Entries filed under “Security”

When it comes to security, Big Data is a two-edged sword.

On one hand it can be used to analyze mountains of data in order to foil intruders, head off attacks and neutralize a wide variety of other threats. But the network architecture required to support Big Data analytics is itself vulnerable to attack.

Writing in CSO Magazine, John P. Mello, Jr. notes that Hadoop is frequently used in order to manage the computer clusters that are at the heart of Big Data deployments.  This, he says, can create problems for security people, especially if they are relying on traditional security tools.

He quotes a white paper from Zettaset, a Big Data security company, which asserts, “Incumbent data security vendors believe that Hadoop and distributed cluster security can be addressed with traditional perimeter security solutions such as firewalls and intrusion detection/prevention technologies. But no matter how advanced, traditional approaches that rely on perimeter security are unable to adequately secure Hadoop clusters and distributed file systems.”

Traditional security products are designed to protect a single database.  But when these products are called upon to protect a distributed cluster of computers that may number in the thousands, they fall short.

Mello interviewed Zettaset CTO Brian Christian.

When you put them (traditional security products) on a large scale distributed computing environment, they become either a choke point or a single point of failure for the entire cluster,” Christian said. “They could potentially be extremely dangerous running them on a cluster, because if they do fail, there is the potential to deny everybody on the cluster access to petabytes of data or a corruption of data in some of the encryption security technologies.”

Other problems arise when security is “bolted on” to an existing Big Data infrastructure, a costly and often ineffective procedure.

And, the story notes, when it comes to business versus security, business requirement takes precedence over implementing an ideal security solution.  Says Chris Petersen, CTO of LogRhythm, “While security catches up, there is going to vulnerability. My guess is that there is a lot of vulnerability right now in organizations adopting Hadoop.”

Read the Full Story.

Intel is being recognized as one of the first companies to actually use Big Data and analytics to improve security, writes Bob Violino of CSO Magazine.

In fact, Intel’s efforts have earned them top honors in the newly inaugurated CSO40 awards, “which recognize security projects that have delivered outstanding business value,” according to Violino’s story published in NetworkWorld.

Intel’s specific contribution is its Security Business Intelligence (SBI) initiative, a platform that the company has been working on since 2010. Last year all the elements of the initiative began to fall into place as a major part of Intel’s “Protect to Enable” enterprise security strategy. The software has the ability to filter billions of events per day, providing the enterprise with reasonable levels of protection without hampering the flow of information throughout the organization.

The SBI architecture is based on four elements: identity and access management; data protection; infrastructure, which includes secure trust zones within the enterprise private cloud; and SBI itself that features a flexible dashboard and a predictive engine.

The primary goals of the SBI platform are to use big data and advanced analytics to improve Intel’s ability to predict, prevent, detect and respond to cyberthreats; develop the tools and reporting capabilities to distill large amounts of data into meaningful analysis; and use the resulting analysis to cut overall costs by reducing or eliminating other security controls that may be less effective,” writes Violino. “Intel IT is also looking at ways to use trusted sensor and event information from its platforms to improve the quality and reliability of the SBI system.”

The SBI platform is a work in progress – Intel is enhancing its ability to identify and quickly respond to advanced threats, as well as using predictive analytics to incorporate preventative measures and corrective controls in future implementations.

Read the Full Story.