SlideShare a Scribd company logo

Data lake protection ft 3119 -ver1.0

Download as PPTX, PDF
Finto Thomas , CISSP, TOGAF, CCSP, ITIL. JNCIS
Finto Thomas , CISSP, TOGAF, CCSP, ITIL. JNCIS

This document discusses security considerations for data lakes. It notes that data lakes consolidate an organization's most valuable data, making them an attractive target for hackers. The document outlines key risks like housing all customer data in a single repository and in the cloud. It proposes security design principles like zero trust and least privilege. The document then presents a protection framework with components like access controls, network security, data protection policies and governance. Specific capabilities are described for areas like platform access, policies, network isolation, and data protection. The goal is to properly secure the data lake while still enabling data sharing and analytics.

Data & Analytics
1 of 11
Data Lake Analytics Information Security Finto Thomas 3rd January 2019
Agenda 1. Current Industry Trend 2. Key Risks to address 3. Security Design Principles 4. Protection Framework 5. Security Capabilities to be established
Big data projects are proliferating at a rapid rate across organizations of all kinds, in all industries. In recent years , 65 percent of data and analytics decision-makers had implemented big data solutions, according to Forrester. That number should reach almost 100 percent in the next few years.
“Data lakes often bring together an enterprise’s most valuable data to perform analytics and/or build predictive models. Hackers would like nothing more than to engineer a single breach with access to all of it,” according to Forrester Research analysts Mike Gualtieri, John Kindervag, and Kelley Another key requirement is to meet Regulatory Compliance such as GDPR.
Data in the data lake will include a large amount of data from many systems. The data will include some of the most valuable and sensitive information that the organization has - in particular, personal information about customers. • How is the right information located and fed into data lake with Integrity ? • How is this information protected while still being open for sharing ? • How is the Data lake itself protected and maintain the business continuity ? Data Lake is great but has Challenges
Risk - Could turn lake water muddy !! • Single Repository of all Customer data • Data resides in cloud • Type of Cloud • Geo location • Security Visibility • Data Sources and validation • Identification of data sources and dataset • Data classification and tagging for applying adequate controls • Regulatory • Country or Geo specific ( GDPR) • Retention
Security Design Principles • Zero trust • Least privilege • Data-centric security • Cloud First
Data Lake Protection Framework Data Lake Platform Access and Privileges Network security and isolation Data Protection Policies and Governance People , Tool , Process
Platform Access and Privileges • Sign-On and Single Sign-On • Data – HDFS File System • Data – External (Federation Server, SAML) • Batch Environment Security • Query Data Security • LDAP Authentication • Administering Security (Roles, groups) • Access Control Lists (ACLs) • Cooperate wide schema system Policies and Governance • Business continuity planning or disaster recovery • Integrate with Document management • Roles and responsibilities (RACI ) defined • Log Files, Audit and Controls • Backups and retentions • Access management approval process • CIS standards for hardening benchmark • Regular Compliance and access validation process Security Capabilities
Security Capabilities (continue..) Network Security and Isolation • Operating systems and Hardware Vulnerability Management and hardening • Web and API interfaces and Virtual private Network • Application Data Security • Network isolation or Multi tenancy at cloud service • Integration to Security incident and event management system (SIEM) • Backup to protect from ransomware Data Protection • Data Owner • Data Classification and tagging • Classification of data produced by conversion/aggregation • Database activity Monitoring • Data encryption • Data masking and tokenization • External Databases
Data lake is first step in the big data journey for any organization. Thank You

Recommended

Sensitive data
Sensitive dataSensitive data
Sensitive data
S.M. Towhidul Islam
 
Data Security
Data SecurityData Security
Data Security
ankita_kashyap
 
Managing Data Breach Communication on The Social Web
Managing Data Breach Communication on The Social WebManaging Data Breach Communication on The Social Web
Managing Data Breach Communication on The Social Web
Boyd Neil
 
Cross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive dataCross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive data
Ulf Mattsson
 
Webinar: Practical Technology Playbook for the GDPR
Webinar: Practical Technology Playbook for the GDPRWebinar: Practical Technology Playbook for the GDPR
Webinar: Practical Technology Playbook for the GDPR
Index Engines Inc.
 
Tackling the GDPR Dell EMC Index Engines Webinar
Tackling the GDPR Dell EMC Index Engines WebinarTackling the GDPR Dell EMC Index Engines Webinar
Tackling the GDPR Dell EMC Index Engines Webinar
Index Engines Inc.
 
TrustArc Webinar: Challenges & Risks Of Data Graveyards
TrustArc Webinar: Challenges & Risks Of Data GraveyardsTrustArc Webinar: Challenges & Risks Of Data Graveyards
TrustArc Webinar: Challenges & Risks Of Data Graveyards
TrustArc
 
Information classification
Information classificationInformation classification
Information classification
Howard Diesel (CDMP BI, DW, DBA, Msc Elec Eng)
 

Recommended

Sensitive data
Sensitive dataSensitive data
Sensitive data
S.M. Towhidul Islam
 
Data Security
Data SecurityData Security
Data Security
ankita_kashyap
 
Managing Data Breach Communication on The Social Web
Managing Data Breach Communication on The Social WebManaging Data Breach Communication on The Social Web
Managing Data Breach Communication on The Social Web
Boyd Neil
 
Cross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive dataCross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive data
Ulf Mattsson
 
Webinar: Practical Technology Playbook for the GDPR
Webinar: Practical Technology Playbook for the GDPRWebinar: Practical Technology Playbook for the GDPR
Webinar: Practical Technology Playbook for the GDPR
Index Engines Inc.
 
