Your SlideShare is downloading. ×
  • Like
The Security of Big Data: An Enterprise Perspective
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Now you can save presentations on your phone or tablet

Available for both IPhone and Android

Text the download link to your phone

Standard text messaging rates apply

The Security of Big Data: An Enterprise Perspective

  • 93 views
Published


Everyone knows that there are risks associated with moving enterprise data to a Cloud and everyone knows the huge potential that the analytics of Big Data can bring especially when using the Cloud, but what happens when these two converge.

The presentation will discuss some of the security and privacy challenges associated with Big Data in the Cloud and will present a number of key initiatives that the ODCA have done to support enterprises that wish to take this step. To listen to the webinar based on this presentation with audio please visit the ODCA BrightTalk channel: https://www.brighttalk.com/webcast/9831/109843

Published in Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
93
On SlideShare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
5
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. BIG DATA, CLOUD, SECURITY, AND ODCA USAGE MODELS Ian Lamont BMW AG
  • 2. ODCA Big Data and Security Seminar | 2 BIG DATA (WIKIPEDIA) Big Data is the term for a collection of data sets so large that it becomes difficult to process using hands-on database management tools and processing applications. The challenges include capture, curation, storage, search, sharing, transfer, analysis, and visualisation.
  • 3. ODCA Big Data and Security Seminar | 3 CHALLENGES • Privacy (particularly in Europe)  Security  Valid and fair usage  Right to be forgotten  Jurisdiction
  • 4. ODCA Big Data and Security Seminar | 4 BIG DATA (WIKIPEDIA) Big Data is the term for a collection of data sets so large that it becomes difficult to process using hands-on database management tools and processing applications. The challenges include capture, curation, storage, search, sharing, transfer, analysis, and visualisation.
  • 5. ODCA Big Data and Security Seminar | 5 BIG DATA SECURITY
  • 6. ODCA Big Data and Security Seminar | 6 PLATFORM SECURITY • Provider Assurance Usage Model  Provides standard definitions of Security for Cloud Services  Bronze, Silver, Gold, and Platinum.  Mirror internal security levels to external requirements.
  • 7. ODCA Big Data and Security Seminar | 7 NETWORK AND FIREWALL ISOLATION Network segregation and firewalls are required to protect all assets managed in the cloud. The level of involvement of the cloud provider in the management of firewall rule sets will vary depending on the level of service offered. Bronze The firewall rule sets are managed by the cloud provider with no direct involvement of the cloud subscriber. Silver The firewall rule sets are managed by the cloud provider with changes advised to the cloud subscriber before implementation. The cloud provider should offer network segmentation between logical tiers. Gold The firewall rule sets are managed by the cloud subscriber. The cloud provider retains access to the firewall at the administrator level in order to provide system maintenance. The cloud provider must offer network segmentation between logical tiers and should offer Layer-7 protection to prevent application- level attacks. Platinum The cloud provider has no access to firewalls. All admin tasks including rule updates are managed by the cloud subscriber. The cloud provider must offer network segregation between logical tiers and Layer-7 protection to prevent application-level attacks.
  • 8. ODCA Big Data and Security Seminar | 8 VULNERABILITY MANAGEMENT A vulnerability management process that ensures installation of system and software patches within the targets is identified below. The test process must ensure proper function of the patch and compatibility to the actual target systems with no negative impact on resource utilization (i.e., memory and CPU consumption). Bronze Vulnerabilities with a basic Common Vulnerability Scoring System (CVSS) score of greater than 9 (or those rated as High by Microsoft or other vendors) must be patched within 96 hours; all others within 1 month. Silver Vulnerabilities with a basic CVSS score of greater than 5 (or those rated as Medium or High by Microsoft or other vendors) must be patched within 96 hours; all others within 1 month. Gold Vulnerabilities with a basic CVSS score of greater than 2 (or those rated as Low, Medium, or High by Microsoft or other vendors) must be patched within 96 hours; all others within 1 month. Platinum All vulnerabilities must be patched within 24 hours of their release by the vendor.
  • 9. ODCA Big Data and Security Seminar | 9 PLATFORM SECURITY
  • 10. ODCA Big Data and Security Seminar | 10 BIG DATA SECURITY
  • 11. ODCA Big Data and Security Seminar | 11 DATA SECURITY • Encryption  Data at Rest  Data in Transit • Data Masking  Anonymization and Pseudonymization • Access Methods  User type profiling • Backup, Restore, and Archiving
  • 12. ODCA Big Data and Security Seminar | 12 DATA LIFECYCLE
  • 13. ODCA Big Data and Security Seminar | 13 ACCESS POINTS
  • 14. ODCA Big Data and Security Seminar | 14 DATA FLOW 1
  • 15. ODCA Big Data and Security Seminar | 15 DATA FLOW 2
  • 16. ODCA Big Data and Security Seminar | 16 IDENTITY AND ACCESS MANAGEMENT • Identity Provisioning • Governance and Auditing • Privileged User Access • Single Sign On
  • 17. ODCA Big Data and Security Seminar | 17 IDM BASIC MODEL
  • 18. ODCA Big Data and Security Seminar | 18 IDM CLOUD MODEL
  • 19. ODCA Big Data and Security Seminar | 19 IDM GOVERNANCE
  • 20. ODCA Big Data and Security Seminar | 20 OTHER ODCA COLLATERAL • Security Monitoring • Interoperability • Guide to • SaaS Interoperability • Information as a Service • also Data Mgmt for Info_aaS • and much more ……
  • 21. ODCA Big Data and Security Seminar | 21 OTHER PROBLEMS / CHALLENGES !!! • e-Discovery (UM coming soonish) • Data Ownership • plus anything else you can think of !
  • 22. ODCA Big Data and Security Seminar | 22 Standardized Response Checklists Accelerate TTM Shared Practices Drive Scale Streamlined Requirements Accelerate Adoption Available to Members at: www.opendatacenteralliance.org URL for Public content: www.opendatacenteralliance.org MORE INFORMATION AND ASSETS
  • 23. ODCA Big Data and Security Seminar | 23 Go forth (securely) and Big Data QUESTIONS Artist: Thierry Gregorius
  • 24. ODCA Big Data and Security Seminar | 24 www.opendatacenteralliance.org