CSO - Big data is all the buzz in board rooms these days, but in security circles it's a mixed blessing.
The technology allows tons of threat data to be analyzed and used to thwart intruders. In the enterprise, it can be used to analyze volumes of network traffic to reveal insider trouble and advanced persistent threats.
Problem is, the network architecture that supports big data wasn't created with security in mind, which can create problems for system defenders.
A common big data deployment uses Hadoop to manage the clusters of computers used to crunch the mountains of data fed into it. That can create problems for defenders, especially if they're trying to use traditional security tools to protect their big data fortress.
"Incumbent data security vendors believe that Hadoop and distributed cluster security can be addressed with traditional perimeter security solutions such as firewalls and intrusion detection/prevention technologies," explained Zettaset, a big data security company, in a white paper "The big data Security Gap: Protecting the Hadoop Cluster."
"But no matter how advanced, traditional approaches that rely on perimeter security are unable to adequately secure Hadoop clusters and distributed file systems," it added.
Traditional security products are designed to protect a single database, noted Zettaset CTO Brian Christian. When those products are forced to protect a distributed cluster of computers that can number in the thousands, their capacity is taxed.
"When you put them on a large scale distributed computing environment, they become either a choke point or a single point of failure for the entire cluster," Christian said in an interview.
"They could potentially be extremely dangerous running them on a cluster," he said, "because if they do fail, there is the potential to deny everybody on the cluster access to petabytes of data or a corruption of data in some of the encryption security technologies."
Performance problems aren't unusual where security is "bolted on" to a big data setup, said Jason Escaravage, a principal with Booz Allen Hamilton.
For example, if you have a central place where everyone has to check credentials and you have to leave the system to access those credentials on an external security system, each one of those transactions are going to slow things down.
That can be challenging not only for system performance, but for a company's bottom line, too. "When you come to a system that's already been deployed and you're trying wrap security around it or bolt it on at the end, it's costly because it wasn't designed up front," Escaravage said in an interview.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts