Uploaded bycisoplatform
1,867 views

Big data security challenges and recommendations!

The document outlines key insights and security risks associated with big data architecture, such as insecure computation, inadequate access controls, and privacy concerns. It emphasizes best practices to mitigate these risks, including securing computation code, implementing granular access controls, and conducting privacy-preserving analytics. Additionally, it highlights the importance of continuous evaluation and validation of data handling processes to ensure security.

Embed presentation

Big Data Security Top 5 Security Risks and Best Practices Jitendra Chauhan Head R&D, iViZ Security jitendra.chauhan@gmail.com
Agenda • Key Insights of Big Data Architecture • Top 5 Big Data Security Risks • Top 5 Best Practices
Key Insights of Big Data Architecture
Distributed Architecture (Hadoop as example) Data Partition, Replication and Distribution Auto-tiering Move the Code
Real Time, Streaming and Continuous ComputationIntegration Patterns Real time Variety of Input Sources Adhoc Queries
Parallel & Powerful Programming Framework Example: • 16TB Data • 128 MB Chunks • 82000 Maps Java vs SQL / PLSQL Frameworks: • MapReduce • Storm Topology (Spouts & Bolts)
Big Data Architecture No Single Silver Bullet • Hadoop is already unsuitable for many Big data problems • Real-time analytics • Cloudscale, Storm • Graph computation o Giraph and Pregel (Some examples graph computation are Shortest Paths, Degree of Separation etc.) • Low latency queries o Dremel
Top 5 Security Risks
Insecure Computation Sensitive Info • Information Leak • Data Corruption • DoS Health Data Untrusted Computation program
Input Validation and Filtering • Input Validation o What kind of data is untrusted? o What are the untrusted data sources? • Data Filtering o Filter Rogue or malicious data • Challenges o GBs or TBs continuous data o Signature based data filtering has limitations  How to filter Behavior aspect of data?
Granular Access Controls • Designed for Performance, almost no security in mind • Security in Big Data still ongoing research • Table, Row or Cell level access control gone missing • Adhoc Queries poses additional challenges • Access Control is disabled by default
Insecure Data Storage • Data at various nodes, Authentication, Authorization & Encryption is challenging • Autotiering moves cold data to lesser secure medium o What if cold data is sensitive? • Encryption of Real time data can have performance impacts • Secure communication among nodes, middleware and end users are disabled by default
Privacy Concerns in Data Mining and Analytics • Monetization of Big Data generally involves Data Mining and Analytics • Sharing of Results involve multiple challenges o Invasion of Privacy o Invasive Marketing o Unintentional Disclosure of Information • Examples o AOL release of Anonymzed search logs, Users can easily be identified o Netflix faced a similar problem
Top 5 Best Practices • Secure your Computation Code • Implement access control, code signing, dynamic analysis of computational code • Strategy to prevent data in case of untrusted code • Implement Comprehensive Input Validation and Filtering • Implement validation and filtering of input data, from internal or external sources • Evaluate input validation filtering of your Big Data solution
Top 5 Best Practices • Implement Granular Access Control • Review Role and Privilege Matrix • Review permission to execute Adhoc queries • Enable Access Control • Secure your Data Storage and Computation • Sensitive Data should be segregated • Enable Data encryption for sensitive data • Audit Administrative Access on Data Nodes • API Security
Top 5 Best Practices • Review and Implement Privacy Preserving Data Mining and Analytics • Analytics data should not disclose sensitive information • Get the Big Data Audited
Thank You jitendra.chauhan@ivizsecurity.com http://www.ivizsecurity.com/blog/
Big Data Architecture Key Insights • Distributed Architecture & Auto Tiering • Real Time, Streaming and Continuous Computation • Adhoc Queries • Parallel and Powerful Computation Language • Move the Code, Not the data • Non Relational Data • Variety of Input Sources
Top 5 Security Risks • Insecure Computation • End Point Input Validation and Filtering • Granular Access Control • Insecure Data Storage and Communication • Privacy Preserving Data Mining and Analytics

