UPDATED 23:59 EDT / AUGUST 28 2016

NEWS

The Cloud Security Alliance publishes its best practices for Big Data security

Big Data is a boon for businesses worldwide, but the benefits come at a cost. The more data companies store, the more vulnerable they are to potential security breaches. And data breaches can be enormously expensive when they occur. IBM’s 2016 Cost of Data Breach report found that the average consolidated total cost of a data breach grew from $3.8 million to $4 million in the last year, which makes securing their data an important goal for any company that’s invested in it.

Targeting those companies, the Cloud Security Alliance (CSA) released a new report on Friday offering 100 best practices for Big Data and cloud security.

The CSA is an industry grouping that’s focused on promoting best practices regarding security in cloud computing, and its members include major vendors like Amazon Web Services, Microsoft, Red Hat Inc., and VMware Inc., among others. In a previous list the CSA laid out the top 10 major challenges for Big Data security, and now today’s list of 10 best practices details how to overcome each of those challenges.

The new list suggests that businesses working with a distributed programming framework like Apache Hadoop should use Kerberos or an equivalent authentication service to establish trust.

Meanwhile, to ensure that the privacy of data subjects is secure, the CSA recommends masking or removing personally identifiable information such as customer’s names, addresses and Social Security numbers. In addition, companies should beware of what CSA calls “quasi-identifiers” that can be used to partially identify someone, such as ZIP codes, dates of birth, genders and so on.

The report also notes that non-relational database users (for example, NoSQL databases) are at risk due to the lack of robust security features embedded in them. As such, the report recommends that users employ strong encryption methods like the Advanced Encryption Standard (AES), RSA, or Secure Hash Algorithm 2 (SHA-256) for data at rest. It adds that the code and encryption keys should be stored separately from the data storage or repository, and backed up offline in a secure location.

The CSA also provides recommendations for cryptographic techniques, data provenance, privacy-preserving analytics, real-time security, compliance monitoring and more in its report. The free Big Data Security and Privacy Handbook can be downloaded from the CSA’s website.

Image credit: Adelanta Big Data via Flickr.com

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU