Dataguise, the leading provider of enterprise-wide data-centric discovery and security solutions to address data breach threats to big data and traditional repositories today revealed five security pitfalls to avoid when protecting large datasets. With experience that spans the Fortune 500, Dataguise shares its observations on big data security and why common approaches to securing these environments may be putting enterprise IT organizations at risk.
Big data platforms, including Hadoop and NoSQL, are capable of providing significant cost and performance advantages over traditional architectures (data warehouses, data marts, etc.). However, with the size of recent attacks on Anthem, Target and JPMorgan Chase1, the financial impact to organizations not adequately protecting data can be significant.
With a focus on securing Hadoop, NoSQL as well as traditional data stores, Dataguise has a thorough understanding of the technologies and processes in use by enterprises to secure big data. Unfortunately, many organizations still depend on traditional security architectures to counter risk. Below are five common errors when protecting big data using such measures.
Five Big Data Security Pitfalls Exposing Enterprises to Breach
• Running Databases in a “Trusted” Environment;
• Loose Access Control;
• Static Protection Schemes;
• Inadequate Solutions for Detecting/Identifying Sensitive Data;
• Lack of Entitlement/Monitoring/Auditing.
“The very essence of what makes data “big” creates new and evolving challenges for securing sensitive in these environments,” said Jeremy Stieglitz, vice president of products, Dataguise. “IT professionals struggling to protect this information are often limited by legacy strategies that leave gaps and permit access. By understanding the specific location, count, and type of sensitive data in these sources, Dataguise discovery offers the only automated way to detect, protect, and audit sensitive data for breach risk reduction and to address regulatory and compliance mandates.”
Dataguise (dataguise.com) is the leading provider of data privacy protection and compliance intelligence for sensitive data assets stored in both Big Data and traditional repositories. The company’s comprehensive and centrally managed solutions allow companies to maintain a 360 degree view of their sensitive data, evaluate their compliance exposure risks, and enforce the most appropriate remediation policies, whether the data is stored on premises or in the cloud. Dataguise is recognized as a visionary by one of the world’s leading analyst firms for its ability to help its customers to reduce the risk of data breaches and to remain compliant with leading regulations designed to protect personally identifiable information (PII) such as the Health Insurance Portability and Accountability Act (HIPAA), The Health Information Technology for Economic and Clinical Health (HITECH), and the Payment Card Industry (PCI) DSS.