Tackling the GDPR Dell EMC Index Engines Webinar
Tackling the GDPR Dell EMC Index Engines WebinarTackling the GDPR Dell EMC Index Engines Webinar
Tackling the GDPR Dell EMC Index Engines Webinar
Index Engines Inc.
 
TrustArc Webinar: Challenges & Risks Of Data Graveyards
TrustArc Webinar: Challenges & Risks Of Data GraveyardsTrustArc Webinar: Challenges & Risks Of Data Graveyards
TrustArc Webinar: Challenges & Risks Of Data Graveyards
TrustArc
 
Information classification
Information classificationInformation classification
Information classification
Howard Diesel (CDMP BI, DW, DBA, Msc Elec Eng)
 
Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...
Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...
Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...
Edge Pereira
 
Security&Governance
Security&GovernanceSecurity&Governance
Security&Governance
Datio Big Data
 
Supporting GDPR Compliance through Data Classification
Supporting GDPR Compliance through Data ClassificationSupporting GDPR Compliance through Data Classification
Supporting GDPR Compliance through Data Classification
Index Engines Inc.
 
Realizing the Value of Social: Evolving from Social Media to Customer Experience
Realizing the Value of Social: Evolving from Social Media to Customer ExperienceRealizing the Value of Social: Evolving from Social Media to Customer Experience
Realizing the Value of Social: Evolving from Social Media to Customer Experience
Tata Consultancy Services
 
Security Management in Cloud Computing by Shivani Gogia - Aravali College of ...
Security Management in Cloud Computing by Shivani Gogia - Aravali College of ...Security Management in Cloud Computing by Shivani Gogia - Aravali College of ...
Security Management in Cloud Computing by Shivani Gogia - Aravali College of ...
acemindia
 
Seattle Tech4Good meetup: Data Security and Privacy
Seattle Tech4Good meetup: Data Security and PrivacySeattle Tech4Good meetup: Data Security and Privacy
Seattle Tech4Good meetup: Data Security and Privacy
Sabra Goldick
 
Developing a privacy compliance program
Developing a privacy compliance programDeveloping a privacy compliance program
Developing a privacy compliance program
Raoul Miller
 
Big data security challenges and recommendations!
Big data security challenges and recommendations!Big data security challenges and recommendations!
Big data security challenges and recommendations!
cisoplatform
 
Security bigdata
Security bigdataSecurity bigdata
Security bigdata
Jitendra Chauhan
 
CHIME Lead Forum - Seattle 2015
CHIME Lead Forum - Seattle 2015CHIME Lead Forum - Seattle 2015
CHIME Lead Forum - Seattle 2015
Health IT Conference – iHT2
 
Office 365 : Data leakage control, privacy, compliance and regulations in the...
Office 365 : Data leakage control, privacy, compliance and regulations in the...Office 365 : Data leakage control, privacy, compliance and regulations in the...
Office 365 : Data leakage control, privacy, compliance and regulations in the...
Edge Pereira
 
How To Eliminate Security Exposures in Office 365 Webinar
How To Eliminate Security Exposures in Office 365 WebinarHow To Eliminate Security Exposures in Office 365 Webinar
How To Eliminate Security Exposures in Office 365 Webinar
Concept Searching, Inc
 
Expanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challengesExpanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challenges
Tom Kirby
 
IT Security Services
IT Security ServicesIT Security Services
IT Security Services
Omar Toor
 
what is data security full ppt
what is data security full pptwhat is data security full ppt
what is data security full ppt
Shahbaz Khan
 
Enterprise Data Privacy Quiz
Enterprise Data Privacy QuizEnterprise Data Privacy Quiz
Enterprise Data Privacy Quiz
Druva
 
Winning the war on data breaches in a changing data landscape
Winning the war on data breaches in a changing data landscapeWinning the war on data breaches in a changing data landscape
Winning the war on data breaches in a changing data landscape
Avinash Ramineni
 
Cleaning up Redundant, Obsolete and Trivial Data to Reclaim Capacity and Mana...
Cleaning up Redundant, Obsolete and Trivial Data to Reclaim Capacity and Mana...Cleaning up Redundant, Obsolete and Trivial Data to Reclaim Capacity and Mana...
Cleaning up Redundant, Obsolete and Trivial Data to Reclaim Capacity and Mana...
Index Engines Inc.
 
Cloud and Data Privacy
Cloud and Data PrivacyCloud and Data Privacy
Cloud and Data Privacy
Maganathin Veeraragaloo
 
GDPR introduction
GDPR introductionGDPR introduction
GDPR introduction
Richard Shearwood-Porter
 
DoD Data Quality Challenges
DoD Data Quality ChallengesDoD Data Quality Challenges
DoD Data Quality Challenges
Jay j
 
Accelerating Regulatory Compliance for IBM i Systems
Accelerating Regulatory Compliance for IBM i SystemsAccelerating Regulatory Compliance for IBM i Systems
Accelerating Regulatory Compliance for IBM i Systems
Precisely
 

More Related Content

What's hot

Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...
Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...
Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...
Edge Pereira
 
Security&Governance
Security&GovernanceSecurity&Governance
Security&Governance
Datio Big Data
 
Supporting GDPR Compliance through Data Classification
Supporting GDPR Compliance through Data ClassificationSupporting GDPR Compliance through Data Classification
Supporting GDPR Compliance through Data Classification
Index Engines Inc.
 
