Five key principles to secure the enterprise Big Data platform
Hadoop series on best practices for large enterprises – Security
As the Big Data platforms consist of a zoo of ever changing technologies, a good security setup is a major challenge. Experience has shown that it is recommended to consider security aspects of a Hadoop initiative upfront.
Organizations face the risk of financial, legal and reputational damages if they do not take care of security for their data and IT systems.
Enterprise Data Governance rules, European legal restrictions like the GDPR but also national or industry-specific data privacy laws such as BDSG or TKG in Germany clearly define how data needs to be protected in IT systems in order to avoid data security breaches. Additionally, regulations like the German BSI security law and the international ISO/IEC 27000-series define standards for minimizing threats to IT systems.
It is therefore crucial for enterprises to carefully consider data security especially within their Big Data initiatives. Hadoop in particular poses a data security challenge with its complex ecosystem, ever evolving tool chain and the fact that security was not a top priority for the development of Hadoop in the first place. There is currently no universal security standard in the Hadoop landscape.
Deloitte has worked with numerous clients and Hadoop vendors to resolve these security challenges and offers a wide range of services from security assessments of already existing big data platforms to building a security strategy and implementation support for Big Data platforms.
“Security is key for data management especially when working with Big Data.“
Sandra Bauer, Director Deloitte
Five key areas have been identified during projects as crucial for securing Hadoop especially for large enterprises with their strict security, governance and compliance regulations:
- Authentication: Make sure the user is who he claims to be
- Authorization: Manage access to resources and logically separate data for multi tenancy
- Encryption & data masking: Protect against leakage of data
- Auditing: Ensure compliance through an audit trail
- Disaster Recovery and Backup: How to recover from cluster failure