This document discusses data security challenges in big data environments. It notes that data breaches are common and costly for organizations. Several examples of recent breaches are provided that impacted companies like Target, a Canadian government agency, and healthcare providers. The document advocates for the IBM Guardium suite of data security products to help secure sensitive data across different systems and platforms through discovery, monitoring, masking, encryption and other techniques. It argues these tools are needed to reduce risks, costs, and protect brand reputation for organizations working with big data.

1. © 2014 IBM Corporation
Data Security in a Big Data Environment
David Valovcin
Worldwide Guardium
dvalovcin@us.ibm.com
May 2014

2. 2 © 2014 IBM Corporation
Data Breaches are in the News Every Week
A “Fear Factor” is causing some orgs to hold back on new mobile, cloud, and big data initiatives
Data-breach costs take
toll on Target profit
… its profit in the fourth quarter fell 46
percent on a revenue decline of 5.3
percent as the breach scared off
customers worried about
the security of their private
data.
Account
Takeover:
Bank Faces
Two Suits
Health Breach Tally:
30 Million Victims
More than 30.6 million
individuals have been affected
by major healthcare data breaches
since September 2009
Canadian Breach:
Sorting Out the Cause
Gaps in carrying out
security policies led to
the exposure of
583,000 records
last year at
Employment and
Social Development
Canada,totaling $1.5 million in
allegedly fraudulent
wires

3. 3 © 2014 IBM Corporation
Target – first the CIO, now the CEO fired

4. 4 © 2014 IBM Corporation
Data Breaches Happen Close to Home

5. 5 © 2014 IBM Corporation
Not Only For Financial Gain

6. 6 © 2014 IBM Corporationhttp://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012_en_xg.pdf?CMP=DMC-SMB_Z_ZZ_ZZ_Z_TV_N_Z038
Time span of events by percent of breaches
Guardium Discovery
Guardium DAM
Guardium VA
Guardium DAM Adv. (block/mask)
Guardium Encryption
Minutes To Compromise, Months To Discover & Remediate
Time span of events by percent of breaches

7. 7 © 2014 IBM Corporation
Can
you
prove
that
privileged
users
have
not
inappropriately
accessed
or
jeopardized
the
integrity
of
your
sensi7ve
Big
Data?

8. 8 © 2014 IBM Corporation
Sensitive Data Is at Risk
70%
of organizations surveyed use live
customer data in non-production
environments (testing, Q/A, development)
Database Trends and Applications. Ensuring Protection for Sensitive Test Data
The Ponemon Institute. The Insecurity of Test Data: The Unseen Crisis
52%
of surveyed organizations
outsource development
50%
of organizations surveyed have no way
of knowing if data used in test was
compromised
The Ponemon Institute. The Insecurity of Test Data: The Unseen Crisis
$188
per record
cost of a data breach
The Ponemon Institute. 2013 Cost of Data Beach Study
$5.4M
Average cost of a data breach
$3M
cost of losing customer loyalty (lost
business) following a data breach
The True Cost of Compliance, The Cost of a Data Breach, Ponemon Institute, 2011
The Ponemon Institute. 2013 Cost of Data Beach Study
62%
of organizations surveyed are not
tracking their privileged users
IBM CISO SUrvey
2012 Data Breach Report from Verizon Business RISK Team
90+%
Breaches go after data in servers

9. 9 © 2014 IBM Corporation
$3.5MYearly average cost of
compliance
Company Data
Security approach
Audit events/
year
Average cost/
audit
Data loss
events/year
Average cost/
data loss
Total cost
(adjusted per TB)
w/o data security 6.3
$24K
2.3
$130K
$449K/TB
w/ data security 1.7 1.4 $223K/TB
Annual Cost of not implementing data security $226K/TB
Total annual cost of doing nothing in BIG DATA compliance:
(for average Big Data organization with 180 TB of business data) $40+ M
Source: Aberdeen Group. Why Information Governance Must be Addressed Right Now. 2012
Doing Nothing Is Expensive
Source: The True Cost of Compliance, The Cost of
a Data Breach, Ponemon Institute, 2011
$5.4MAverage cost of a data
breach

10. 10 © 2014 IBM Corporation
A Key Driver: Maintaining Brand Reputation
• 66%of US Adults would not return to
a business if personal data was stolen
• 76%of Survey respondents indicated
that a data breach had a moderate to
significant impact on their business
• $184M - $330Mbrand
value lost each victim of a data breach

11. 11 © 2014 IBM Corporation
Big Data Toolset: what is missing?
§ Authentication
– Interface
– Interprocess
§ Authorization
– Coarse
– Fine grained
– Role based
§ Encryption
– Interprocess
– At-rest
– Real-time
§ Privacy protection
– At rest
– Real-time
§ Auditing
§ Monitoring
§ Governance
– Discovery
– Entitlements

