Sb Big Data Security

Published on January 2017 | Categories: Documents | Downloads: 11 | Comments: 0 | Views: 135
of 2
Download PDF   Embed   Report

Comments

Content

Solution Brief Vormetric Data-centric Security for Big Data Environments

Data-centric Security for Big Data
Big Data = Big Data Risks
According to a CIO magazine’s 2012 Big Data Survey, 65% of organizations have either already deployed a big data project or expect to do so. But no matter the implementation or architecture of a Big Data implementation, there are inherent risks to data within these environments, and to the high value business intelligence results and reports that organizations glean from them. Given the very large data sets that contribute to a Big Data implementation, there is a virtual certainty that either protected information or critical IP will be present – and an even greater one that the output from analysis of that data will contain such information.

“Organizations have pushed vast amounts of data into these big data clusters, but most have implemented virtually zero security measures.”
“Securing Big Data: Security Recommendations for Hadoop and NoSQL Environments.” Securosis - October, 2012

Meet Compliance Requirements
Failure to meet exacting compliance requirements such as the Payment Card Industry Data Security Standard (PCI DSS), the US HIPAA/HITECH Acts, and others can result in loss of certification, loss of business and crippling fines.

Prevent Data Breaches
Data breach laws such as US Federal and State data protection laws, the EU Data Protection Directive, South Korea’s Personal Information Protection Act (PIPA) and the UK Data Protection Act pose fines and costly notification requirements on loss of protected data. Given that Big Data environments are the backbone of data analysis for scientific research, consumer behavior, national security and other critical, leading edge applications, both the repositories and analysis results include critical intellectual property.

“The completion of Vormetric Data Security’s certification on CDH4 further solidifies Vormetric as a leading company in today’s growing big data and open source space.”
Mike Olson, VP of Corporate Development, Cloudera – March 19, 2013 Vormetric Eases Big Data Security Concerns With Cloudera Certification.

Safeguard Intellectual Property

Sensitive data can be anywhere in the implementation
Data Sources

Social

Databases

Sensors

Audio

Logs

All Data Sources potentially contain Sensitive Data

Web

Mobile

Video & Pictures

RFID Data is distributed throughout the cluster

Distributed Hadoop Cluster Data Stores

Vormetric Protects the data store at the file system and volume level

“It is imperative, however, that users of the data understand that these massive data stores contain significant amounts of “toxic” data. Toxic data is any data that could be damaging to an organization if it leaves that organizations’ control.”
John Kinderva, Forrester Research, “Control And Protect Sensitive Information In The Era Of Big Data”, July 12, 2012solutions, Virtustream Inc.

Sensitive Data

Data sources for information fed into a big data implementation inevitably contain either sensitive, protected information or key intellectual property. This information is distributed throughout the big data implementation as needed – with the result that the entire data storage layer needs to be protected.

TM

®

Solution Brief Vormetric Data-centric Security for Big Data Environments
A retailer, for instance, might combine frequent purchase program information with social credentials and web site visit data to profile customers. This might include credit information, customer names and physical addresses, email addresses, purchase patterns from physical stores, browsing patterns from the retailer’s web store, even map data for physical stores of the locations goods are sourced from. In this circumstance, physical addresses combined with credential sets and customer credit data represent significant risks – both against compliance requirements and data breach laws.

Ready to support Big Data implementations
Supported Platforms – Hadoop, Cloudera, MongoDB Cloudera CH4 Certified – Minimal Performance Impact Vormetric Data Security, is certified on CDH4, Cloudera’s distribution of Apache Hadoop Version 4, with testing demonstrating less than 10 percent performance overhead. No re-architecting or recoding required – Implementation of Vormetric Data Security is completely transparent to your Big Data environment. Operating at the file system or volumen level, no changes to your big data implementation are needed. Rapid deployment and implementation – The Vormetric Toolkit provides APIs and interfaces that enable fast rollout and standard deployment. Vormetric software agents become part of standard builds and images. Rollouts and implementations take days to weeks, not weeks to months.

Results from Big Data analysis runs are just as critical
Not only can the raw data represent a risk in a Big Data implementation – the results are just as critical. Results from Big Data analytics can be just what a malicious insider or Advanced Persistent Threat (APT) attacker are looking for. The high value information worth stealing, all in one place in a report, is much easier to find and extract than locating exactly the information needed from the multiterabyte, multi-petabyte (or even larger) data source sets.

Vormetric seamlessly protects Big Data environments

Vormetric safeguards the data within Big Data environments, allowing organizations to gain the benefits of the intelligence gleaned from Big Data environments while maintaining the security of their data.

Data Firewall – The Vormetric Data Security Platform puts a firewall around your data – placing the safeguards and access controls for your data with your data. The platform includes strong encryption, key management, fine grained access controls and the security intelligence information needed to identify the latest in advanced persistent threats (APTs) and other attacks on your data. Fine-grained Access Controls – Vormetric provides the fine-grained,
policy-based access controls that restrict access to encrypted data – allowing only approved access to data by processes and users as required to meet strict compliance requirements.

compliance regimes require encryption to safeguard data. Vormetric provides the strong, centrally managed, encryption and key management that enables compliance and is transparent to processes, applications and users.

Encryption and Key Management – Data breach mitigation and

Protect your critical IP and retain regulatory compliance
Cross-domain Data Analytics – Securely use data from multiple sources within your big data environment for analysis, without exposing data from any source to any other source. Data across borders / Data Consolidation – Centrally store and analyze data from countries (or business units) that require protection of private information without exposing that data to anyone not from the country (business unit) where the data originated.

Security Intelligence – Vormetric logs capture all access attempts to

protected data providing high value, security intelligence information that can be used with a Security Information and Event Management solution to identify compromised accounts and malicious insiders as well as finding access patterns by processes and users that may represent and APT attack in process.

Automation – Use the Vormetric Toolkit to easily deploy, integrate and About Vormetric

manage your Vormetric Data Security implementation with the rest of your big data implementation.

Vormetric (@Vormetric) is the industry leader in data security solutions that span physical, virtual and cloud environments. Data is the new currency and Vormetric helps enterprise customers and government agencies protect what matters — their sensitive data — from both internal and external threats. In a world of Advanced Persistent Threats (APTs), Vormetric’s market-leading privileged user access controls and security intelligence are invaluable. The company’s scalable solution suite protects any file, any database and any application — anywhere it resides — while maintaining application performance and avoiding key management complexity. Many of the world’s largest and most security-conscious organizations and government agencies, including 17 of the Fortune 25, have standardized on Vormetric to protect their sensitive data and provide them with advanced data security and data security intelligence.
Copyright © 2013 Vormetric, Inc. All Rights reserved. Vormetric is a registered trademark of Vormetric, Inc. All other trademarks are the property of their respective owners. No part of this publican may be reproduced, stored in a retrieval system or transmitted, in any form or bay any means, photocopying, recording or otherwise, without the prior written consent of Vormetric.

Vormetric, Inc.
2545 N. 1st Street, San Jose, CA 95131 United States: 888.267.3732 United Kingdom: +44.118.949.7711 South Korea: +82.2.2190.3830 [email protected] www.vormetric.com

TM

®

Sponsor Documents

Or use your account on DocShare.tips

Hide

Forgot your password?

Or register your new account on DocShare.tips

Hide

Lost your password? Please enter your email address. You will receive a link to create a new password.

Back to log-in

Close