More Related Content

PPTX
Security bigdata
byJitendra Chauhan
 
PPTX
Big data security the perfect storm
byUlf Mattsson
 
PPTX
Information Security in Big Data : Privacy and Data Mining
bywanani181
 
PPT
Information security in big data -privacy and data mining
byharithavijay94
 
PPTX
Big Data Security Analytics (BDSA) with Randy Franklin
bySridhar Karnam
 
PPTX
Security issues associated with big data in cloud
bysornalathaNatarajan
 
PPTX
A Little Security For Big Data
bySaurabh Kheni
 
PPTX
The REAL Impact of Big Data on Privacy
byClaudiu Popa
 
Security bigdata
byJitendra Chauhan
 
Big data security the perfect storm
byUlf Mattsson
 
Information Security in Big Data : Privacy and Data Mining
bywanani181
 
Information security in big data -privacy and data mining
byharithavijay94
 
Big Data Security Analytics (BDSA) with Randy Franklin
bySridhar Karnam
 
Security issues associated with big data in cloud
bysornalathaNatarajan
 
A Little Security For Big Data
bySaurabh Kheni
 
The REAL Impact of Big Data on Privacy
byClaudiu Popa
 

What's hot

PDF
Big Data Meets Privacy:De-identification Maturity Model for Benchmarking and ...
byKhaled El Emam
 
PDF
Expanded top ten_big_data_security_and_privacy_challenges
byTom Kirby
 
PDF
Solve Big Data Security Issues
byEditor IJCATR
 
PPT
Big Data (security Issue)
byExport Promotion Bureau
 
PPTX
Big Data and Security - Where are we now? (2015)
byPeter Wood
 
PDF
Big Data Security and Governance
byDataWorks Summit/Hadoop Summit
 
PDF
Atlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
byUlf Mattsson
 
PDF
Network Security‬ and Big ‪‎Data Analytics‬
byAllot Communications
 
PDF
Security and Audit for Big Data
byNicolas Morales
 
PDF
Threat Ready Data: Protect Data from the Inside and the Outside
byDLT Solutions
 
PPTX
Hadoop and Big Data Security
byChicago Hadoop Users Group
 
PDF
Big Data Analytics to Enhance Security
byData Science Thailand
 
PPTX
Security Analytics and Big Data: What You Need to Know
byMapR Technologies
 
PDF
To Serve and Protect: Making Sense of Hadoop Security
byInside Analysis
 
PPT
Data Leakage Presentation
byMike Spaulding
 
PDF
Privacy and Security by Design
byUnisys Corporation
 
PDF
The Definitive Guide to Data Loss Prevention
byDigital Guardian
 
PDF
Security and privacy of cloud data: what you need to know (Interop)
byDruva
 
PPTX
Privacy Secrets Your Systems May Be Telling
byRebecca Leitch
 
Big Data Meets Privacy:De-identification Maturity Model for Benchmarking and ...
byKhaled El Emam
 
Expanded top ten_big_data_security_and_privacy_challenges
byTom Kirby
 
Solve Big Data Security Issues
byEditor IJCATR
 
Big Data (security Issue)
byExport Promotion Bureau
 
Big Data and Security - Where are we now? (2015)
byPeter Wood
 
Big Data Security and Governance
byDataWorks Summit/Hadoop Summit
 
Atlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
byUlf Mattsson
 
Network Security‬ and Big ‪‎Data Analytics‬
byAllot Communications
 
Security and Audit for Big Data
byNicolas Morales
 
Threat Ready Data: Protect Data from the Inside and the Outside
byDLT Solutions
 
Hadoop and Big Data Security
byChicago Hadoop Users Group
 
Big Data Analytics to Enhance Security
byData Science Thailand
 
Security Analytics and Big Data: What You Need to Know
byMapR Technologies
 
To Serve and Protect: Making Sense of Hadoop Security
byInside Analysis
 
Data Leakage Presentation
byMike Spaulding
 
Privacy and Security by Design
byUnisys Corporation
 
The Definitive Guide to Data Loss Prevention
byDigital Guardian
 
Security and privacy of cloud data: what you need to know (Interop)
byDruva
 
Privacy Secrets Your Systems May Be Telling
byRebecca Leitch
 

Viewers also liked

PDF
Big Data Security with Hadoop
byCloudera, Inc.
 
