UPDATED 23:59 EST / AUGUST 28 2016

Data digital flow NEWS

The Cloud Security Alliance publishes its best practices for Big Data security

Big Data is a boon for businesses worldwide, but the benefits come at a cost. The more data companies store, the more vulnerable they are to potential security breaches. And data breaches can be enormously expensive when they occur. IBM’s 2016 Cost of Data Breach report found that the average consolidated total cost of a data breach grew from $3.8 million to $4 million in the last year, which makes securing their data an important goal for any company that’s invested in it.

Targeting those companies, the Cloud Security Alliance (CSA) released a new report on Friday offering 100 best practices for Big Data and cloud security.

The CSA is an industry grouping that’s focused on promoting best practices regarding security in cloud computing, and its members include major vendors like Amazon Web Services, Microsoft, Red Hat Inc., and VMware Inc., among others. In a previous list the CSA laid out the top 10 major challenges for Big Data security, and now today’s list of 10 best practices details how to overcome each of those challenges.

The new list suggests that businesses working with a distributed programming framework like Apache Hadoop should use Kerberos or an equivalent authentication service to establish trust.

Meanwhile, to ensure that the privacy of data subjects is secure, the CSA recommends masking or removing personally identifiable information such as customer’s names, addresses and Social Security numbers. In addition, companies should beware of what CSA calls “quasi-identifiers” that can be used to partially identify someone, such as ZIP codes, dates of birth, genders and so on.

The report also notes that non-relational database users (for example, NoSQL databases) are at risk due to the lack of robust security features embedded in them. As such, the report recommends that users employ strong encryption methods like the Advanced Encryption Standard (AES), RSA, or Secure Hash Algorithm 2 (SHA-256) for data at rest. It adds that the code and encryption keys should be stored separately from the data storage or repository, and backed up offline in a secure location.

The CSA also provides recommendations for cryptographic techniques, data provenance, privacy-preserving analytics, real-time security, compliance monitoring and more in its report. The free Big Data Security and Privacy Handbook can be downloaded from the CSA’s website.

Image credit: Adelanta Big Data via Flickr.com

Since you’re here …

Show your support for our mission with our one-click subscription to our YouTube channel (below). The more subscribers we have, the more YouTube will suggest relevant enterprise and emerging technology content to you. Thanks!

Support our mission:    >>>>>>  SUBSCRIBE NOW >>>>>>  to our YouTube channel.

… We’d also like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.

If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.