Big Data is big news everywhere.  As data grows, it is the holder of great promises for companies everywhere. What it’s doing is transformational, delivering the ability to deeply and quickly analyze information, delivering a new level of insight, and giving companies competitive advantages that were previously out of reach.  On the flip side of this is the perspective of security and risk especially if information is not secured and managed properly.  For as much as big data delivers a data advantage, it also runs the chance of becoming a data goldmine.  We’ve seen what can be gleaned off of simple metadata, we know what can be done with actual data, we shudder at the thought of a loss of personal data.  These are all realities that those in big data should be considering as massive amounts of data are gathered into enormous analysis platforms and decisions come out of these constructs.

Data in, data out (mostly)

There are many places data could leak, that’s been a reality since the first backup tape was mishandled at some point in history.  Data is everywhere in tapes, on systems, on all sorts of media and on the web; it’s growing exponentially and despite best efforts to stage some pretty hefty regulations and penalties around data and data retention, it still gets out, quite commonly by human fault, but also still by means technological and process failures.  Over 90 percent of all the data collected in the world has been collected in the last two years.  That is an explosion of data that shows signs of accelerating even further.  The problem is that within the enterprise, your standard measures of just a couple of years ago haven’t evolved at the pace of this explosion, if it has been updated at all.  Many rely on regulatory compliance, but that isn’t enough, data that is lying about the enterprise is vulnerable to attack, criminals know it and see this as an opportunity.  Enterprise executives need to include a bit more in the big data conversation, beyond the value of analysis and ensure they have their ducks in order as far as security goes.  They must verify they have the required skillset and resources to keep data secure and they must also put into place massive contingency plans for any number of scenarios.  Preparation is key and it’s much more economical and timely to recover than calling on the emergency zero-day breach teams.  Prepare.

The threats are significant and are realized in stories of breach after breach in the news.  The financial impacts can be quite real as recovery costs gather quickly from a legal proceedings, penalties and more.  Not to mention the loss of customer trust, reputation problems and impacts to the IT department that happen from the attempt to investigate and recover.  It’s a shame that the actions of such a few could have this magnified impact on so many.  Credit information is just one frontier, and it’s pretty standard for the financial impact to the consumer is minimal, the real trove of information is the personal information.  That means where you work, who your family is and if they’re lucky enough to capture your username and password, what is the likelihood that you’ve used that password elsewhere?  Everywhere?  It’s pretty real.

What to do

We’ve always preached it here.  Security is made up of technology, process and people.  If you’ve made the significant investment in front-line security, a great firewall, a solid infrastructure and a perceived certainty that you’ve applied this at a number of layers, that’s a great start.  Security is nothing without a solid process however.  Strong IT security policies are tantamount to success.  You’ve now applied that technology at every conceivable point, such as updating and enforcing user authentication methods in the enterprise.  The thing is that may not be enough.  You need another level of awareness, that is the people factor.  Training, awareness and scrutiny are big pieces of this formula – you can’t allow people into the front door, rules apply to everybody.

The rise of Data-Centric Security

Case in point, it was recently reported that the data extraction in the Target breach of late 2013 was detected and in fact reported to the appropriate teams.  The reasons why those notices weren’t acted on is the piece that is the process of security, there was simply no way that notice shouldn’t have been acted on and no way it should have been dismissed.   Better process would have caught this and stopped it cold.  There were even trial runs that were reported and time to react was ample.  That firewall system, courtesy of FireEye is a great solution if it is implemented correctly.  That’s the case with any system actually.  There are also a good deal of emerging and competing products in the analytic security space that can detect anomalies before they become major events and give security analysts a chance to evaluate and respond accordingly.  After all that’s the next frontier, protecting this rapidly growing base of data from external and internal threats by looking at the enterprise as a whole.  It’s no longer about a great firewall, or great endpoint protection or authentication layers, it’s all of those things, but the focus is shifting to data, not appliances.  This is the rise of Data-Centric Security.  We’re watching this emerge on the front lines right before our eyes, predicted for enterprises, for mobile devices and everything within the spectrum.  Stay tuned.

photo credit: metaroll via photopin cc