SlideShare a Scribd company logo

Big data security challenges and recommendations!

C
cisoplatform

What will you learn: - Key Insights on Existing Big Data Architecture - Unique Security Risks and Vulnerabilities of Big Data Technologies - Top 5 Solutions to mitigate these security challenges

Technology
1 of 19
Big Data Security Top 5 Security Risks and Best Practices Jitendra Chauhan Head R&D, iViZ Security jitendra.chauhan@gmail.com
Agenda • Key Insights of Big Data Architecture • Top 5 Big Data Security Risks • Top 5 Best Practices
Key Insights of Big Data Architecture
Distributed Architecture (Hadoop as example) Data Partition, Replication and Distribution Auto-tiering Move the Code
Real Time, Streaming and Continuous ComputationIntegration Patterns Real time Variety of Input Sources Adhoc Queries
Parallel & Powerful Programming Framework Example: • 16TB Data • 128 MB Chunks • 82000 Maps Java vs SQL / PLSQL Frameworks: • MapReduce • Storm Topology (Spouts & Bolts)
Big Data Architecture No Single Silver Bullet • Hadoop is already unsuitable for many Big data problems • Real-time analytics • Cloudscale, Storm • Graph computation o Giraph and Pregel (Some examples graph computation are Shortest Paths, Degree of Separation etc.) • Low latency queries o Dremel
Top 5 Security Risks
Insecure Computation Sensitive Info • Information Leak • Data Corruption • DoS Health Data Untrusted Computation program
Input Validation and Filtering • Input Validation o What kind of data is untrusted? o What are the untrusted data sources? • Data Filtering o Filter Rogue or malicious data • Challenges o GBs or TBs continuous data o Signature based data filtering has limitations  How to filter Behavior aspect of data?
Granular Access Controls • Designed for Performance, almost no security in mind • Security in Big Data still ongoing research • Table, Row or Cell level access control gone missing • Adhoc Queries poses additional challenges • Access Control is disabled by default
Insecure Data Storage • Data at various nodes, Authentication, Authorization & Encryption is challenging • Autotiering moves cold data to lesser secure medium o What if cold data is sensitive? • Encryption of Real time data can have performance impacts • Secure communication among nodes, middleware and end users are disabled by default
Privacy Concerns in Data Mining and Analytics • Monetization of Big Data generally involves Data Mining and Analytics • Sharing of Results involve multiple challenges o Invasion of Privacy o Invasive Marketing o Unintentional Disclosure of Information • Examples o AOL release of Anonymzed search logs, Users can easily be identified o Netflix faced a similar problem
Top 5 Best Practices • Secure your Computation Code • Implement access control, code signing, dynamic analysis of computational code • Strategy to prevent data in case of untrusted code • Implement Comprehensive Input Validation and Filtering • Implement validation and filtering of input data, from internal or external sources • Evaluate input validation filtering of your Big Data solution
Top 5 Best Practices • Implement Granular Access Control • Review Role and Privilege Matrix • Review permission to execute Adhoc queries • Enable Access Control • Secure your Data Storage and Computation • Sensitive Data should be segregated • Enable Data encryption for sensitive data • Audit Administrative Access on Data Nodes • API Security
Top 5 Best Practices • Review and Implement Privacy Preserving Data Mining and Analytics • Analytics data should not disclose sensitive information • Get the Big Data Audited
Thank You jitendra.chauhan@ivizsecurity.com http://www.ivizsecurity.com/blog/
Big Data Architecture Key Insights • Distributed Architecture & Auto Tiering • Real Time, Streaming and Continuous Computation • Adhoc Queries • Parallel and Powerful Computation Language • Move the Code, Not the data • Non Relational Data • Variety of Input Sources
Top 5 Security Risks • Insecure Computation • End Point Input Validation and Filtering • Granular Access Control • Insecure Data Storage and Communication • Privacy Preserving Data Mining and Analytics

Recommended

Security bigdata
Security bigdataSecurity bigdata
Security bigdataJitendra Chauhan
 
Big data security the perfect storm
Big data security the perfect stormBig data security the perfect storm
Big data security the perfect stormUlf Mattsson
 
Information Security in Big Data : Privacy and Data Mining
Information Security in Big Data : Privacy and Data MiningInformation Security in Big Data : Privacy and Data Mining
Information Security in Big Data : Privacy and Data Miningwanani181
 
Information security in big data -privacy and data mining
Information security in big data -privacy and data miningInformation security in big data -privacy and data mining
Information security in big data -privacy and data miningharithavijay94
 
