Hello,

We noticed you're browsing in private or incognito mode.

To continue reading this article, please exit incognito mode or log in.

Not an Insider? Subscribe now for unlimited access to online articles.

View from the Marketplace

Views from the Marketplace are paid for by advertisers and select partners of MIT Technology Review.

Diversity of Big Data Sources Creates Big Security Challenges

According to Oracle’s Neil Mendelson, many companies today make a key mistake in setting up their big data environments. “In an effort to gain insights and drive business growth, companies can too often overlook or underestimate the challenge of securing information in a new and unfamiliar environment,” says Mendelson, vice president for big data and advanced analytics at Oracle. That lack of attention to big data security requirements can, of course, leave the organization open to attacks from any number of unknown sources. 

Other evolving circumstances also contribute to a wide range of security-related risks, hurdles, and potential pitfalls associated with big data. As the Cloud Security Alliance, an industry group, notes: “Large-scale cloud infrastructures, diversity of data sources and formats, the streaming nature of data acquisition, and high-volume inter-cloud migration all create unique security vulnerabilities.”

Two additional complicating factors include: 

Related articles:
  • • Big Data, Bigger Responsibility

Outdated approaches. Previous perimeter-based approaches to security are simply no longer sufficient. A CSO Market Pulse survey found that “two-thirds of security budgets are used to protect the network, with less than a third used to directly protect the data and intellectual property that reside inside the organization.”

Insufficient governance. Forty-four percent of organizations have no formal data governance policy, and 22 percent of these companies have no plans to implement one, according to the 2013 Rand Secure Archive Data Governance Survey. Big data increases companies’ data ingestion by many orders of magnitude, adding to the complexity. Without overall management of the availability, usability, integrity, and security of big data employed in an enterprise, organizations will find it tough to address the mandates called for the U.S. Federal Trade Commission and the European Union.

Securing the big data life cycle requires that organizations address four overarching areas, according to the CSA’s Big Data Working Group:

Infrastructure security. Secure computations in distributed programming frameworks as well as in nonrelational data stores.

Data privacy. Secure the data itself using a privacy-preserving approach for data mining and analytics. Also, protect sensitive data through the use of cryptographically enforced data-centric security and granular access control.

Data management. Manage enormous volumes of data using scalable, distributed solutions to secure data stores and enable efficient audits and data provenance.

Integrity and reactive security. Use endpoint validation and filtering to check the integrity of streaming data, and real-time security monitoring and analytics to help prevent and address security problems.

Bottom line: “Organizations today require not only the right manpower, but a comprehensive set of policies, procedures, and technologies to responsibility guard sensitive information,” Mendelson says. “Unlike in the past, all these resources need to be continually tested, reviewed, and updated.”

Hear more about security from the experts at the EmTech Digital Conference, March 26-27, 2018 in San Francisco.

Learn more and register

Uh oh–you've read all of your free articles for this month.

Insider Premium
$179.95/yr US PRICE

More from Intelligent Machines

Artificial intelligence and robots are transforming how we work and live.

Want more award-winning journalism? Subscribe to Insider Plus.
  • Insider Plus {! insider.prices.plus !}*

    {! insider.display.menuOptionsLabel !}

    Everything included in Insider Basic, plus the digital magazine, extensive archive, ad-free web experience, and discounts to partner offerings and MIT Technology Review events.

    See details+

    What's Included

    Unlimited 24/7 access to MIT Technology Review’s website

    The Download: our daily newsletter of what's important in technology and innovation

    Bimonthly print magazine (6 issues per year)

    Bimonthly digital/PDF edition

    Access to the magazine PDF archive—thousands of articles going back to 1899 at your fingertips

    Special interest publications

    Discount to MIT Technology Review events

    Special discounts to select partner offerings

    Ad-free web experience

/
You've read all of your free articles this month. This is your last free article this month. You've read of free articles this month. or  for unlimited online access.