BIG DATA SECURITY

Vormetric Data Security Use Cases

Big Data, Big Security Challenges

Big data presents a tremendous opportunity for enterprises across industries. By tapping into new volumes and varieties of data, scientists, executives, product managers, marketers, and a range of others can start making more informed plans and decisions, discover new opportunities for optimization, and deliver breakthrough innovations.

Without the right security and encryption solution in place, however, big data can mean big problems.

The Massive Scope of Big Data Security

To establish comprehensive big data security, executives and administrators have to address the following areas:

  • Data sources. To most fully exploit the advantages of big data, organizations leverage various forms of data, including both structured data in a range of heterogeneous applications and databases and unstructured data that comes in a number of file types. Organizations may leverage data from enterprise resource planning systems, customer relationship management platforms, video files, spreadsheets, social media feeds, and many other sources. Further, more data sources are added all the time. Today, you don’t know where new data sources may come from tomorrow, but you can have some certainty that there will be more to contend with and more diversity to accommodate. These big data sources can include personally identifiable information, payment card data, intellectual property, health records, and much more. Consequently, the data sources being compiled need to be secured in order to address security policies and compliance mandates.
  • Big data frameworks. Within the big data environment itself—whether it’s powered by Hadoop, MongoDB, NoSQL, Teradata, or another system—massive amounts of sensitive data may be managed at any given time. Sensitive assets don’t just reside on big data nodes, but they can come in the form of system logs, configuration files, error logs, and more.
  • Analytics. The ultimate fruit of a big data initiative is the output, the analytics that help the business optimize and innovate. This information can be presented in dashboards and reports, and accessed via on-demand queries. In some businesses, big data analytics represent the most sensitive asset of all, intelligence that provides a critical competitive differentiator—and a huge competitive exposure if it falls into the wrong hands.

It is important to recognize that the attributes that make big data valuable to the business also make it valuable to others—whether they’re hardened cyber criminals or a disgruntled system administrator looking to make a quick, illicit buck. Establishing effective security across the categories above—and the massive number of specific outputs, systems, and services that fall into each category—is both critical and challenging.

Further, given the massive, widely fluctuating processing demands associated with big data environments, many organizations are leveraging cloud-based services and platforms to support their big data initiatives. For those organizations running big data environments in the cloud, the task of managing big data security grows even more difficult. In the cloud, security teams have to contend with the threats of vendor’s infrastructure administrators, potential exposure to other tenants, and a number of other additional risks.

Limitations of Traditional Encryption Approaches

The challenge of big data encryption is that, while there are plenty of encryption offerings around, most tackle one specific aspect. For example, you could use transparent data encryption capabilities from your database vendor, but what happens when that data gets exported from the database and into big data environments? Plus, what about all the other data sources and systems in play? You also have to ask where does the vendor store the keys? Is it with the data?

While some vendors offer big data encryption capabilities, these offerings only secure specific big data nodes, not the original data sources that are fed into the big data environment or the analytics that come out of the environment. Further, these big data encryption offerings don’t even secure all the log files and configuration information associated with the big data environment itself.

Ultimately, with these disparate approaches to big data security, IT teams have to contend with fragmented key and policy management, which adds administrative effort, while making it difficult to apply standards consistently. Further, these point approaches also tend to introduce a significant performance hit, which can present significant issues in processing-intensive big data environments.

Securing Big Data Environments with Vormetric

Vormetric solutions for big data security enable organizations to maximize the benefits of big data analytics—while maximizing the security of their sensitive data and addressing the requirements of their compliance office. The Vormetric Data Security Platform offers the granular controls, robust encryption, and comprehensive coverage that organizations need to secure sensitive data across their big data environments—including big data sources, big data infrastructure, and big data analytic results. By delivering a single security solution that offers coverage of these areas, Vormetric enables security teams to leverage centralized controls that optimize efficiency and compliance adherence.

The Vormetric Data Security Platform offers capabilities for big data encryption, key management, and access control—featuring several product offerings that share a common, extensible infrastructure. Further, the solution generates security intelligence on data access by users, processes, and applications.