Realizing the Value of Social: Evolving from Social Media to Customer Experience
Realizing the Value of Social: Evolving from Social Media to Customer ExperienceRealizing the Value of Social: Evolving from Social Media to Customer Experience
Realizing the Value of Social: Evolving from Social Media to Customer Experience
Tata Consultancy Services
 
Security Management in Cloud Computing by Shivani Gogia - Aravali College of ...
Security Management in Cloud Computing by Shivani Gogia - Aravali College of ...Security Management in Cloud Computing by Shivani Gogia - Aravali College of ...
Security Management in Cloud Computing by Shivani Gogia - Aravali College of ...
acemindia
 
Seattle Tech4Good meetup: Data Security and Privacy
Seattle Tech4Good meetup: Data Security and PrivacySeattle Tech4Good meetup: Data Security and Privacy
Seattle Tech4Good meetup: Data Security and Privacy
Sabra Goldick
 
Developing a privacy compliance program
Developing a privacy compliance programDeveloping a privacy compliance program
Developing a privacy compliance program
Raoul Miller
 
Big data security challenges and recommendations!
Big data security challenges and recommendations!Big data security challenges and recommendations!
Big data security challenges and recommendations!
cisoplatform
 
Security bigdata
Security bigdataSecurity bigdata
Security bigdata
Jitendra Chauhan
 
CHIME Lead Forum - Seattle 2015
CHIME Lead Forum - Seattle 2015CHIME Lead Forum - Seattle 2015
CHIME Lead Forum - Seattle 2015
Health IT Conference – iHT2
 
Office 365 : Data leakage control, privacy, compliance and regulations in the...
Office 365 : Data leakage control, privacy, compliance and regulations in the...Office 365 : Data leakage control, privacy, compliance and regulations in the...
Office 365 : Data leakage control, privacy, compliance and regulations in the...
Edge Pereira
 
How To Eliminate Security Exposures in Office 365 Webinar
How To Eliminate Security Exposures in Office 365 WebinarHow To Eliminate Security Exposures in Office 365 Webinar
How To Eliminate Security Exposures in Office 365 Webinar
Concept Searching, Inc
 
Expanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challengesExpanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challenges
Tom Kirby
 
IT Security Services
IT Security ServicesIT Security Services
IT Security Services
Omar Toor
 
what is data security full ppt
what is data security full pptwhat is data security full ppt
what is data security full ppt
Shahbaz Khan
 
Enterprise Data Privacy Quiz
Enterprise Data Privacy QuizEnterprise Data Privacy Quiz
Enterprise Data Privacy Quiz
Druva
 
Winning the war on data breaches in a changing data landscape
Winning the war on data breaches in a changing data landscapeWinning the war on data breaches in a changing data landscape
Winning the war on data breaches in a changing data landscape
Avinash Ramineni
 
Cleaning up Redundant, Obsolete and Trivial Data to Reclaim Capacity and Mana...
Cleaning up Redundant, Obsolete and Trivial Data to Reclaim Capacity and Mana...Cleaning up Redundant, Obsolete and Trivial Data to Reclaim Capacity and Mana...
Cleaning up Redundant, Obsolete and Trivial Data to Reclaim Capacity and Mana...
Index Engines Inc.
 
Cloud and Data Privacy
Cloud and Data PrivacyCloud and Data Privacy
Cloud and Data Privacy
Maganathin Veeraragaloo
 
GDPR introduction
GDPR introductionGDPR introduction
GDPR introduction
Richard Shearwood-Porter
 

What's hot (20)

Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...
Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...
Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...
 
Security&Governance
Security&GovernanceSecurity&Governance
Security&Governance
 
Supporting GDPR Compliance through Data Classification
Supporting GDPR Compliance through Data ClassificationSupporting GDPR Compliance through Data Classification
Supporting GDPR Compliance through Data Classification
 
Realizing the Value of Social: Evolving from Social Media to Customer Experience
Realizing the Value of Social: Evolving from Social Media to Customer ExperienceRealizing the Value of Social: Evolving from Social Media to Customer Experience
Realizing the Value of Social: Evolving from Social Media to Customer Experience
 
Security Management in Cloud Computing by Shivani Gogia - Aravali College of ...
Security Management in Cloud Computing by Shivani Gogia - Aravali College of ...Security Management in Cloud Computing by Shivani Gogia - Aravali College of ...
Security Management in Cloud Computing by Shivani Gogia - Aravali College of ...
 
Seattle Tech4Good meetup: Data Security and Privacy
Seattle Tech4Good meetup: Data Security and PrivacySeattle Tech4Good meetup: Data Security and Privacy
Seattle Tech4Good meetup: Data Security and Privacy
 
Developing a privacy compliance program
Developing a privacy compliance programDeveloping a privacy compliance program
Developing a privacy compliance program
 
Big data security challenges and recommendations!
Big data security challenges and recommendations!Big data security challenges and recommendations!
Big data security challenges and recommendations!
 
Security bigdata
Security bigdataSecurity bigdata
Security bigdata
 
CHIME Lead Forum - Seattle 2015
CHIME Lead Forum - Seattle 2015CHIME Lead Forum - Seattle 2015
CHIME Lead Forum - Seattle 2015
 
Office 365 : Data leakage control, privacy, compliance and regulations in the...
Office 365 : Data leakage control, privacy, compliance and regulations in the...Office 365 : Data leakage control, privacy, compliance and regulations in the...
Office 365 : Data leakage control, privacy, compliance and regulations in the...
 