PPTX
Cyber crime and security ppt
byLipsita Behera
 
PPT
Big data
byPalash Jain
 
PPT
Overview of policies for security and data sharing
bybdemchak
 
PDF
ciso-platform-annual-summit-2013-Fgont-ipv6-myths-dynamic
byPriyanka Aash
 
PPTX
Big Data Security (ChinaNetCloud - Guiyang Conference)
byChinaNetCloud
 
PPT
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
byYiannis Verginadis
 
PDF
Enterprise 2.0: What it is and why it matters
bydigitallibrary
 
PDF
SMB Security Opportunity –Use and Plans for Solutions and Profile of "Securit...
byMotty Ben Atia
 
PPT
Keynote Address at 2013 CloudCon: A day in the life of the SMB by Michael To...
byexponential-inc
 
PPT
Winning the war against data- Strategies to beat your arch nemesis: files - G...
bySpiceworks
 
PPTX
Keeping up with the Revolution in IT Security
byDistil Networks
 
PPTX
Building a database security program
bymatt_presson
 
PPT
Box.net overview
byEric McDuffee
 
PPTX
Security Essentials for the SMB IT Network (on a Shoestring Budget!) - Adam W...
bySpiceworks
 
PDF
Advanced IT and Cyber Security for Your Business
byInfopulse
 
PPTX
modern security risks for big data and mobile applications
byTrivadis
 
PDF
VO Course 10: Big data challenges in astronomy
byJoint ALMA Observatory
 
PPTX
The next generation of IT security
bySophos Benelux
 
Big Data Security with Hadoop
byCloudera, Inc.
 
Cyber crime and security ppt
byLipsita Behera
 
Big data
byPalash Jain
 
Overview of policies for security and data sharing
bybdemchak
 
ciso-platform-annual-summit-2013-Fgont-ipv6-myths-dynamic
byPriyanka Aash
 
Big Data Security (ChinaNetCloud - Guiyang Conference)
byChinaNetCloud
 
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
byYiannis Verginadis
 
Enterprise 2.0: What it is and why it matters
bydigitallibrary
 
SMB Security Opportunity –Use and Plans for Solutions and Profile of "Securit...
byMotty Ben Atia
 
Keynote Address at 2013 CloudCon: A day in the life of the SMB by Michael To...
byexponential-inc
 
Winning the war against data- Strategies to beat your arch nemesis: files - G...
bySpiceworks
 
Keeping up with the Revolution in IT Security
byDistil Networks
 
Building a database security program
bymatt_presson
 
Box.net overview
byEric McDuffee
 
Security Essentials for the SMB IT Network (on a Shoestring Budget!) - Adam W...
bySpiceworks
 
Advanced IT and Cyber Security for Your Business
byInfopulse
 
modern security risks for big data and mobile applications
byTrivadis
 
VO Course 10: Big data challenges in astronomy
byJoint ALMA Observatory
 
The next generation of IT security
bySophos Benelux
 

Similar to Big data security challenges and recommendations!

PPTX
Security issues in big data
byShallote Dsouza
 
PDF
Five_Big_Data_Security_Pitfalls
byLaris Orman
 
PDF
IRJET- Big Data Privacy and Security Challenges in Industries
byIRJET Journal
 
PDF
Keith prabhu global high on cloud summit
byadministrator_confidis
 
PDF
Security for Big Data
byJoey Jablonski
 
PPTX
Real callenges in big data security
bybalasahebcomp
 
PDF
Big Data - Cyberroot Risk Advisory
byCR Group
 
PPTX
Big data in term of security measure
byYaakub Idris
 
DOCX
Handling and Analyzing Big Data_ A Professional Guide
byjavedmileiahmed
 
PDF
BIG DATA
byDr. Shashank Shetty
 
PPTX
Generating actionable consumer insights from analytics
byMohammad Shazri Shahrir
 
PDF
Big data analysis concepts and references by Cloud Security Alliance
byInformation Security Awareness Group
 
PDF
Data Analytics Governance and Ethics
byHPCC Systems
 
PDF
Big Data & Security Have Collided - What Are You Going to do About It?
byEMC
 
PDF
Big Data Everywhere Chicago: The Big Data Imperative -- Discovering & Protect...
byBigDataEverywhere
 
PPTX
Innovation Without Compromise: The Challenges of Securing Big Data
byCloudera, Inc.
 
