The Cloud Security Alliance publishes its best practices for Big Data security

Data digital flow

Big Data is a boon for businesses worldwide, but the benefits come at a cost. The more data companies store, the more vulnerable they are to potential security breaches. And data breaches can be enormously expensive when they occur. IBM’s 2016 Cost of Data Breach report found that the average consolidated total cost of a data breach grew from $3.8 million to $4 million in the last year, which makes securing their data an important goal for any company that’s invested in it.

Targeting those companies, the Cloud Security Alliance (CSA) released a new report on Friday offering 100 best practices for Big Data and cloud security.

The CSA is an industry grouping that’s focused on promoting best practices regarding security in cloud computing, and its members include major vendors like Amazon Web Services, Microsoft, Red Hat Inc., and VMware Inc., among others. In a previous list the CSA laid out the top 10 major challenges for Big Data security, and now today’s list of 10 best practices details how to overcome each of those challenges.

The new list suggests that businesses working with a distributed programming framework like Apache Hadoop should use Kerberos or an equivalent authentication service to establish trust.

Meanwhile, to ensure that the privacy of data subjects is secure, the CSA recommends masking or removing personally identifiable information such as customer’s names, addresses and Social Security numbers. In addition, companies should beware of what CSA calls “quasi-identifiers” that can be used to partially identify someone, such as ZIP codes, dates of birth, genders and so on.

The report also notes that non-relational database users (for example, NoSQL databases) are at risk due to the lack of robust security features embedded in them. As such, the report recommends that users employ strong encryption methods like the Advanced Encryption Standard (AES), RSA, or Secure Hash Algorithm 2 (SHA-256) for data at rest. It adds that the code and encryption keys should be stored separately from the data storage or repository, and backed up offline in a secure location.

The CSA also provides recommendations for cryptographic techniques, data provenance, privacy-preserving analytics, real-time security, compliance monitoring and more in its report. The free Big Data Security and Privacy Handbook can be downloaded from the CSA’s website.

Image credit: Adelanta Big Data via Flickr.com