How To Eliminate Security Exposures in Office 365 Webinar
How To Eliminate Security Exposures in Office 365 WebinarHow To Eliminate Security Exposures in Office 365 Webinar
How To Eliminate Security Exposures in Office 365 Webinar
 
Expanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challengesExpanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challenges
 
IT Security Services
IT Security ServicesIT Security Services
IT Security Services
 
what is data security full ppt
what is data security full pptwhat is data security full ppt
what is data security full ppt
 
Enterprise Data Privacy Quiz
Enterprise Data Privacy QuizEnterprise Data Privacy Quiz
Enterprise Data Privacy Quiz
 
Winning the war on data breaches in a changing data landscape
Winning the war on data breaches in a changing data landscapeWinning the war on data breaches in a changing data landscape
Winning the war on data breaches in a changing data landscape
 
Cleaning up Redundant, Obsolete and Trivial Data to Reclaim Capacity and Mana...
Cleaning up Redundant, Obsolete and Trivial Data to Reclaim Capacity and Mana...Cleaning up Redundant, Obsolete and Trivial Data to Reclaim Capacity and Mana...
Cleaning up Redundant, Obsolete and Trivial Data to Reclaim Capacity and Mana...
 
Cloud and Data Privacy
Cloud and Data PrivacyCloud and Data Privacy
Cloud and Data Privacy
 
GDPR introduction
GDPR introductionGDPR introduction
GDPR introduction
 

Similar to Data lake protection ft 3119 -ver1.0

DoD Data Quality Challenges
DoD Data Quality ChallengesDoD Data Quality Challenges
DoD Data Quality Challenges
Jay j
 
Accelerating Regulatory Compliance for IBM i Systems
Accelerating Regulatory Compliance for IBM i SystemsAccelerating Regulatory Compliance for IBM i Systems
Accelerating Regulatory Compliance for IBM i Systems
Precisely
 
The EU General Protection Regulation and how Oracle can help
The EU General Protection Regulation and how Oracle can help The EU General Protection Regulation and how Oracle can help
The EU General Protection Regulation and how Oracle can help
Niklas Hjorthen
 
Improve IT Security and Compliance with Mainframe Data in Splunk
Improve IT Security and Compliance with Mainframe Data in SplunkImprove IT Security and Compliance with Mainframe Data in Splunk
Improve IT Security and Compliance with Mainframe Data in Splunk
Precisely
 
Aligning Application Security to Compliance
Aligning Application Security to ComplianceAligning Application Security to Compliance
Aligning Application Security to Compliance
Security Innovation
 
Novel cloud computingsecurity issues
Novel cloud computingsecurity issuesNovel cloud computingsecurity issues
Novel cloud computingsecurity issues
Joo Manthar
 
Beyond GDPR Compliance - Role of Internal Audit
Beyond GDPR Compliance - Role of Internal AuditBeyond GDPR Compliance - Role of Internal Audit
Beyond GDPR Compliance - Role of Internal Audit
Omo Osagiede
 
CYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdf
CYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdfCYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdf
CYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdf
Jenna Murray
 
Big Data Everywhere Chicago: The Big Data Imperative -- Discovering & Protect...
Big Data Everywhere Chicago: The Big Data Imperative -- Discovering & Protect...Big Data Everywhere Chicago: The Big Data Imperative -- Discovering & Protect...
Big Data Everywhere Chicago: The Big Data Imperative -- Discovering & Protect...
BigDataEverywhere
 
GDPR Compliance Made Easy with Data Virtualization
GDPR Compliance Made Easy with Data VirtualizationGDPR Compliance Made Easy with Data Virtualization
GDPR Compliance Made Easy with Data Virtualization
Denodo
 
cloudComputingSec_p3.pptx
cloudComputingSec_p3.pptxcloudComputingSec_p3.pptx
cloudComputingSec_p3.pptx
Steven Quach
 
Isaca new delhi india privacy and big data
Isaca new delhi india privacy and big dataIsaca new delhi india privacy and big data
Isaca new delhi india privacy and big data
Ulf Mattsson
 
Bridging the Data Security Gap
Bridging the Data Security GapBridging the Data Security Gap
Bridging the Data Security Gap
xband
 
Microsoft Cloud GDPR Compliance Options (SUGUK)
Microsoft Cloud GDPR Compliance Options (SUGUK)Microsoft Cloud GDPR Compliance Options (SUGUK)
Microsoft Cloud GDPR Compliance Options (SUGUK)
Andy Talbot
 
HITRUST CSF in the Cloud
HITRUST CSF in the CloudHITRUST CSF in the Cloud
HITRUST CSF in the Cloud
OnRamp
 
How Vulnerable is Your Critical Data?
How Vulnerable is Your Critical Data?How Vulnerable is Your Critical Data?
How Vulnerable is Your Critical Data?
IBM Security
 
Perspectives on Ethical Big Data Governance
Perspectives on Ethical Big Data GovernancePerspectives on Ethical Big Data Governance
Perspectives on Ethical Big Data Governance
Cloudera, Inc.
 
A Tale of Two Regulations: Cross-Border Data Protection For Big Data Under GD...
A Tale of Two Regulations: Cross-Border Data Protection For Big Data Under GD...A Tale of Two Regulations: Cross-Border Data Protection For Big Data Under GD...
A Tale of Two Regulations: Cross-Border Data Protection For Big Data Under GD...
DataWorks Summit/Hadoop Summit
 
Data Analytics Governance and Ethics
Data Analytics Governance and EthicsData Analytics Governance and Ethics
Data Analytics Governance and Ethics
HPCC Systems
 
DBAs - Is Your Company’s Personal and Sensitive Data Safe?
DBAs - Is Your Company’s Personal and Sensitive Data Safe?DBAs - Is Your Company’s Personal and Sensitive Data Safe?
DBAs - Is Your Company’s Personal and Sensitive Data Safe?
DevOps.com
 

Similar to Data lake protection ft 3119 -ver1.0 (20)

DoD Data Quality Challenges
DoD Data Quality ChallengesDoD Data Quality Challenges
DoD Data Quality Challenges
 