PPTX
Dev Lakhani, Data Scientist at Batch Insights "Real Time Big Data Applicatio...
byDataconomy Media
 
PDF
BDW16 London - Deenar Toraskar, Think Reactive - Fast Data Key to Efficient C...
byBig Data Week
 
PPTX
ppt about big data analysis in the indusry
byPheoNix35
 
PPTX
21312312312ppt about big data analysis in the indusry.pptx
byPheoNix35
 
Security issues in big data
byShallote Dsouza
 
Five_Big_Data_Security_Pitfalls
byLaris Orman
 
IRJET- Big Data Privacy and Security Challenges in Industries
byIRJET Journal
 
Keith prabhu global high on cloud summit
byadministrator_confidis
 
Security for Big Data
byJoey Jablonski
 
Real callenges in big data security
bybalasahebcomp
 
Big Data - Cyberroot Risk Advisory
byCR Group
 
Big data in term of security measure
byYaakub Idris
 
Handling and Analyzing Big Data_ A Professional Guide
byjavedmileiahmed
 
BIG DATA
byDr. Shashank Shetty
 
Generating actionable consumer insights from analytics
byMohammad Shazri Shahrir
 
Big data analysis concepts and references by Cloud Security Alliance
byInformation Security Awareness Group
 
Data Analytics Governance and Ethics
byHPCC Systems
 
Big Data & Security Have Collided - What Are You Going to do About It?
byEMC
 
Big Data Everywhere Chicago: The Big Data Imperative -- Discovering & Protect...
byBigDataEverywhere
 
Innovation Without Compromise: The Challenges of Securing Big Data
byCloudera, Inc.
 
Dev Lakhani, Data Scientist at Batch Insights "Real Time Big Data Applicatio...
byDataconomy Media
 
BDW16 London - Deenar Toraskar, Think Reactive - Fast Data Key to Efficient C...
byBig Data Week
 
ppt about big data analysis in the indusry
byPheoNix35
 
21312312312ppt about big data analysis in the indusry.pptx
byPheoNix35
 

Recently uploaded

PPTX
Building Cyber Resilience for 2026: Best Practices for a Secure, AI-Driven Bu...
byYasir Naveed Riaz
 
DOCX
iRobot Post‑Mortem and Alternative Paths - Discussion Document for Boards and...
byDave Litwiller
 
PDF
GPUS and How to Program Them by Manya Bansal
byScyllaDB
 
PDF
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
PPTX
Conversational Agents – Building Intelligent Assistants [Virtual Hands-on Wor...
byUiPathCommunity
 
PPTX
AI's Impact on Cybersecurity - Challenges and Opportunities
byYasir Naveed Riaz
 
PDF
Is It Possible to Have Wi-Fi Without an Internet Provider
bySidra Jefferi
 
PDF
API-First Architecture in Financial Systems
bycyy111112
 
PDF
Day 5 - Red Team + Blue Team in the Cloud - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
PDF
Security Forum Sessions from Houston 2025 Event
byMark Simos
 
PPTX
Coded Agents – with UiPath SDK + LangGraph [Virtual Hands-on Workshop]
byUiPathCommunity
 
PPTX
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
PDF
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
PPTX
Cybersecurity Best Practices - Step by Step guidelines
byYasir Naveed Riaz
 
PDF
Data Virtualization in Action: Scaling APIs and Apps with FME
bySafe Software
 
PDF
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
PDF
Cybersecurity: Safeguarding Digital Assets
byYasir Naveed Riaz
 
PDF
Real-Time Data Insight Using Microsoft Forms for Business
byElevate
 
PPTX
Cybercrime in the Digital Age: Risks, Impact & Protection
byYasir Naveed Riaz
 
PDF
DevFest El Jadida 2025 - Product Thinking
byElmehdi AMLOU
 
Building Cyber Resilience for 2026: Best Practices for a Secure, AI-Driven Bu...
byYasir Naveed Riaz
 
iRobot Post‑Mortem and Alternative Paths - Discussion Document for Boards and...
byDave Litwiller
 
GPUS and How to Program Them by Manya Bansal
byScyllaDB
 
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
Conversational Agents – Building Intelligent Assistants [Virtual Hands-on Wor...
byUiPathCommunity
 
AI's Impact on Cybersecurity - Challenges and Opportunities
byYasir Naveed Riaz
 
Is It Possible to Have Wi-Fi Without an Internet Provider
bySidra Jefferi
 
API-First Architecture in Financial Systems
bycyy111112
 
Day 5 - Red Team + Blue Team in the Cloud - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
Security Forum Sessions from Houston 2025 Event
byMark Simos
 
Coded Agents – with UiPath SDK + LangGraph [Virtual Hands-on Workshop]
byUiPathCommunity
 
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
Cybersecurity Best Practices - Step by Step guidelines
byYasir Naveed Riaz
 
Data Virtualization in Action: Scaling APIs and Apps with FME
bySafe Software
 
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
Cybersecurity: Safeguarding Digital Assets
byYasir Naveed Riaz
 
Real-Time Data Insight Using Microsoft Forms for Business
byElevate
 
Cybercrime in the Digital Age: Risks, Impact & Protection
byYasir Naveed Riaz
 
DevFest El Jadida 2025 - Product Thinking
byElmehdi AMLOU
 

Big data security challenges and recommendations!

