the security of big data: an enterprise perspective
DESCRIPTION
Everyone knows that there are risks associated with moving enterprise data to a Cloud and everyone knows the huge potential that the analytics of Big Data can bring especially when using the Cloud, but what happens when these two converge. The presentation will discuss some of the security and privacy challenges associated with Big Data in the Cloud and will present a number of key initiatives that the ODCA have done to support enterprises that wish to take this step. To listen to the webinar based on this presentation with audio please visit the ODCA BrightTalk channel: https://www.brighttalk.com/webcast/9831/109843TRANSCRIPT
![Page 1: The Security of Big Data: An Enterprise Perspective](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b6d41d4a79596f468b4723/html5/thumbnails/1.jpg)
BIG DATA, CLOUD, SECURITY, AND ODCA USAGE MODELS
Ian LamontBMW AG
![Page 2: The Security of Big Data: An Enterprise Perspective](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b6d41d4a79596f468b4723/html5/thumbnails/2.jpg)
ODCA Big Data and Security Seminar | 2
BIG DATA (WIKIPEDIA)
Big Data is the term for a collection of data sets
so large that it becomes difficult to process
using hands-on database management tools
and processing applications. The challenges
include capture, curation, storage, search,
sharing, transfer, analysis, and visualisation.
![Page 3: The Security of Big Data: An Enterprise Perspective](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b6d41d4a79596f468b4723/html5/thumbnails/3.jpg)
ODCA Big Data and Security Seminar | 3
CHALLENGES
• Privacy (particularly in Europe)- Security- Valid and fair usage- Right to be forgotten- Jurisdiction
![Page 4: The Security of Big Data: An Enterprise Perspective](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b6d41d4a79596f468b4723/html5/thumbnails/4.jpg)
ODCA Big Data and Security Seminar | 4
BIG DATA (WIKIPEDIA)
Big Data is the term for a collection of data sets
so large that it becomes difficult to process
using hands-on database management tools
and processing applications. The challenges
include capture, curation, storage, search,
sharing, transfer, analysis, and visualisation.
![Page 5: The Security of Big Data: An Enterprise Perspective](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b6d41d4a79596f468b4723/html5/thumbnails/5.jpg)
ODCA Big Data and Security Seminar | 5
BIG DATA SECURITY
![Page 6: The Security of Big Data: An Enterprise Perspective](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b6d41d4a79596f468b4723/html5/thumbnails/6.jpg)
ODCA Big Data and Security Seminar | 6
PLATFORM SECURITY
• Provider Assurance Usage Model- Provides standard definitions of
Security for Cloud Services- Bronze, Silver, Gold, and Platinum.- Mirror internal security levels to
external requirements.
![Page 7: The Security of Big Data: An Enterprise Perspective](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b6d41d4a79596f468b4723/html5/thumbnails/7.jpg)
ODCA Big Data and Security Seminar | 7
NETWORK AND FIREWALL ISOLATION
Network segregation and firewalls are required to protect all assets managed in the cloud. The level of involvement of the cloud provider in the management of firewall rule sets will vary depending on the level of service offered.
BronzeThe firewall rule sets are managed by the cloud provider with no direct involvement of the cloud subscriber.
SilverThe firewall rule sets are managed by the cloud provider with changes advised to the cloud subscriber before implementation. The cloud provider should offer network segmentation between logical tiers.
Gold
The firewall rule sets are managed by the cloud subscriber. The cloud provider retains access to the firewall at the administrator level in order to provide system maintenance. The cloud provider must offer network segmentation between logical tiers and should offer Layer-7 protection to prevent application-level attacks.
PlatinumThe cloud provider has no access to firewalls. All admin tasks including rule updates are managed by the cloud subscriber. The cloud provider must offer network segregation between logical tiers and Layer-7 protection to prevent application-level attacks.
![Page 8: The Security of Big Data: An Enterprise Perspective](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b6d41d4a79596f468b4723/html5/thumbnails/8.jpg)
ODCA Big Data and Security Seminar | 8
VULNERABILITY MANAGEMENT
A vulnerability management process that ensures installation of system and software patches within the targets is identified below. The test process must ensure proper function of the patch and compatibility to the actual target systems with no negative impact on resource utilization (i.e., memory and CPU consumption).
BronzeVulnerabilities with a basic Common Vulnerability Scoring System (CVSS) score of greater than 9 (or those rated as High by Microsoft or other vendors) must be patched within 96 hours; all others within 1 month.
SilverVulnerabilities with a basic CVSS score of greater than 5 (or those rated as Medium or High by Microsoft or other vendors) must be patched within 96 hours; all others within 1 month.