Accelerating Regulatory Compliance for IBM i Systems
Accelerating Regulatory Compliance for IBM i SystemsAccelerating Regulatory Compliance for IBM i Systems
Accelerating Regulatory Compliance for IBM i Systems
 
The EU General Protection Regulation and how Oracle can help
The EU General Protection Regulation and how Oracle can help The EU General Protection Regulation and how Oracle can help
The EU General Protection Regulation and how Oracle can help
 
Improve IT Security and Compliance with Mainframe Data in Splunk
Improve IT Security and Compliance with Mainframe Data in SplunkImprove IT Security and Compliance with Mainframe Data in Splunk
Improve IT Security and Compliance with Mainframe Data in Splunk
 
Aligning Application Security to Compliance
Aligning Application Security to ComplianceAligning Application Security to Compliance
Aligning Application Security to Compliance
 
Novel cloud computingsecurity issues
Novel cloud computingsecurity issuesNovel cloud computingsecurity issues
Novel cloud computingsecurity issues
 
Beyond GDPR Compliance - Role of Internal Audit
Beyond GDPR Compliance - Role of Internal AuditBeyond GDPR Compliance - Role of Internal Audit
Beyond GDPR Compliance - Role of Internal Audit
 
CYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdf
CYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdfCYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdf
CYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdf
 
Big Data Everywhere Chicago: The Big Data Imperative -- Discovering & Protect...
Big Data Everywhere Chicago: The Big Data Imperative -- Discovering & Protect...Big Data Everywhere Chicago: The Big Data Imperative -- Discovering & Protect...
Big Data Everywhere Chicago: The Big Data Imperative -- Discovering & Protect...
 
GDPR Compliance Made Easy with Data Virtualization
GDPR Compliance Made Easy with Data VirtualizationGDPR Compliance Made Easy with Data Virtualization
GDPR Compliance Made Easy with Data Virtualization
 
cloudComputingSec_p3.pptx
cloudComputingSec_p3.pptxcloudComputingSec_p3.pptx
cloudComputingSec_p3.pptx
 
Isaca new delhi india privacy and big data
Isaca new delhi india privacy and big dataIsaca new delhi india privacy and big data
Isaca new delhi india privacy and big data
 
Bridging the Data Security Gap
Bridging the Data Security GapBridging the Data Security Gap
Bridging the Data Security Gap
 
Microsoft Cloud GDPR Compliance Options (SUGUK)
Microsoft Cloud GDPR Compliance Options (SUGUK)Microsoft Cloud GDPR Compliance Options (SUGUK)
Microsoft Cloud GDPR Compliance Options (SUGUK)
 
HITRUST CSF in the Cloud
HITRUST CSF in the CloudHITRUST CSF in the Cloud
HITRUST CSF in the Cloud
 
How Vulnerable is Your Critical Data?
How Vulnerable is Your Critical Data?How Vulnerable is Your Critical Data?
How Vulnerable is Your Critical Data?
 
Perspectives on Ethical Big Data Governance
Perspectives on Ethical Big Data GovernancePerspectives on Ethical Big Data Governance
Perspectives on Ethical Big Data Governance
 
A Tale of Two Regulations: Cross-Border Data Protection For Big Data Under GD...
A Tale of Two Regulations: Cross-Border Data Protection For Big Data Under GD...A Tale of Two Regulations: Cross-Border Data Protection For Big Data Under GD...
A Tale of Two Regulations: Cross-Border Data Protection For Big Data Under GD...
 
Data Analytics Governance and Ethics
Data Analytics Governance and EthicsData Analytics Governance and Ethics
Data Analytics Governance and Ethics
 
DBAs - Is Your Company’s Personal and Sensitive Data Safe?
DBAs - Is Your Company’s Personal and Sensitive Data Safe?DBAs - Is Your Company’s Personal and Sensitive Data Safe?
DBAs - Is Your Company’s Personal and Sensitive Data Safe?
 

More from Finto Thomas , CISSP, TOGAF, CCSP, ITIL. JNCIS

Benefits of DevSecOps
Benefits of DevSecOpsBenefits of DevSecOps
Benefits of DevSecOps
Finto Thomas , CISSP, TOGAF, CCSP, ITIL. JNCIS
 
Threathunting v0.1
Threathunting v0.1Threathunting v0.1
Threathunting v0.1
Finto Thomas , CISSP, TOGAF, CCSP, ITIL. JNCIS
 
Vulnerability manager v1.0
Vulnerability manager v1.0Vulnerability manager v1.0
Vulnerability manager v1.0
Finto Thomas , CISSP, TOGAF, CCSP, ITIL. JNCIS
 
Network & security startup
Network & security startupNetwork & security startup
Network & security startup
Finto Thomas , CISSP, TOGAF, CCSP, ITIL. JNCIS
 
Idps technology starter v2.0
Idps technology starter v2.0Idps technology starter v2.0
Idps technology starter v2.0
Finto Thomas , CISSP, TOGAF, CCSP, ITIL. JNCIS
 
Virtualization & tipping point
Virtualization & tipping pointVirtualization & tipping point
Virtualization & tipping point
Finto Thomas , CISSP, TOGAF, CCSP, ITIL. JNCIS
 

More from Finto Thomas , CISSP, TOGAF, CCSP, ITIL. JNCIS (9)

Benefits of DevSecOps
Benefits of DevSecOpsBenefits of DevSecOps
Benefits of DevSecOps
 
Gdpr brief and controls ver2.0
Gdpr brief and controls ver2.0Gdpr brief and controls ver2.0
Gdpr brief and controls ver2.0
 