  • 1.
    Big Data Security Top5 Security Risks and Best Practices Jitendra Chauhan Head R&D, iViZ Security jitendra.chauhan@gmail.com
  • 2.
    Agenda • Key Insightsof Big Data Architecture • Top 5 Big Data Security Risks • Top 5 Best Practices
  • 3.
    Key Insights ofBig Data Architecture
  • 4.
    Distributed Architecture (Hadoop asexample) Data Partition, Replication and Distribution Auto-tiering Move the Code
  • 5.
    Real Time, Streamingand Continuous ComputationIntegration Patterns Real time Variety of Input Sources Adhoc Queries
  • 6.
    Parallel & PowerfulProgramming Framework Example: • 16TB Data • 128 MB Chunks • 82000 Maps Java vs SQL / PLSQL Frameworks: • MapReduce • Storm Topology (Spouts & Bolts)
  • 7.
    Big Data Architecture NoSingle Silver Bullet • Hadoop is already unsuitable for many Big data problems • Real-time analytics • Cloudscale, Storm • Graph computation o Giraph and Pregel (Some examples graph computation are Shortest Paths, Degree of Separation etc.) • Low latency queries o Dremel
  • 8.
  • 9.
    Insecure Computation Sensitive Info • InformationLeak • Data Corruption • DoS Health Data Untrusted Computation program
  • 10.
    Input Validation andFiltering • Input Validation o What kind of data is untrusted? o What are the untrusted data sources? • Data Filtering o Filter Rogue or malicious data • Challenges o GBs or TBs continuous data o Signature based data filtering has limitations  How to filter Behavior aspect of data?
  • 11.
    Granular Access Controls •Designed for Performance, almost no security in mind • Security in Big Data still ongoing research • Table, Row or Cell level access control gone missing • Adhoc Queries poses additional challenges • Access Control is disabled by default
  • 12.
    Insecure Data Storage •Data at various nodes, Authentication, Authorization & Encryption is challenging • Autotiering moves cold data to lesser secure medium o What if cold data is sensitive? • Encryption of Real time data can have performance impacts • Secure communication among nodes, middleware and end users are disabled by default
  • 13.
    Privacy Concerns inData Mining and Analytics • Monetization of Big Data generally involves Data Mining and Analytics • Sharing of Results involve multiple challenges o Invasion of Privacy o Invasive Marketing o Unintentional Disclosure of Information • Examples o AOL release of Anonymzed search logs, Users can easily be identified o Netflix faced a similar problem
  • 14.
    Top 5 BestPractices • Secure your Computation Code • Implement access control, code signing, dynamic analysis of computational code • Strategy to prevent data in case of untrusted code • Implement Comprehensive Input Validation and Filtering • Implement validation and filtering of input data, from internal or external sources • Evaluate input validation filtering of your Big Data solution
  • 15.
    Top 5 BestPractices • Implement Granular Access Control • Review Role and Privilege Matrix • Review permission to execute Adhoc queries • Enable Access Control • Secure your Data Storage and Computation • Sensitive Data should be segregated • Enable Data encryption for sensitive data • Audit Administrative Access on Data Nodes • API Security
  • 16.
    Top 5 BestPractices • Review and Implement Privacy Preserving Data Mining and Analytics • Analytics data should not disclose sensitive information • Get the Big Data Audited
  • 17.
  • 18.
    Big Data Architecture KeyInsights • Distributed Architecture & Auto Tiering • Real Time, Streaming and Continuous Computation • Adhoc Queries • Parallel and Powerful Computation Language • Move the Code, Not the data • Non Relational Data • Variety of Input Sources
  • 19.
    Top 5 SecurityRisks • Insecure Computation • End Point Input Validation and Filtering • Granular Access Control • Insecure Data Storage and Communication • Privacy Preserving Data Mining and Analytics

Editor's Notes

  • #5 Partitioned, Distributed and Replicated among multiple Data Nodes 1000,s of Data nodes Autotiering: Moving hottest data to high performance drive, coldest data to low performance, less secure drive