Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

Top Ten Big Data Security and Privacy Challenges

 “Big Data” comprises of the huge amounts of data collected about every person on earth and their surroundings. If the total data generated in 2012 is 2500 exabytes, then the total data generated in 2020 will be about 40,000 exabytes!

Such data are used in various ways for improving customer care services. However, the huge amounts of data generated are presenting many new problems for data scientists, particularly with regards to privacy. As a result, the Cloud Security Alliance (CSA), a non-profit organization which promotes safe cloud computing practices, investigated the major security and privacy challenges that Big Data faces.

How Do These Problems Arise?

It is not just the vast amounts of data that causes privacy and security issues. The continuous streaming of data, large cloud-based data storage methods, large-scale migration of data from one cloud storage to another, and the different kinds of data formats and different types of sources all have their own loopholes and problems.

Big Data collection is not a new thing, as it has been collected for many decades. However, the major difference is that previously only large organizations could collect data because of the huge expenses included, but now almost all organizations can collect data easily and use it for different purposes.

Cheap new cloud-based data collection techniques, along with powerful data processing software frameworks like Hadoop, are enabling organizations to easily mine and process Big Data. As a result, many security-compromising challenges have arrived with the large scale integration of Big Data and cloud-based data storage.

Present day security applications are designed to secure small to medium amounts of data, thus they cannot protect huge amounts of data. Also, they are designed according to static data, so they also can’t handle dynamic data. A standard anomaly detection search would not be able to cover all the data effectively and continuously streaming data needs security all the time while streaming.

To better understand the Big Data security and privacy challenges, the CSA Big Data research working group identified the top ten challenges as the following:

Securing Transaction Logs and Data

Often, the transaction logs and other such sensitive data stored in storage medium have multiple tiers, but this is not enough. The companies also have to safeguard these storages against unauthorized access and ensure they are available at all times.

Securing Calculations and Other Processes Done in Distributed Frameworks

This actually refers to the security of the computational and processing elements of a distributed framework like the MapReduce function of Hadoop. Two main issues are the security of “mappers” breaking the data down and data sanitization capabilities.

Validation and Filtering of Endpoint Inputs

End-points are a major part of any Big Data collection. They provide input data for storage, processing and other important works. So, it is necessary to ensure that only authentic end-points are in use. Every network should be free from malicious end-points.

Providing Security and Monitoring Data in Real Time

It is best that all the security checks and monitoring should occur in real time, or at least in nearly real time. Unfortunately, most of the traditional platforms are unable to do this due to the large amounts of data generated.

Securing Communications and Encryption of Access Control Methods

An easy method for securing data is to secure the storage platform of that data. However, the application which secures the data storage platform is often pretty vulnerable itself. So, the access methods need to be strongly encrypted.

Provenance of Data

The origin of the data is very important is it allows for data classification. The origin can be accurately determined through authentication, validation and by graining the access controls.

Granular Access Control

A powerful authentication method and Mandatory Access Control is the main requirement for the grained access of Big Data stores by NoSQL databases or the Hadoop Distributed File System.

Granular Auditing

Regular auditing is also very necessary along with continuous monitoring of the data. Correct analysis of the various kinds of logs created can be very beneficial and this information can be used to detect all kinds of attacks and spying.

Scalability and Privacy of Data Analytics and Mining

Big Data analytics can be very problematic in that a small data leak or platform loophole can result in a big loss of data.

Securing Different Kinds of Non-relational Data Sources

NoSQL and other such types of data stores have many loopholes which create many security issues. These loopholes include the lack of ability to encrypt data when it is being streamed or stored, during the tagging or logging of data or during classification into different groups.

As with every advanced concept, Big Data has some loopholes in the form of privacy and security issues. Big Data can only be secured by securing all of its components.

As Big Data is huge in size, many powerful solutions must be introduced in order to secure every part of the infrastructure involved. Data storages must be secured for ensuring that there aren’t any leaks. Finally, real-time protection must be enabled during the initial collection of data. All this will ensure that the consumer’s privacy is maintained.

This article is brought to you by the team of Frugaa.com

What’s Hot on Infosecurity Magazine?