Deception ey
Deception ey Deception ey
Deception ey
 
Threathunting v0.1
Threathunting v0.1Threathunting v0.1
Threathunting v0.1
 
Vulnerability manager v1.0
Vulnerability manager v1.0Vulnerability manager v1.0
Vulnerability manager v1.0
 
Network & security startup
Network & security startupNetwork & security startup
Network & security startup
 
Idps technology starter v2.0
Idps technology starter v2.0Idps technology starter v2.0
Idps technology starter v2.0
 
Virtualization & tipping point
Virtualization & tipping pointVirtualization & tipping point
Virtualization & tipping point
 
Finto InfoSec ExIBM- CISSP ITIL CCSP CCIE JNCIS MCP 8.5 Yrs
Finto InfoSec ExIBM- CISSP ITIL CCSP CCIE JNCIS MCP 8.5 YrsFinto InfoSec ExIBM- CISSP ITIL CCSP CCIE JNCIS MCP 8.5 Yrs
Finto InfoSec ExIBM- CISSP ITIL CCSP CCIE JNCIS MCP 8.5 Yrs
 

Recently uploaded

Predicting Product Ad Campaign Performance: A Data Analysis Project Presentation
Predicting Product Ad Campaign Performance: A Data Analysis Project PresentationPredicting Product Ad Campaign Performance: A Data Analysis Project Presentation
Predicting Product Ad Campaign Performance: A Data Analysis Project Presentation
Boston Institute of Analytics
 
一比一原版(BU毕业证)波士顿大学毕业证成绩单
一比一原版(BU毕业证)波士顿大学毕业证成绩单一比一原版(BU毕业证)波士顿大学毕业证成绩单
一比一原版(BU毕业证)波士顿大学毕业证成绩单
ewymefz
 
Ch03-Managing the Object-Oriented Information Systems Project a.pdf
Ch03-Managing the Object-Oriented Information Systems Project a.pdfCh03-Managing the Object-Oriented Information Systems Project a.pdf
Ch03-Managing the Object-Oriented Information Systems Project a.pdf
haila53
 
Opendatabay - Open Data Marketplace.pptx
Opendatabay - Open Data Marketplace.pptxOpendatabay - Open Data Marketplace.pptx
Opendatabay - Open Data Marketplace.pptx
Opendatabay
 
Sample_Global Non-invasive Prenatal Testing (NIPT) Market, 2019-2030.pdf
Sample_Global Non-invasive Prenatal Testing (NIPT) Market, 2019-2030.pdfSample_Global Non-invasive Prenatal Testing (NIPT) Market, 2019-2030.pdf
Sample_Global Non-invasive Prenatal Testing (NIPT) Market, 2019-2030.pdf
Linda486226
 
一比一原版(Bradford毕业证书)布拉德福德大学毕业证如何办理
一比一原版(Bradford毕业证书)布拉德福德大学毕业证如何办理一比一原版(Bradford毕业证书)布拉德福德大学毕业证如何办理
一比一原版(Bradford毕业证书)布拉德福德大学毕业证如何办理
mbawufebxi
 
Chatty Kathy - UNC Bootcamp Final Project Presentation - Final Version - 5.23...
Chatty Kathy - UNC Bootcamp Final Project Presentation - Final Version - 5.23...Chatty Kathy - UNC Bootcamp Final Project Presentation - Final Version - 5.23...
Chatty Kathy - UNC Bootcamp Final Project Presentation - Final Version - 5.23...
John Andrews
 
Malana- Gimlet Market Analysis (Portfolio 2)
Malana- Gimlet Market Analysis (Portfolio 2)Malana- Gimlet Market Analysis (Portfolio 2)
Malana- Gimlet Market Analysis (Portfolio 2)
TravisMalana
 
Algorithmic optimizations for Dynamic Levelwise PageRank (from STICD) : SHORT...
Algorithmic optimizations for Dynamic Levelwise PageRank (from STICD) : SHORT...Algorithmic optimizations for Dynamic Levelwise PageRank (from STICD) : SHORT...
Algorithmic optimizations for Dynamic Levelwise PageRank (from STICD) : SHORT...
Subhajit Sahu
 
Empowering Data Analytics Ecosystem.pptx
Empowering Data Analytics Ecosystem.pptxEmpowering Data Analytics Ecosystem.pptx
Empowering Data Analytics Ecosystem.pptx
benishzehra469
 
一比一原版(UVic毕业证)维多利亚大学毕业证成绩单
一比一原版(UVic毕业证)维多利亚大学毕业证成绩单一比一原版(UVic毕业证)维多利亚大学毕业证成绩单
一比一原版(UVic毕业证)维多利亚大学毕业证成绩单
ukgaet
 
1.Seydhcuxhxyxhccuuxuxyxyxmisolids 2019.pptx
1.Seydhcuxhxyxhccuuxuxyxyxmisolids 2019.pptx1.Seydhcuxhxyxhccuuxuxyxyxmisolids 2019.pptx
1.Seydhcuxhxyxhccuuxuxyxyxmisolids 2019.pptx
Tiktokethiodaily
 
Adjusting primitives for graph : SHORT REPORT / NOTES
Adjusting primitives for graph : SHORT REPORT / NOTESAdjusting primitives for graph : SHORT REPORT / NOTES
Adjusting primitives for graph : SHORT REPORT / NOTES
Subhajit Sahu
 
FP Growth Algorithm and its Applications
FP Growth Algorithm and its ApplicationsFP Growth Algorithm and its Applications
FP Growth Algorithm and its Applications
MaleehaSheikh2
 
Levelwise PageRank with Loop-Based Dead End Handling Strategy : SHORT REPORT ...
Levelwise PageRank with Loop-Based Dead End Handling Strategy : SHORT REPORT ...Levelwise PageRank with Loop-Based Dead End Handling Strategy : SHORT REPORT ...
Levelwise PageRank with Loop-Based Dead End Handling Strategy : SHORT REPORT ...
Subhajit Sahu
 
