal & external 8 © 2014 IBM Corporation 8
- 9. A New Era of Smart Key drivers for data security can be compliance HIPAA Health Insurance Portability and Accountability Act. The Privacy Rule and Security Rule specifies protections of sensitive patient information. PCI-DSS Payment Care Industry Data Security Standard. Technical and operational requirements to protect cardholder data. SOX Sarbanes-Oxley Act. Response to financial fraud, most concerned with financial data integrity and transparency. 9 © 2014 IBM Corporation
- 10. A New Era of Smart 10 © 2014 IBM Corporation
- 11. A New Era of Smart Key questions to ask . . . Discovery Classification Dormant Data Security Policies Dormant Entitlements Discover Harden Assess Monitor Report Where is the sensitive data? Alerting Outliers How to prevent unauthorized activities? Identity & Access Masking/ Assessment Encryption How to protect sensitive data to reduce risk? How to secure the repository? Management Activity Monitoring Who should have access? What is actually happening? Compliance Reporting & Security Alerts Data Protection & Enforcement 11 © 2014 IBM Corporation
- 12. A New Era of Smart Security and compliance concerns in Big Data environments Structured Unstructured Streaming Big Data Platform • Who is running big data requests? • What is being accessed? • Is there an exceptional number of file permission exceptions? • Are these jobs part of an authorized program list accessing the data? • Has some new query application been developed that you were previously unaware existed (extracting sensitive data)? Hadoop Cluster Clients 12 © 2014 IBM Corporation
- 13. A New Era of Smart InfoSphere Data Privacy for Hadoop Define and share big data project blueprints, data definitions Discover and classify sensitive big data Mask and redact sensitive data within and for Hadoop systems Monitor Hadoop Data Activity Big Data Repositories Analytics Information Ingestion and Integration Real-time Analytics Data Exploration Archive Data Exploration Enterprise Warehouse Data Marts Information Governance, Security and Business Continuity Sources Structured Unstructured Streaming Cognitive Learn Dynamically? Prescriptive Best Outcomes? Predictive What Could Happen? Descriptive What Has Happened? Exploration and Discovery What Do You Have? InfoSphere BigInsights 13 © 2014 IBM Corporation
- 14. A New Era of Smart Real-time data activity monitoring for security & compliance Continuous, policy-based, real-time monitoring of all data traffic activities Database infrastructure scanning for vulnerabilities and mis-configured privileges Data protection compliance automation Data nodes (databases, warehouses, file shares, Big Data) Host-based probes (S-TAPs) Key Characteristics Non-invasive/disruptive, cross-platform architecture Minimal performance impact Prepackaged vulnerability knowledge base and compliance reports Detect or block unauthorized & suspicious activity Granular, real-time policies – who, what when & how Dynamically scalable 100% visibility into data transactions Collector Appliance 14 © 2014 IBM Corporation
- 15. A New Era of Smart Extend real-time data activity monitoring across Big Data environments InfoSphere BigInsights DATABASES D ATAB AS E Exadata FTP HANA Optim Archival Siebel, PeopleSoft, E-Business Master Data Management Data Stage CICS InfoSphere Guardium 15 © 2014 IBM Corporation
- 16. A New Era of Smart IBM InfoSphere Guardium Open Task Launcher View Find, view, and filter information about monitored objects, systems, and users. Learn More Audit Trail Summary HR/PROD/Europe View More Filters Tasks Apply Where Group: HR/Prod/Europe Server: 15 Database: 189 Object: Select object Outliers tab shows the summary over time What Policy: PCI Rule: Select rule Error: Select type SQL: Select type Who User ID: Select user id Group: Select group Role: Select role Grantor: Select grantor When History: 3 Hours Start: Select date / time End: Select date / time Summary Details Outliers Errors Alerts Violations Report 16 © 2014 IBM Corporation
- 17. A New Era of Smart Report: Identify unauthorized jobs Unauthorized program! Predefined and customizable reports 17 © 2014 IBM Corporation
- 18. A New Era of Smart Guardium integrates with IT Infrastructure for seamless operations Directory Services (Active Directory, LDAP, TDS, etc) SIEM (IBM QRadar, Arcsight, RSA Envision, etc) SNMP Dashboards (Tivoli Netcool, HP Openview, etc) Change Ticketing Systems (Tivoli Request Mgr, Remedy, Peregrine, etc) Vulnerability Standards (CVE, STIG, CIS Benchmark, SCAP) Authentication (RSA SecurID, Radius, Kerberos, LDAP) Data Classification and Leak Protection (Credit Card, Social Security, phone, custom, etc) Security Management Platforms (IBM QRadar, McAfee ePO ) Application Servers (IBM Websphere, IBM Cognos, Oracle EBS, SAP, Siebel, Peoplesoft, etc ) Web Application Firewalls (F5 ASM) Long Term Storage (IBM TSM, IBM Nettezza, EMC Centera, FTP, SCP, Optim Archive etc) Send Alerts (CEF, CSV, Syslog, etc) Send Events • STAP Software Deployment (IBM Tivoli Provisioning Manager, RPM, Native Distributions) 18 © 2014 IBM Corporation
- 19. A New Era of Smart 19 19 © 2014 IBM Corporation
- 20. A New Era of Smart Learn more about protecting Big Data and removing risk Schedule a Client Value Engagement (CVE) at no cost to you • Business and IT: Narrow the communication gap • Easy to follow programmatic client-centric approach – determine possible benefits from solution • Fast time to completion: Less than a weeks– deliverables easy to follow and understand Visit a lab for a deeper dive with our Product Managers and R&D teams • In-depth technical discussions & product demonstrations • Product roadmap discussions; get the latest on innovations and research • Collaborate with our best experts on your problems and potential solutions Visit the web for more about InfoSphere solutions • Understanding and selecting data masking solutions • Understanding encryption requirements of PCI DSS • Managing compliance to protect enterprise data • Top tips for security big data environments • Three guiding principals to improve data security You Tube: InfoSphere Guardium @IBM_Guardium 20 © 2014 IBM Corporation
- 21. © 2014 IBM Corporation Thank You David Valovcin dvalovcin@us.ibm.com