Protecting Big Data Sources

As outlined earlier, organizations can leverage data from a broad array of sources, both structured and unstructured, for their big data initiatives. Data from databases, data warehouses, system logs, spreadsheets, and many other diverse systems may be fed into a big data environment.

To establish data security for these diverse data sources, organizations can use the following Vormetric solutions:

  • Vormetric Transparent Encryption. This product encrypts and controls access at the file-system level. This encryption solution is easy to deploy because it doesn’t require any changes to applications.
  • Vormetric Application Encryption. With this encryption product, you can encrypt specific columns in an application before it writes the field to a database. By encrypting a specific column, you can ensure a specific sensitive field will remain unreadable, even after it is imported into, and processed within, the big data environment.

Securing Big Data Frameworks

In big data environments, data is routinely replicated and migrated among a large number of nodes. In addition, sensitive information can be stored in system logs, configuration files, disk caches, error logs, and so on. Vormetric Transparent Encryption efficiently protects data across all these areas, delivering encryption, privileged user access control, and security intelligence. In addition, with Vormetric Protection for Teradata Database, your organization can gain the comprehensive, granular controls required to secure the most sensitive assets across your Teradata environments, while enabling you to maximize the business benefits of your big data investments.

Safeguarding Big Data Analytics

Big data output comes in many forms, including on-demand dashboards, automated reports, and ad hoc queries. Very often, these outputs contain intellectual property that is very valuable to an organization—and a potential target of attack. To provide big data analytics security for these confidential assets, security teams can use the following solutions:

  • Vormetric Transparent Encryption. This encryption product can easily be deployed on servers, where it can encrypt big data outputs and control and monitor who accesses them.
  • Vormetric Application Encryption. You can use this encryption product to secure specific fields that may be created in analytics applications.

To learn more about companies Vormetric has partnered with in the big data market, visit our technology partner page.

Example Big Data Partners and Certifications:

Big Data Partners and Certifications

WHITE PAPERS

Data Encryption and Access Control for Hadoop Architecture White Paper

This technical white paper explores Hadoop deployments, security options, and delves deeply into how to apply encryption and access control...

Download >>

SOLUTION BRIEF

Secure Big Data Environment with MongoDB

Secure Big Data Environment with MongoDB

Vormetric and MongoDB Deliver Breakthrough Encryption Performance on latest Intel® Xeon® processors 

Download >>

PARTNER QUOTE

 Vormetric plays an important role in enhancing the enterprise-class security features already available from our platform with extended safeguards for enterprise customers who need compliance and data breach protection. We’re excited to partner with Vormetric to bring extended data-at-rest encryption, key management and access controls to our platform. 

Matt Rollender,
Vice President,
Ecosystems and Infrastructure Development,
DataStax

SOLUTION BRIEFS

Vormetric Protection for Teradata Database

Vormetric Protection for Teradata Database

Download >>
Encryption Architecture

MongoDB Encryption Performance

Download >>
Encryption Architecture

Security Controls for DataStax Enterprise

Download >>
Securing Big Data Environments Solution Brochure

Securing Hortonworks Big Data Environments

Download >>
Securing Big Data Environments Solution Brochure

Big Data is no longer a Big Security Challenge

Download >>
Cisco UCS and Vormetric

Cisco UCS and Vormetric

Download >>

WHITE PAPERS

Encryption Architecture

Data Encryption and Access Control for Hadoop Architecture

Download >>
Encryption Architecture

DataStax and Vormetric Big Data PCI Compliance

Download >>
Big Data Without Big Headaches

Big Data Without Big Headaches

Download >>
Enhanced Protection For Teradata Environments

Enhanced Protection For Teradata Environments

Download >>

ANALYST REPORT

Securosis: Securing Hadoop

Securosis: Securing Hadoop

Download >>

The Vormetric Digital Digest on Data Security

Customer and Partner Success

  • Rackspace Cloud Partners
  • McKesson
  • AWS
  • Google Compute Engine
  • Microsoft
  • IBM
  • CenturyLink
  • QTS
  • Teleperformance Secures
  • Delta Dental