一比一原版(CBU毕业证)不列颠海角大学毕业证成绩单
一比一原版(CBU毕业证)不列颠海角大学毕业证成绩单一比一原版(CBU毕业证)不列颠海角大学毕业证成绩单
一比一原版(CBU毕业证)不列颠海角大学毕业证成绩单
nscud
 
一比一原版(CBU毕业证)卡普顿大学毕业证如何办理
一比一原版(CBU毕业证)卡普顿大学毕业证如何办理一比一原版(CBU毕业证)卡普顿大学毕业证如何办理
一比一原版(CBU毕业证)卡普顿大学毕业证如何办理
ahzuo
 
一比一原版(TWU毕业证)西三一大学毕业证成绩单
一比一原版(TWU毕业证)西三一大学毕业证成绩单一比一原版(TWU毕业证)西三一大学毕业证成绩单
一比一原版(TWU毕业证)西三一大学毕业证成绩单
ocavb
 
Q1’2024 Update: MYCI’s Leap Year Rebound
Q1’2024 Update: MYCI’s Leap Year ReboundQ1’2024 Update: MYCI’s Leap Year Rebound
Q1’2024 Update: MYCI’s Leap Year Rebound
Oppotus
 
SOCRadar Germany 2024 Threat Landscape Report
SOCRadar Germany 2024 Threat Landscape ReportSOCRadar Germany 2024 Threat Landscape Report
SOCRadar Germany 2024 Threat Landscape Report
SOCRadar
 

Recently uploaded (20)

Predicting Product Ad Campaign Performance: A Data Analysis Project Presentation
Predicting Product Ad Campaign Performance: A Data Analysis Project PresentationPredicting Product Ad Campaign Performance: A Data Analysis Project Presentation
Predicting Product Ad Campaign Performance: A Data Analysis Project Presentation
 
一比一原版(BU毕业证)波士顿大学毕业证成绩单
一比一原版(BU毕业证)波士顿大学毕业证成绩单一比一原版(BU毕业证)波士顿大学毕业证成绩单
一比一原版(BU毕业证)波士顿大学毕业证成绩单
 
Ch03-Managing the Object-Oriented Information Systems Project a.pdf
Ch03-Managing the Object-Oriented Information Systems Project a.pdfCh03-Managing the Object-Oriented Information Systems Project a.pdf
Ch03-Managing the Object-Oriented Information Systems Project a.pdf
 
Opendatabay - Open Data Marketplace.pptx
Opendatabay - Open Data Marketplace.pptxOpendatabay - Open Data Marketplace.pptx
Opendatabay - Open Data Marketplace.pptx
 
Sample_Global Non-invasive Prenatal Testing (NIPT) Market, 2019-2030.pdf
Sample_Global Non-invasive Prenatal Testing (NIPT) Market, 2019-2030.pdfSample_Global Non-invasive Prenatal Testing (NIPT) Market, 2019-2030.pdf
Sample_Global Non-invasive Prenatal Testing (NIPT) Market, 2019-2030.pdf
 
一比一原版(Bradford毕业证书)布拉德福德大学毕业证如何办理
一比一原版(Bradford毕业证书)布拉德福德大学毕业证如何办理一比一原版(Bradford毕业证书)布拉德福德大学毕业证如何办理
一比一原版(Bradford毕业证书)布拉德福德大学毕业证如何办理
 
Chatty Kathy - UNC Bootcamp Final Project Presentation - Final Version - 5.23...
Chatty Kathy - UNC Bootcamp Final Project Presentation - Final Version - 5.23...Chatty Kathy - UNC Bootcamp Final Project Presentation - Final Version - 5.23...
Chatty Kathy - UNC Bootcamp Final Project Presentation - Final Version - 5.23...
 
Malana- Gimlet Market Analysis (Portfolio 2)
Malana- Gimlet Market Analysis (Portfolio 2)Malana- Gimlet Market Analysis (Portfolio 2)
Malana- Gimlet Market Analysis (Portfolio 2)
 
Algorithmic optimizations for Dynamic Levelwise PageRank (from STICD) : SHORT...
Algorithmic optimizations for Dynamic Levelwise PageRank (from STICD) : SHORT...Algorithmic optimizations for Dynamic Levelwise PageRank (from STICD) : SHORT...
Algorithmic optimizations for Dynamic Levelwise PageRank (from STICD) : SHORT...
 
Empowering Data Analytics Ecosystem.pptx
Empowering Data Analytics Ecosystem.pptxEmpowering Data Analytics Ecosystem.pptx
Empowering Data Analytics Ecosystem.pptx
 
一比一原版(UVic毕业证)维多利亚大学毕业证成绩单
一比一原版(UVic毕业证)维多利亚大学毕业证成绩单一比一原版(UVic毕业证)维多利亚大学毕业证成绩单
一比一原版(UVic毕业证)维多利亚大学毕业证成绩单
 
1.Seydhcuxhxyxhccuuxuxyxyxmisolids 2019.pptx
1.Seydhcuxhxyxhccuuxuxyxyxmisolids 2019.pptx1.Seydhcuxhxyxhccuuxuxyxyxmisolids 2019.pptx
1.Seydhcuxhxyxhccuuxuxyxyxmisolids 2019.pptx
 
Adjusting primitives for graph : SHORT REPORT / NOTES
Adjusting primitives for graph : SHORT REPORT / NOTESAdjusting primitives for graph : SHORT REPORT / NOTES
Adjusting primitives for graph : SHORT REPORT / NOTES
 
FP Growth Algorithm and its Applications
FP Growth Algorithm and its ApplicationsFP Growth Algorithm and its Applications
FP Growth Algorithm and its Applications
 
Levelwise PageRank with Loop-Based Dead End Handling Strategy : SHORT REPORT ...
Levelwise PageRank with Loop-Based Dead End Handling Strategy : SHORT REPORT ...Levelwise PageRank with Loop-Based Dead End Handling Strategy : SHORT REPORT ...
Levelwise PageRank with Loop-Based Dead End Handling Strategy : SHORT REPORT ...
 