12. 12 © 2014 IBM Corporation
IBM InfoSphere Data Security and Privacy Solutions
InfoSphere Data Privacy for
Hadoop
InfoSphere Data Privacy and
Security for Data
Warehousing
Exadata
InfoSphere
Data Security
and Privacy
Define and Share
Discover and Classify
Mask and Redact
Monitor Data Activity
Purpose-Built
Capabilities
• Secure and Protect
Sensitive big data
• Extend Compliance
Controls
• Promote Information
Sharing
• Employ across diverse
environments
• Achieve and enforce
compliance
• Secure and Protect sensitive
data in data warehouses
• Reduce costs of attaining
enterprise security

13. 13 © 2014 IBM Corporation
Applying IBM’s Data Security Approach to Big Data
SOURCE SYSTEMS,
DATA MARTS, SILOS
BIG DATA
PLATFORM
USER ACCESS
REQUESTS
3) Mitigating Risks with
Data Protection
1) Understanding the Risks
2) Uncovering the Exposure
4) Maintaining a Tolerant
Risk Level
5) Expansion to the
Enterprise
1
2
3
4
5

14. 14 © 2014 IBM Corporation
Where is the
sensitive data?
How to prevent
unauthorized
activities?
How to protect
sensitive data to
reduce risk?
How to secure
the repository?
Discovery
Classification
Identity & Access
Management
Activity
Monitoring
Blocking
Quarantine
Masking/
EncryptionAssessment
Who should
have
access?
What is actually
happening?
Discover
Harden
Mask
Monitor
Block
Security
Policies
Dormant
En9tlements
Dormant
Data
Compliance
Repor9ng
&
Security
Alerts
Data
Protec9on
&
Enforcement
Key Questions . . .

15. 15 © 2014 IBM Corporation
Discovery
Classification
Identity & Access
Management
Activity
Monitoring
Blocking
Quarantine
Masking/
EncryptionAssessment
Discover
Harden
Mask
Monitor
Block
Guardium VA
ü Assessment
reports
ü Subscrip7on
ü Configura7on
Changes
ü En7tlement
Repor7ng
Guardium Standard
ü
Discovery
&
Classifica7on
ü
Queries
&
Reports
ü
Compliance
Workflow
ü
Group
Management
ü
Integra7ons
ü
Incident
Management
ü
Self
Monitoring
Guardium Data
Redaction
ü
Redact
sensi7ve
documents
Optim Data
Privacy
ü
Mask
sensi7ve
data
in
test,
publishing
in
databases
and
Big
Data
environments
Guardium DAM
ü Ac7vity
Monitoring
ü Real-­‐7me
alerts
ü Compliance
Repor7ng
ü
Blocking
ü
Dynamic
Masking
ü
Users
Quaran7ne
ü Federate
large
deployment
ü Central
control
ü Central
audit
collec7on
Guardium Data
Encryption
ü File-­‐level
encryp7on
ü Policy-­‐based
Access
control
IBM Can Help With the Answers
Guardium DAM
ü Ac7vity
Monitoring
ü Real-­‐7me
alerts
ü Compliance
Repor7ng
ü
Blocking
ü
Dynamic
Masking
ü
Users
Quaran7ne
ü Federate
large
deployment
ü Central
control
ü Central
audit
collec7on
InfoSphere Data Privacy and Security for Hadoop

16. 16 © 2014 IBM Corporation
InfoSphere
BigInsights
DATABASES
FTP
ExadataDATABASE
HANA
Optim
Archival
Siebel,
PeopleSoft,
E-Business
Master Data
Management
Data
Stage
CIC
S
One Technology to Control it All
DAM
Encryption
Masking
VA
Redaction
1
6

17. 17 © 2014 IBM Corporation
Scalable Multi-Tier Architecture
Integration with LDAP,
IAM, SIEM, IBM TSM,
BMC Remedy, …

18. 18 © 2014 IBM Corporation
Link to the case study
http://public.dhe.ibm.com/
common/ssi/ecm/en/
imc14573usen/
IMC14573USEN.PDF
A Private Bank in the UAE
automates security
compliance reporting in a big
data environment
Need
• The bank processes several terabytes of data
daily and required a solution which addressed
the new security risks evolving around the
world, especially with respect to protecting big
data environments.
Benefits
• Achieves ROI in 8 months
• A scalable security monitoring solution that
supports diverse database environment and
does not impact application performance
• The time required to produce audit and
compliance reports has gone from two months
to near real-time

19. 19 © 2014 IBM Corporation