Big Data Security Analytics (BDSA) with Randy Franklin
Big Data Security Analytics (BDSA) with Randy FranklinBig Data Security Analytics (BDSA) with Randy Franklin
Big Data Security Analytics (BDSA) with Randy FranklinSridhar Karnam
 
Security issues associated with big data in cloud
Security issues associated with big data in cloudSecurity issues associated with big data in cloud
Security issues associated with big data in cloudsornalathaNatarajan
 
A Little Security For Big Data
A Little Security For Big DataA Little Security For Big Data
A Little Security For Big DataSaurabh Kheni
 
The REAL Impact of Big Data on Privacy
The REAL Impact of Big Data on PrivacyThe REAL Impact of Big Data on Privacy
The REAL Impact of Big Data on PrivacyClaudiu Popa
 

Recommended

Security bigdata
Security bigdataSecurity bigdata
Security bigdataJitendra Chauhan
 
Big data security the perfect storm
Big data security the perfect stormBig data security the perfect storm
Big data security the perfect stormUlf Mattsson
 
Information Security in Big Data : Privacy and Data Mining
Information Security in Big Data : Privacy and Data MiningInformation Security in Big Data : Privacy and Data Mining
Information Security in Big Data : Privacy and Data Miningwanani181
 
Information security in big data -privacy and data mining
Information security in big data -privacy and data miningInformation security in big data -privacy and data mining
Information security in big data -privacy and data miningharithavijay94
 
Big Data Security Analytics (BDSA) with Randy Franklin
Big Data Security Analytics (BDSA) with Randy FranklinBig Data Security Analytics (BDSA) with Randy Franklin
Big Data Security Analytics (BDSA) with Randy FranklinSridhar Karnam
 
Security issues associated with big data in cloud
Security issues associated with big data in cloudSecurity issues associated with big data in cloud
Security issues associated with big data in cloudsornalathaNatarajan
 
A Little Security For Big Data
A Little Security For Big DataA Little Security For Big Data
A Little Security For Big DataSaurabh Kheni
 
The REAL Impact of Big Data on Privacy
The REAL Impact of Big Data on PrivacyThe REAL Impact of Big Data on Privacy
The REAL Impact of Big Data on PrivacyClaudiu Popa
 
Big Data Meets Privacy:De-identification Maturity Model for Benchmarking and ...
Big Data Meets Privacy:De-identification Maturity Model for Benchmarking and ...Big Data Meets Privacy:De-identification Maturity Model for Benchmarking and ...
Big Data Meets Privacy:De-identification Maturity Model for Benchmarking and ...Khaled El Emam
 
Expanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challengesExpanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challengesTom Kirby
 
Solve Big Data Security Issues
Solve Big Data Security IssuesSolve Big Data Security Issues
Solve Big Data Security IssuesEditor IJCATR
 
Big Data (security Issue)
Big Data (security Issue)Big Data (security Issue)
Big Data (security Issue)Export Promotion Bureau
 
Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)Peter Wood
 
Big Data Security and Governance
Big Data Security and GovernanceBig Data Security and Governance
Big Data Security and GovernanceDataWorks Summit/Hadoop Summit
 
Atlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf MattssonAtlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf MattssonUlf Mattsson
 
Network Security‬ and Big ‪‎Data Analytics‬
Network Security‬ and Big ‪‎Data Analytics‬Network Security‬ and Big ‪‎Data Analytics‬
Network Security‬ and Big ‪‎Data Analytics‬Allot Communications
 
Security and Audit for Big Data
Security and Audit for Big DataSecurity and Audit for Big Data
Security and Audit for Big DataNicolas Morales
 
Threat Ready Data: Protect Data from the Inside and the Outside
Threat Ready Data: Protect Data from the Inside and the OutsideThreat Ready Data: Protect Data from the Inside and the Outside
Threat Ready Data: Protect Data from the Inside and the OutsideDLT Solutions
 
Hadoop and Big Data Security
Hadoop and Big Data SecurityHadoop and Big Data Security
Hadoop and Big Data SecurityChicago Hadoop Users Group
 
Big Data Analytics to Enhance Security
Big Data Analytics to Enhance SecurityBig Data Analytics to Enhance Security
Big Data Analytics to Enhance SecurityData Science Thailand
 
Security Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to KnowSecurity Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to KnowMapR Technologies
 
To Serve and Protect: Making Sense of Hadoop Security
To Serve and Protect: Making Sense of Hadoop Security To Serve and Protect: Making Sense of Hadoop Security
To Serve and Protect: Making Sense of Hadoop Security Inside Analysis
 
