Today’s businesses demand around-the-clock access to data and applications without downtime or data loss. And data growth is exploding. A typical enterprise creates 1.3 terabytes of data every day, and a lot of this is unstructured “big data.” Big data comes with big expectations, and big security needs.
An increasing number of businesses use big data for marketing and research, and they may or may not have the fundamentals of big data protection nailed down. In some cases, security is practically an afterthought. There’s nothing fundamentally different about protecting big data, except perhaps that a big data environment brings increased expectations of quick recovery when there’s a problem. As a result, the IT service desk and IT service management program as a whole have to take big data protection seriously. And, to perhaps overuse an adjective, that’s a big order.
Is your IT service management team ready for big data and its protection?\
IT Service Management and the Building Blocks of Big Data Protection
The protection of big data can be viewed by IT service management professionals as having a few fundamental building blocks. First, it should involve avoidance of data loss. Businesses expect continuous (or as near-continuous as possible) data access, which leads to the second building block. High speed recovery is necessary to maintain the availability of big data and the insights contained in it. Finally, a keen understanding of the overall data profile is essential. Ideally, that means monitoring data and being alerted to issues with it before operations are affected.
Planning is required to avoid unnecessary redundancy while keeping data safe. With virtualized workloads, keeping data safe can happen in the infrastructure. There are data protection applications that perform virtual machine (VM) backups instead of running operations from individual VMs, for example.
Hadoop and Security: Risks the IT Service Desk Must Know About
The Hadoop framework is made to crunch massive amounts of data regardless of structure. When it started, Hadoop had some intrinsic security issues. Access rights were fairly easy to solve. But what has been more challenging is the loss of context that can occur when a lot of data is aggregated. Authentication and authorization are critical, of course. But do all users require access to all bank account data in the database? As more data is aggregated, defining more granular rights and permissions becomes a much more complicated task. Today the Hadoop file system incorporates Unix-like permissions. But with big data security, technology is only part of IT service management’s job in protecting the data.
Methodology Is as Critical as Technology
The IT service desk must understand information ownership in a big data environment. Owners should be identified for the information that is output from big data processes as well as the raw data that is fed into the processes. Data ownership and information ownership may be separate, with IT owning the raw data, for example, and the relevant business units being responsible for the information that is output.
Additionally, since few organizations can build big data environments in-house, the cloud is critical to big data operations for most. Storing data in the cloud doesn’t relieve organizations from responsibility for protecting it: many regulations say so, and continued business success demands it.
Using Big Data to Enhance Security
One interesting thing about big data is that big data itself can be used to enhance security. It can be used for fraud detection, for example, as an alternative to security incident and event management (SIEM) systems. Managing output of SIEM and logging systems can be prohibitive for some IT service management programs, and big data could be the solution.
Moreover, detecting and preventing advanced persistent threats can be accomplished by big data analysis, helping organizations detect threats earlier using sophisticated pattern analysis techniques that cover multiple data sources. Big data also opens up opportunities to consolidate and analyze logs automatically from multiple sources, potentially providing insight that individual logs can’t. This could enhance intrusion detection systems through “learning” of good and bad patterns.
The IT service desk can often be a place of controlled chaos, and the advent of big data does nothing to alleviate this. Big data pushes the boundaries of existing information security responsibility and introduces new challenges. With the right tools, strategy, and yes, software (like Samanage), IT service management and IT service desk functions can be streamlined, so your team can worry less about everyday IT issues and free up resources to focus on emerging needs like big data protection.
About Matt Shanklin
Read more articles by Matt