Securosis Research Paper Examines Big Data Security Challenges and Best Practices
Vormetric, Inc., the leader in enterprise encryption and key management, today announced that it has released a whitepaper licensed from information security research and advisory firm Securosis entitled, “Securing Big Data: Securosis Recommendations for Hadoop and NoSQL Environments.” This independent report explores the security problems that big data users face and offers pragmatic advice on how to secure their environments.
According to Securosis, “During this research project two factors became abundantly clear. First, big data projects are common -- almost the norm -- within the enterprises we spoke with. They have embraced the technology, and they've pushed vast amounts of data into these clusters. Second, most have implemented virtually zero security measures beyond user passwords.” The research paper summarizes the state of security for ‘big data' environments, and reviews both built in protections, as well as weaknesses within these systems.
“Based on Securosis' findings, security in typical big data implementations is largely an afterthought,” said Derek Tumulak, vice president of product management for Vormetric. “The good news is that several critical security concerns can be addressed by a handful of security measures, including the use of file layer encryption to protect data at rest and ensure sensitive information cannot be accessed.”
The research paper covers the following topics:
1. Architecture: What's different about big data systems, both in how they process information and how they are deployed? How do these differences impact data and database security?
2. Operations: What operational security issues exist within big data platforms? What are the challenges associated with securing big data and the deficiencies of the systems used to manage it -- particularly their lack of native security features.
3. Recommendations: What strategies work best for securing big data repositories, including tactical recommendations for securing certain facets of these environments, and the gaps where no good solutions exist.
To download a copy of the research paper, please visit: http://www.vormetric.com/securosis-big-data
Vormetric (@Vormetric) is the leader in enterprise encryption for physical, virtual and cloud environments. The Vormetric Data Security product line provides a single, manageable and scalable solution to manage any key and encrypt any file, any database, any application, anywhere it resides— without sacrificing application performance and avoiding key management complexity. Some of the largest and most security conscious organizations and government agencies in the world, including 16 of the Fortune 25, have standardized on Vormetric to provide strong, easily manageable data security. Vormetric technology has previously been selected by IBM as the database encryption solution for DB2 and Informix on LinuxTM, Unix® and Windows; and by Symantec to provide the Symantec Veritas NetBackupTM Media Server Encryption Option. For more information, visit www.vormetric.com.
Vormetric is a trademark of Vormetric, Inc. All other names mentioned are trademarks, registered trademarks or service marks of their respective owners.