Data Leakage Presentation
Data Leakage PresentationData Leakage Presentation
Data Leakage PresentationMike Spaulding
 
Privacy and Security by Design
Privacy and Security by DesignPrivacy and Security by Design
Privacy and Security by DesignUnisys Corporation
 
The Definitive Guide to Data Loss Prevention
The Definitive Guide to Data Loss PreventionThe Definitive Guide to Data Loss Prevention
The Definitive Guide to Data Loss PreventionDigital Guardian
 
Security and privacy of cloud data: what you need to know (Interop)
Security and privacy of cloud data: what you need to know (Interop)Security and privacy of cloud data: what you need to know (Interop)
Security and privacy of cloud data: what you need to know (Interop)Druva
 
Privacy Secrets Your Systems May Be Telling
Privacy Secrets Your Systems May Be TellingPrivacy Secrets Your Systems May Be Telling
Privacy Secrets Your Systems May Be TellingRebecca Leitch
 
Big Data Security with Hadoop
Big Data Security with HadoopBig Data Security with Hadoop
Big Data Security with HadoopCloudera, Inc.
 
Cyber crime and security ppt
Cyber crime and security pptCyber crime and security ppt
Cyber crime and security pptLipsita Behera
 
Big data
Big dataBig data
Big dataPalash Jain
 

More Related Content

What's hot

Big Data Meets Privacy:De-identification Maturity Model for Benchmarking and ...
Big Data Meets Privacy:De-identification Maturity Model for Benchmarking and ...Big Data Meets Privacy:De-identification Maturity Model for Benchmarking and ...
Big Data Meets Privacy:De-identification Maturity Model for Benchmarking and ...Khaled El Emam
 
Expanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challengesExpanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challengesTom Kirby
 
Solve Big Data Security Issues
Solve Big Data Security IssuesSolve Big Data Security Issues
Solve Big Data Security IssuesEditor IJCATR
 
Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)Peter Wood
 
Atlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf MattssonAtlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf MattssonUlf Mattsson
 
Network Security‬ and Big ‪‎Data Analytics‬
Network Security‬ and Big ‪‎Data Analytics‬Network Security‬ and Big ‪‎Data Analytics‬
Network Security‬ and Big ‪‎Data Analytics‬Allot Communications
 
Security and Audit for Big Data
Security and Audit for Big DataSecurity and Audit for Big Data
Security and Audit for Big DataNicolas Morales
 
Threat Ready Data: Protect Data from the Inside and the Outside
Threat Ready Data: Protect Data from the Inside and the OutsideThreat Ready Data: Protect Data from the Inside and the Outside
Threat Ready Data: Protect Data from the Inside and the OutsideDLT Solutions
 
Big Data Analytics to Enhance Security
Big Data Analytics to Enhance SecurityBig Data Analytics to Enhance Security
Big Data Analytics to Enhance SecurityData Science Thailand
 
Security Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to KnowSecurity Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to KnowMapR Technologies
 
To Serve and Protect: Making Sense of Hadoop Security
To Serve and Protect: Making Sense of Hadoop Security To Serve and Protect: Making Sense of Hadoop Security
To Serve and Protect: Making Sense of Hadoop Security Inside Analysis
 
Data Leakage Presentation
Data Leakage PresentationData Leakage Presentation
Data Leakage PresentationMike Spaulding
 
Privacy and Security by Design
Privacy and Security by DesignPrivacy and Security by Design
Privacy and Security by DesignUnisys Corporation
 
The Definitive Guide to Data Loss Prevention
The Definitive Guide to Data Loss PreventionThe Definitive Guide to Data Loss Prevention
The Definitive Guide to Data Loss PreventionDigital Guardian
 
Security and privacy of cloud data: what you need to know (Interop)
Security and privacy of cloud data: what you need to know (Interop)Security and privacy of cloud data: what you need to know (Interop)
Security and privacy of cloud data: what you need to know (Interop)Druva
 
Privacy Secrets Your Systems May Be Telling
Privacy Secrets Your Systems May Be TellingPrivacy Secrets Your Systems May Be Telling
Privacy Secrets Your Systems May Be TellingRebecca Leitch
 

What's hot (19)

Big Data Meets Privacy:De-identification Maturity Model for Benchmarking and ...
Big Data Meets Privacy:De-identification Maturity Model for Benchmarking and ...Big Data Meets Privacy:De-identification Maturity Model for Benchmarking and ...
Big Data Meets Privacy:De-identification Maturity Model for Benchmarking and ...
 
Expanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challengesExpanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challenges
 
Solve Big Data Security Issues
Solve Big Data Security IssuesSolve Big Data Security Issues
Solve Big Data Security Issues
 
Big Data (security Issue)
Big Data (security Issue)Big Data (security Issue)
Big Data (security Issue)
 
Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)
 
Big Data Security and Governance
Big Data Security and GovernanceBig Data Security and Governance
Big Data Security and Governance
 
Atlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf MattssonAtlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
 
Network Security‬ and Big ‪‎Data Analytics‬
Network Security‬ and Big ‪‎Data Analytics‬Network Security‬ and Big ‪‎Data Analytics‬
Network Security‬ and Big ‪‎Data Analytics‬
 
Security and Audit for Big Data
Security and Audit for Big DataSecurity and Audit for Big Data
Security and Audit for Big Data
 
Threat Ready Data: Protect Data from the Inside and the Outside
Threat Ready Data: Protect Data from the Inside and the OutsideThreat Ready Data: Protect Data from the Inside and the Outside
Threat Ready Data: Protect Data from the Inside and the Outside
 
Hadoop and Big Data Security
Hadoop and Big Data SecurityHadoop and Big Data Security
Hadoop and Big Data Security
 
Big Data Analytics to Enhance Security
Big Data Analytics to Enhance SecurityBig Data Analytics to Enhance Security
Big Data Analytics to Enhance Security
 
Security Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to KnowSecurity Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to Know
 
To Serve and Protect: Making Sense of Hadoop Security
To Serve and Protect: Making Sense of Hadoop Security To Serve and Protect: Making Sense of Hadoop Security
To Serve and Protect: Making Sense of Hadoop Security
 
Data Leakage Presentation
Data Leakage PresentationData Leakage Presentation
Data Leakage Presentation
 
Privacy and Security by Design
Privacy and Security by DesignPrivacy and Security by Design
Privacy and Security by Design
 
The Definitive Guide to Data Loss Prevention
The Definitive Guide to Data Loss PreventionThe Definitive Guide to Data Loss Prevention
The Definitive Guide to Data Loss Prevention
 
Security and privacy of cloud data: what you need to know (Interop)
Security and privacy of cloud data: what you need to know (Interop)Security and privacy of cloud data: what you need to know (Interop)
Security and privacy of cloud data: what you need to know (Interop)
 
Privacy Secrets Your Systems May Be Telling
Privacy Secrets Your Systems May Be TellingPrivacy Secrets Your Systems May Be Telling
Privacy Secrets Your Systems May Be Telling
 

Viewers also liked

Big Data Security with Hadoop
Big Data Security with HadoopBig Data Security with Hadoop
Big Data Security with HadoopCloudera, Inc.
 
Cyber crime and security ppt
Cyber crime and security pptCyber crime and security ppt
Cyber crime and security pptLipsita Behera
 
Overview of policies for security and data sharing
Overview of policies for security and data sharingOverview of policies for security and data sharing
Overview of policies for security and data sharingbdemchak
 
ciso-platform-annual-summit-2013-Fgont-ipv6-myths-dynamic
ciso-platform-annual-summit-2013-Fgont-ipv6-myths-dynamicciso-platform-annual-summit-2013-Fgont-ipv6-myths-dynamic
ciso-platform-annual-summit-2013-Fgont-ipv6-myths-dynamicPriyanka Aash
 
Big Data Security (ChinaNetCloud - Guiyang Conference)
Big Data Security (ChinaNetCloud - Guiyang Conference)Big Data Security (ChinaNetCloud - Guiyang Conference)
Big Data Security (ChinaNetCloud - Guiyang Conference)ChinaNetCloud
 
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...Yiannis Verginadis
 
Enterprise 2.0: What it is and why it matters
Enterprise 2.0: What it is and why it mattersEnterprise 2.0: What it is and why it matters
Enterprise 2.0: What it is and why it mattersdigitallibrary
 
SMB Security Opportunity –Use and Plans for Solutions and Profile of "Securit...
SMB Security Opportunity –Use and Plans for Solutions and Profile of "Securit...SMB Security Opportunity –Use and Plans for Solutions and Profile of "Securit...
SMB Security Opportunity –Use and Plans for Solutions and Profile of "Securit...Motty Ben Atia
 
Keynote Address at 2013 CloudCon: A day in the life of the SMB by Michael To...
Keynote Address at 2013 CloudCon: A day in the life of the SMB by Michael To...Keynote Address at 2013 CloudCon: A day in the life of the SMB by Michael To...
Keynote Address at 2013 CloudCon: A day in the life of the SMB by Michael To...exponential-inc
 