一比一原版(CBU毕业证)不列颠海角大学毕业证成绩单
一比一原版(CBU毕业证)不列颠海角大学毕业证成绩单一比一原版(CBU毕业证)不列颠海角大学毕业证成绩单
一比一原版(CBU毕业证)不列颠海角大学毕业证成绩单
 
一比一原版(CBU毕业证)卡普顿大学毕业证如何办理
一比一原版(CBU毕业证)卡普顿大学毕业证如何办理一比一原版(CBU毕业证)卡普顿大学毕业证如何办理
一比一原版(CBU毕业证)卡普顿大学毕业证如何办理
 
一比一原版(TWU毕业证)西三一大学毕业证成绩单
一比一原版(TWU毕业证)西三一大学毕业证成绩单一比一原版(TWU毕业证)西三一大学毕业证成绩单
一比一原版(TWU毕业证)西三一大学毕业证成绩单
 
Q1’2024 Update: MYCI’s Leap Year Rebound
Q1’2024 Update: MYCI’s Leap Year ReboundQ1’2024 Update: MYCI’s Leap Year Rebound
Q1’2024 Update: MYCI’s Leap Year Rebound
 
SOCRadar Germany 2024 Threat Landscape Report
SOCRadar Germany 2024 Threat Landscape ReportSOCRadar Germany 2024 Threat Landscape Report
SOCRadar Germany 2024 Threat Landscape Report
 

Data lake protection ft 3119 -ver1.0

  • 1. Data Lake Analytics Information Security Finto Thomas 3rd January 2019
  • 2. Agenda 1. Current Industry Trend 2. Key Risks to address 3. Security Design Principles 4. Protection Framework 5. Security Capabilities to be established
  • 3. Big data projects are proliferating at a rapid rate across organizations of all kinds, in all industries. In recent years , 65 percent of data and analytics decision-makers had implemented big data solutions, according to Forrester. That number should reach almost 100 percent in the next few years.
  • 4. “Data lakes often bring together an enterprise’s most valuable data to perform analytics and/or build predictive models. Hackers would like nothing more than to engineer a single breach with access to all of it,” according to Forrester Research analysts Mike Gualtieri, John Kindervag, and Kelley Another key requirement is to meet Regulatory Compliance such as GDPR.
  • 5. Data in the data lake will include a large amount of data from many systems. The data will include some of the most valuable and sensitive information that the organization has - in particular, personal information about customers. • How is the right information located and fed into data lake with Integrity ? • How is this information protected while still being open for sharing ? • How is the Data lake itself protected and maintain the business continuity ? Data Lake is great but has Challenges
  • 6. Risk - Could turn lake water muddy !! • Single Repository of all Customer data • Data resides in cloud • Type of Cloud • Geo location • Security Visibility • Data Sources and validation • Identification of data sources and dataset • Data classification and tagging for applying adequate controls • Regulatory • Country or Geo specific ( GDPR) • Retention
  • 7. Security Design Principles • Zero trust • Least privilege • Data-centric security • Cloud First
  • 8. Data Lake Protection Framework Data Lake Platform Access and Privileges Network security and isolation Data Protection Policies and Governance People , Tool , Process
  • 9. Platform Access and Privileges • Sign-On and Single Sign-On • Data – HDFS File System • Data – External (Federation Server, SAML) • Batch Environment Security • Query Data Security • LDAP Authentication • Administering Security (Roles, groups) • Access Control Lists (ACLs) • Cooperate wide schema system Policies and Governance • Business continuity planning or disaster recovery • Integrate with Document management • Roles and responsibilities (RACI ) defined • Log Files, Audit and Controls • Backups and retentions • Access management approval process • CIS standards for hardening benchmark • Regular Compliance and access validation process Security Capabilities
  • 10. Security Capabilities (continue..) Network Security and Isolation • Operating systems and Hardware Vulnerability Management and hardening • Web and API interfaces and Virtual private Network • Application Data Security • Network isolation or Multi tenancy at cloud service • Integration to Security incident and event management system (SIEM) • Backup to protect from ransomware Data Protection • Data Owner • Data Classification and tagging • Classification of data produced by conversion/aggregation • Database activity Monitoring • Data encryption • Data masking and tokenization • External Databases
  • 11. Data lake is first step in the big data journey for any organization. Thank You

Editor's Notes

  1. Purpose of cloud data lake : Discovery and exploration of data Simple ad hoc analytics and reporting Complex analysis for business insights and decisions making Its effective and reduce total cost of owner ship Scalability and fault tolerance of storage / service
  2. Another threat vector similar to Golden ticket attack in Windows domain ecosystem And whenever it’s a cloud service, its major drawback is lack of full visibility on security controls
  3. C_I_A Trust and Reputation Compliance Regulation Data leakage or theft Ransomware or Virus attack Start as PoC with out security requirements
  4. Meet Regulatory compliance ( PCI , GDPR, etc..) No PI / Confidential data used in Non Production environments Integrate with Security Incident management process Integrate Document management and ITIL operational governance Process Follow Service activation and deactivation process with regular compliance validation
  5. Four Pillar