Dataguise, the leading provider of enterprise-wide data-centric discovery and security solutions to address data breach threats to big data and traditional repositories today revealed five security pitfalls to avoid when protecting large datasets. With experience that spans the Fortune 500, Dataguise shares its observations on big data security and why common approaches to securing these environments may be putting enterprise IT organizations at risk.
Big data platforms, including Hadoop and NoSQL, are capable of providing significant cost and performance advantages over traditional architectures (data warehouses, data marts, etc.). However, with the size of recent attacks on Anthem, Target and JPMorgan Chase , the financial impact to organizations not adequately protecting data can be significant.
With a focus on securing Hadoop, NoSQL as well as traditional data stores, Dataguise has a thorough understanding of the technologies and processes in use by enterprises to secure big data. Unfortunately, many organizations still depend on traditional security architectures to counter risk. Below are five common errors when protecting big data using such measures. A detailed review with further analysis is available in a no cost ebook available for download at: http://bit.ly/1AbTDsY.
Five Big Data Security Pitfalls Exposing Enterprises to Breach
1. Running Databases in a “Trusted” Environment
2. Loose Access Control
3. Static Protection Schemes
4. Inadequate Solutions for Detecting/Identifying Sensitive Data
5. Lack of Entitlement/Monitoring/Auditing
“The very essence of what makes data “big” creates new and evolving challenges for securing sensitive in these environments,” said Jeremy Stieglitz, vice president of products, Dataguise. “IT professionals struggling to protect this information are often limited by legacy strategies that leave gaps and permit access. By understanding the specific location, count, and type of sensitive data in these sources, Dataguise discovery offers the only automated way to detect, protect, and audit sensitive data for breach risk reduction and to address regulatory and compliance mandates.”