Winning the war against data- Strategies to beat your arch nemesis: files - G...
Winning the war against data- Strategies to beat your arch nemesis: files - G...Winning the war against data- Strategies to beat your arch nemesis: files - G...
Winning the war against data- Strategies to beat your arch nemesis: files - G...Spiceworks
 
Keeping up with the Revolution in IT Security
Keeping up with the Revolution in IT SecurityKeeping up with the Revolution in IT Security
Keeping up with the Revolution in IT SecurityDistil Networks
 
Building a database security program
Building a database security programBuilding a database security program
Building a database security programmatt_presson
 
Security Essentials for the SMB IT Network (on a Shoestring Budget!) - Adam W...
Security Essentials for the SMB IT Network (on a Shoestring Budget!) - Adam W...Security Essentials for the SMB IT Network (on a Shoestring Budget!) - Adam W...
Security Essentials for the SMB IT Network (on a Shoestring Budget!) - Adam W...Spiceworks
 
Advanced IT and Cyber Security for Your Business
Advanced IT and Cyber Security for Your BusinessAdvanced IT and Cyber Security for Your Business
Advanced IT and Cyber Security for Your BusinessInfopulse
 
modern security risks for big data and mobile applications
modern security risks for big data and mobile applicationsmodern security risks for big data and mobile applications
modern security risks for big data and mobile applicationsTrivadis
 
VO Course 10: Big data challenges in astronomy
VO Course 10: Big data challenges in astronomyVO Course 10: Big data challenges in astronomy
VO Course 10: Big data challenges in astronomyJoint ALMA Observatory
 
The next generation of IT security
The next generation of IT securityThe next generation of IT security
The next generation of IT securitySophos Benelux
 

Viewers also liked (19)

Big Data Security with Hadoop
Big Data Security with HadoopBig Data Security with Hadoop
Big Data Security with Hadoop
 
Cyber crime and security ppt
Cyber crime and security pptCyber crime and security ppt
Cyber crime and security ppt
 
Big data
Big dataBig data
Big data
 
Overview of policies for security and data sharing
Overview of policies for security and data sharingOverview of policies for security and data sharing
Overview of policies for security and data sharing
 
ciso-platform-annual-summit-2013-Fgont-ipv6-myths-dynamic
ciso-platform-annual-summit-2013-Fgont-ipv6-myths-dynamicciso-platform-annual-summit-2013-Fgont-ipv6-myths-dynamic
ciso-platform-annual-summit-2013-Fgont-ipv6-myths-dynamic
 
Big Data Security (ChinaNetCloud - Guiyang Conference)
Big Data Security (ChinaNetCloud - Guiyang Conference)Big Data Security (ChinaNetCloud - Guiyang Conference)
Big Data Security (ChinaNetCloud - Guiyang Conference)
 
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
 
Enterprise 2.0: What it is and why it matters
Enterprise 2.0: What it is and why it mattersEnterprise 2.0: What it is and why it matters
Enterprise 2.0: What it is and why it matters
 
SMB Security Opportunity –Use and Plans for Solutions and Profile of "Securit...
SMB Security Opportunity –Use and Plans for Solutions and Profile of "Securit...SMB Security Opportunity –Use and Plans for Solutions and Profile of "Securit...
SMB Security Opportunity –Use and Plans for Solutions and Profile of "Securit...
 
Keynote Address at 2013 CloudCon: A day in the life of the SMB by Michael To...
Keynote Address at 2013 CloudCon: A day in the life of the SMB by Michael To...Keynote Address at 2013 CloudCon: A day in the life of the SMB by Michael To...
Keynote Address at 2013 CloudCon: A day in the life of the SMB by Michael To...
 
Winning the war against data- Strategies to beat your arch nemesis: files - G...
Winning the war against data- Strategies to beat your arch nemesis: files - G...Winning the war against data- Strategies to beat your arch nemesis: files - G...
Winning the war against data- Strategies to beat your arch nemesis: files - G...
 
Keeping up with the Revolution in IT Security
Keeping up with the Revolution in IT SecurityKeeping up with the Revolution in IT Security
Keeping up with the Revolution in IT Security
 
Building a database security program
Building a database security programBuilding a database security program
Building a database security program
 
Box.net overview
Box.net overviewBox.net overview
Box.net overview
 
Security Essentials for the SMB IT Network (on a Shoestring Budget!) - Adam W...
Security Essentials for the SMB IT Network (on a Shoestring Budget!) - Adam W...Security Essentials for the SMB IT Network (on a Shoestring Budget!) - Adam W...
Security Essentials for the SMB IT Network (on a Shoestring Budget!) - Adam W...
 
