Getting to grips with Big Data security
Davey Winder asked the big security questions about Big Data and has found experts with the answers...
"In 2005 there were an estimated 1.3 billion RFID tags used in numerous businesses to monitor assets, as of last year this has risen to over 30 billion all of which are generating data points," Jopling says.
With such a huge increase in instrumented devices, this results in great potential attack vectors with the emergence of greater and more sensitive data from devices such as smartphones.
"As a further example, in 2012 there was a 19 per cent increase in attack tools for mobile devices with over 4400 new security vulnerabilities across all spectrums according to the IBM 2012 X Force Trend & Risk Report," he adds.
Where Big Data really becomes a problem for the enterprise is when it is unstructured. Take, for example, anything on the desktop or shared areas such as SharePoint where the data is best described as being freeform in nature. The enterprise just doesn't have any way of knowing the value of this data, compared to structured systems such as SAP or a payroll system where decisions can be taken sensibly, and securely, as there is access to the data that is involved.
"The problem is that people focus on the big easily understandable systems, forget that a lot of the valuable stuff is unstructured and go ahead using a one size fits all policy," warns Martin Sugden, CEO of data security software firm Boldon James.
So what are the specific security challenges that Big Data brings to the enterprise? Lior Arbel, CTO at Performanta, thinks of these in terms of the 'Three V's' namely: Volume, Variety and Velocity.
"The volume of data an organisation needs to manage poses the risk that data will end up where it shouldn't, and the greater the amount of data the less visibility the user has of where it goes," Arbel says.
"The variety of data that an organisation deals with demands complex systems of organisation with a flexible system of control to comply with regulations, and to securely protect intellectual properties and finally the velocity (or demand for data) knows no bounds as patience no longer exists in the digital world with data needing to be available at any moment."