GoldVulnerabilities with a basic CVSS score of greater than 2 (or those rated as Low, Medium, or High by Microsoft or other vendors) must be patched within 96 hours; all others within 1 month.
Platinum All vulnerabilities must be patched within 24 hours of their release by the vendor.
![Page 9: The Security of Big Data: An Enterprise Perspective](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b6d41d4a79596f468b4723/html5/thumbnails/9.jpg)
ODCA Big Data and Security Seminar | 9
PLATFORM SECURITY
![Page 10: The Security of Big Data: An Enterprise Perspective](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b6d41d4a79596f468b4723/html5/thumbnails/10.jpg)
ODCA Big Data and Security Seminar | 10
BIG DATA SECURITY
![Page 11: The Security of Big Data: An Enterprise Perspective](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b6d41d4a79596f468b4723/html5/thumbnails/11.jpg)
ODCA Big Data and Security Seminar | 11
DATA SECURITY
• Encryption- Data at Rest- Data in Transit
• Data Masking- Anonymization and Pseudonymization
• Access Methods- User type profiling
• Backup, Restore, and Archiving
![Page 12: The Security of Big Data: An Enterprise Perspective](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b6d41d4a79596f468b4723/html5/thumbnails/12.jpg)
ODCA Big Data and Security Seminar | 12
DATA LIFECYCLE
![Page 13: The Security of Big Data: An Enterprise Perspective](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b6d41d4a79596f468b4723/html5/thumbnails/13.jpg)
ODCA Big Data and Security Seminar | 13
ACCESS POINTS
![Page 14: The Security of Big Data: An Enterprise Perspective](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b6d41d4a79596f468b4723/html5/thumbnails/14.jpg)
ODCA Big Data and Security Seminar | 14
DATA FLOW 1
![Page 15: The Security of Big Data: An Enterprise Perspective](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b6d41d4a79596f468b4723/html5/thumbnails/15.jpg)
ODCA Big Data and Security Seminar | 15
DATA FLOW 2
![Page 16: The Security of Big Data: An Enterprise Perspective](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b6d41d4a79596f468b4723/html5/thumbnails/16.jpg)
ODCA Big Data and Security Seminar | 16
IDENTITY AND ACCESS MANAGEMENT
• Identity Provisioning• Governance and Auditing• Privileged User Access• Single Sign On
![Page 17: The Security of Big Data: An Enterprise Perspective](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b6d41d4a79596f468b4723/html5/thumbnails/17.jpg)
ODCA Big Data and Security Seminar | 17
IDM BASIC MODEL
![Page 18: The Security of Big Data: An Enterprise Perspective](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b6d41d4a79596f468b4723/html5/thumbnails/18.jpg)
ODCA Big Data and Security Seminar | 18
IDM CLOUD MODEL
![Page 19: The Security of Big Data: An Enterprise Perspective](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b6d41d4a79596f468b4723/html5/thumbnails/19.jpg)
ODCA Big Data and Security Seminar | 19
IDM GOVERNANCE
![Page 20: The Security of Big Data: An Enterprise Perspective](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b6d41d4a79596f468b4723/html5/thumbnails/20.jpg)
ODCA Big Data and Security Seminar | 20
OTHER ODCA COLLATERAL
• Security Monitoring• Interoperability• Guide to• SaaS Interoperability• Information as a Service• also Data Mgmt for Info_aaS• and much more ……
![Page 21: The Security of Big Data: An Enterprise Perspective](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b6d41d4a79596f468b4723/html5/thumbnails/21.jpg)
ODCA Big Data and Security Seminar | 21
OTHER PROBLEMS / CHALLENGES !!!
• e-Discovery (UM coming soonish)• Data Ownership• plus anything else you can think of !
![Page 22: The Security of Big Data: An Enterprise Perspective](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b6d41d4a79596f468b4723/html5/thumbnails/22.jpg)
ODCA Big Data and Security Seminar | 22
StandardizedResponse Checklists
Accelerate TTM
Shared Practices Drive Scale
Streamlined Requirements
Accelerate Adoption
Available to Members at: www.opendatacenteralliance.org
URL for Public content: www.opendatacenteralliance.org
MORE INFORMATION AND ASSETS
![Page 23: The Security of Big Data: An Enterprise Perspective](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b6d41d4a79596f468b4723/html5/thumbnails/23.jpg)
ODCA Big Data and Security Seminar | 23
Go forth (securely) and Big Data
QUESTIONS
Artist: Thierry Gregorius
![Page 24: The Security of Big Data: An Enterprise Perspective](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b6d41d4a79596f468b4723/html5/thumbnails/24.jpg)
ODCA Big Data and Security Seminar | 24
Thank you KiitosMerci
Gracias
Danke
GrazieArigato Gozaimas
www.opendatacenteralliance.org