Advanced IT and Cyber Security for Your Business
Advanced IT and Cyber Security for Your BusinessAdvanced IT and Cyber Security for Your Business
Advanced IT and Cyber Security for Your Business
 
modern security risks for big data and mobile applications
modern security risks for big data and mobile applicationsmodern security risks for big data and mobile applications
modern security risks for big data and mobile applications
 
VO Course 10: Big data challenges in astronomy
VO Course 10: Big data challenges in astronomyVO Course 10: Big data challenges in astronomy
VO Course 10: Big data challenges in astronomy
 
The next generation of IT security
The next generation of IT securityThe next generation of IT security
The next generation of IT security
 

Similar to Big data security challenges and recommendations!

Building a Data Driven Culture and AI Revolution With Gregory Little | Curren...
Building a Data Driven Culture and AI Revolution With Gregory Little | Curren...Building a Data Driven Culture and AI Revolution With Gregory Little | Curren...
Building a Data Driven Culture and AI Revolution With Gregory Little | Curren...HostedbyConfluent
 
R+Hadoop - Ask Bigger (and New) Questions and Get Better, Faster Answers
R+Hadoop - Ask Bigger (and New) Questions and Get Better, Faster AnswersR+Hadoop - Ask Bigger (and New) Questions and Get Better, Faster Answers
R+Hadoop - Ask Bigger (and New) Questions and Get Better, Faster AnswersRevolution Analytics
 
From Insight to Action: Using Data Science to Transform Your Organization
From Insight to Action: Using Data Science to Transform Your OrganizationFrom Insight to Action: Using Data Science to Transform Your Organization
From Insight to Action: Using Data Science to Transform Your OrganizationCloudera, Inc.
 
Data DevOps: An Overview
Data DevOps: An OverviewData DevOps: An Overview
Data DevOps: An OverviewScott W. Ambler
 
Transforming and Scaling Large Scale Data Analytics: Moving to a Cloud-based ...
Transforming and Scaling Large Scale Data Analytics: Moving to a Cloud-based ...Transforming and Scaling Large Scale Data Analytics: Moving to a Cloud-based ...
Transforming and Scaling Large Scale Data Analytics: Moving to a Cloud-based ...DataWorks Summit
 
Securing Sensitive IBM i Data At-Rest and In-Motion
Securing Sensitive IBM i Data At-Rest and In-MotionSecuring Sensitive IBM i Data At-Rest and In-Motion
Securing Sensitive IBM i Data At-Rest and In-MotionPrecisely
 
Gse uk-cedrinemadera-2018-shared
Gse uk-cedrinemadera-2018-sharedGse uk-cedrinemadera-2018-shared
Gse uk-cedrinemadera-2018-sharedcedrinemadera
 
PCI: Building Compliant Applications in the Public Cloud - RightScale Compute...
PCI: Building Compliant Applications in the Public Cloud - RightScale Compute...PCI: Building Compliant Applications in the Public Cloud - RightScale Compute...
PCI: Building Compliant Applications in the Public Cloud - RightScale Compute...RightScale
 
Aligning Application Security to Compliance
Aligning Application Security to ComplianceAligning Application Security to Compliance
Aligning Application Security to ComplianceSecurity Innovation
 
Data Modeling for Security, Privacy and Data Protection
Data Modeling for Security, Privacy and Data ProtectionData Modeling for Security, Privacy and Data Protection
Data Modeling for Security, Privacy and Data ProtectionKaren Lopez
 
Rabobank - There is something about Data
Rabobank - There is something about DataRabobank - There is something about Data
Rabobank - There is something about DataBigDataExpo
 
Protect your Database with Data Masking & Enforced Version Control
Protect your Database with Data Masking & Enforced Version Control Protect your Database with Data Masking & Enforced Version Control
Protect your Database with Data Masking & Enforced Version Control DBmaestro - Database DevOps
 
Introducing Trillium DQ for Big Data: Powerful Profiling and Data Quality for...
Introducing Trillium DQ for Big Data: Powerful Profiling and Data Quality for...Introducing Trillium DQ for Big Data: Powerful Profiling and Data Quality for...
Introducing Trillium DQ for Big Data: Powerful Profiling and Data Quality for...Precisely
 
Curiosity Software and RCG Global Services Present - Solving Test Data: the g...
Curiosity Software and RCG Global Services Present - Solving Test Data: the g...Curiosity Software and RCG Global Services Present - Solving Test Data: the g...
Curiosity Software and RCG Global Services Present - Solving Test Data: the g...Curiosity Software Ireland
 
Enterprise Search Best Practices Webinar 4.2013
Enterprise Search Best Practices Webinar 4.2013Enterprise Search Best Practices Webinar 4.2013
Enterprise Search Best Practices Webinar 4.2013Search Technologies
 

Similar to Big data security challenges and recommendations! (20)

Building a Data Driven Culture and AI Revolution With Gregory Little | Curren...
Building a Data Driven Culture and AI Revolution With Gregory Little | Curren...Building a Data Driven Culture and AI Revolution With Gregory Little | Curren...
Building a Data Driven Culture and AI Revolution With Gregory Little | Curren...
 
Hadoop and SAP BI
Hadoop and SAP BI Hadoop and SAP BI
Hadoop and SAP BI
 
R+Hadoop - Ask Bigger (and New) Questions and Get Better, Faster Answers
R+Hadoop - Ask Bigger (and New) Questions and Get Better, Faster AnswersR+Hadoop - Ask Bigger (and New) Questions and Get Better, Faster Answers
R+Hadoop - Ask Bigger (and New) Questions and Get Better, Faster Answers
 
From Insight to Action: Using Data Science to Transform Your Organization
From Insight to Action: Using Data Science to Transform Your OrganizationFrom Insight to Action: Using Data Science to Transform Your Organization
From Insight to Action: Using Data Science to Transform Your Organization
 
Data DevOps: An Overview
Data DevOps: An OverviewData DevOps: An Overview
Data DevOps: An Overview
 
Msst 2019 v4
Msst 2019 v4Msst 2019 v4
Msst 2019 v4
 
Transforming and Scaling Large Scale Data Analytics: Moving to a Cloud-based ...
Transforming and Scaling Large Scale Data Analytics: Moving to a Cloud-based ...Transforming and Scaling Large Scale Data Analytics: Moving to a Cloud-based ...
Transforming and Scaling Large Scale Data Analytics: Moving to a Cloud-based ...
 
Securing Sensitive IBM i Data At-Rest and In-Motion
Securing Sensitive IBM i Data At-Rest and In-MotionSecuring Sensitive IBM i Data At-Rest and In-Motion
Securing Sensitive IBM i Data At-Rest and In-Motion
 
Gse uk-cedrinemadera-2018-shared
Gse uk-cedrinemadera-2018-sharedGse uk-cedrinemadera-2018-shared
Gse uk-cedrinemadera-2018-shared
 
PCI: Building Compliant Applications in the Public Cloud - RightScale Compute...
PCI: Building Compliant Applications in the Public Cloud - RightScale Compute...PCI: Building Compliant Applications in the Public Cloud - RightScale Compute...
PCI: Building Compliant Applications in the Public Cloud - RightScale Compute...
 
Dw 07032018-dr pl pradhan
Dw 07032018-dr pl pradhanDw 07032018-dr pl pradhan
Dw 07032018-dr pl pradhan
 
Data lake protection ft 3119 -ver1.0
Data lake protection ft 3119 -ver1.0Data lake protection ft 3119 -ver1.0
Data lake protection ft 3119 -ver1.0
 
Architecting a datalake
Architecting a datalakeArchitecting a datalake
Architecting a datalake
 
Aligning Application Security to Compliance
Aligning Application Security to ComplianceAligning Application Security to Compliance
Aligning Application Security to Compliance
 
Data Modeling for Security, Privacy and Data Protection
Data Modeling for Security, Privacy and Data ProtectionData Modeling for Security, Privacy and Data Protection
Data Modeling for Security, Privacy and Data Protection
 
Rabobank - There is something about Data
Rabobank - There is something about DataRabobank - There is something about Data
Rabobank - There is something about Data
 
Protect your Database with Data Masking & Enforced Version Control
Protect your Database with Data Masking & Enforced Version Control Protect your Database with Data Masking & Enforced Version Control
Protect your Database with Data Masking & Enforced Version Control
 
Introducing Trillium DQ for Big Data: Powerful Profiling and Data Quality for...
Introducing Trillium DQ for Big Data: Powerful Profiling and Data Quality for...Introducing Trillium DQ for Big Data: Powerful Profiling and Data Quality for...
Introducing Trillium DQ for Big Data: Powerful Profiling and Data Quality for...
 
Curiosity Software and RCG Global Services Present - Solving Test Data: the g...
Curiosity Software and RCG Global Services Present - Solving Test Data: the g...Curiosity Software and RCG Global Services Present - Solving Test Data: the g...
Curiosity Software and RCG Global Services Present - Solving Test Data: the g...
 
Enterprise Search Best Practices Webinar 4.2013
Enterprise Search Best Practices Webinar 4.2013Enterprise Search Best Practices Webinar 4.2013
Enterprise Search Best Practices Webinar 4.2013
 

Recently uploaded

Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 

Recently uploaded (20)

Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 

Big data security challenges and recommendations!

  • 1. Big Data Security Top 5 Security Risks and Best Practices Jitendra Chauhan Head R&D, iViZ Security jitendra.chauhan@gmail.com
  • 2. Agenda • Key Insights of Big Data Architecture • Top 5 Big Data Security Risks • Top 5 Best Practices
  • 3. Key Insights of Big Data Architecture
  • 4. Distributed Architecture (Hadoop as example) Data Partition, Replication and Distribution Auto-tiering Move the Code
  • 5. Real Time, Streaming and Continuous ComputationIntegration Patterns Real time Variety of Input Sources Adhoc Queries
  • 6. Parallel & Powerful Programming Framework Example: • 16TB Data • 128 MB Chunks • 82000 Maps Java vs SQL / PLSQL Frameworks: • MapReduce • Storm Topology (Spouts & Bolts)
  • 7. Big Data Architecture No Single Silver Bullet • Hadoop is already unsuitable for many Big data problems • Real-time analytics • Cloudscale, Storm • Graph computation o Giraph and Pregel (Some examples graph computation are Shortest Paths, Degree of Separation etc.) • Low latency queries o Dremel
  • 9. Insecure Computation Sensitive Info • Information Leak • Data Corruption • DoS Health Data Untrusted Computation program
  • 10. Input Validation and Filtering • Input Validation o What kind of data is untrusted? o What are the untrusted data sources? • Data Filtering o Filter Rogue or malicious data • Challenges o GBs or TBs continuous data o Signature based data filtering has limitations  How to filter Behavior aspect of data?
  • 11. Granular Access Controls • Designed for Performance, almost no security in mind • Security in Big Data still ongoing research • Table, Row or Cell level access control gone missing • Adhoc Queries poses additional challenges • Access Control is disabled by default
  • 12. Insecure Data Storage • Data at various nodes, Authentication, Authorization & Encryption is challenging • Autotiering moves cold data to lesser secure medium o What if cold data is sensitive? • Encryption of Real time data can have performance impacts • Secure communication among nodes, middleware and end users are disabled by default
  • 13. Privacy Concerns in Data Mining and Analytics • Monetization of Big Data generally involves Data Mining and Analytics • Sharing of Results involve multiple challenges o Invasion of Privacy o Invasive Marketing o Unintentional Disclosure of Information • Examples o AOL release of Anonymzed search logs, Users can easily be identified o Netflix faced a similar problem
  • 14. Top 5 Best Practices • Secure your Computation Code • Implement access control, code signing, dynamic analysis of computational code • Strategy to prevent data in case of untrusted code • Implement Comprehensive Input Validation and Filtering • Implement validation and filtering of input data, from internal or external sources • Evaluate input validation filtering of your Big Data solution
  • 15. Top 5 Best Practices • Implement Granular Access Control • Review Role and Privilege Matrix • Review permission to execute Adhoc queries • Enable Access Control • Secure your Data Storage and Computation • Sensitive Data should be segregated • Enable Data encryption for sensitive data • Audit Administrative Access on Data Nodes • API Security
  • 16. Top 5 Best Practices • Review and Implement Privacy Preserving Data Mining and Analytics • Analytics data should not disclose sensitive information • Get the Big Data Audited
  • 18. Big Data Architecture Key Insights • Distributed Architecture & Auto Tiering • Real Time, Streaming and Continuous Computation • Adhoc Queries • Parallel and Powerful Computation Language • Move the Code, Not the data • Non Relational Data • Variety of Input Sources
  • 19. Top 5 Security Risks • Insecure Computation • End Point Input Validation and Filtering • Granular Access Control • Insecure Data Storage and Communication • Privacy Preserving Data Mining and Analytics

Editor's Notes

  1. Partitioned, Distributed and Replicated among multiple Data Nodes 1000,s of Data nodes Autotiering: Moving hottest data to high performance drive, coldest data to low performance, less secure drive