Nikunj Thakkar, Founder & CEO, DataOne
Security threat has emerged to be the talking point of the week following the ransomware attack over the weekend. During the early ages of computer and internet, a lot of applications of a company were internal and limited, which meant the security was not always a major risk. However, with the growing trend in web-based, mobile-based and cloud-based applications, confidential and private data is accessible from various platforms. This makes the system extremely vulnerable to hacking, snooping, and all different ways to compromise the integrity of the data or hold important data to ransom.
Big Data, the current big thing in using computing power to grow businesses, is a trending business phrase. It offers tangible benefits to organizations that are ready to adopt it, but do we really know what we are getting into? Big Data can turn out to be both a threat as well as an opportunity when it comes to security threats. Using Big Data applications can act as a threat if not properly protected, but Big Data can also be used to better detect threats, secure system, and fight these external threats.
Lack of appropriate measures is one of the most important reasons for a majority of security threats. These measures refer to protection provided by upgraded software applications, security patches, threat detection tools, and so on. Any system needs these tools to protect itself from any threat. When it comes to Big Data applications though, this threat increases many folds, as there are many different devices, systems and platforms to access the underlying data. Therefore, security of such a large horde of data along with the systems that access it is challenging and requires the adoption of right tactics, measures and techniques.
1.There are limited levels of protection in majority of distributed systems’ computations.
2.Security solutions are not being able to tackle the demand with several non-relational databases constantly evolving.
3.There is lack of appropriate security processes for the transfer of automated data.
4.System updates, audits, patches are not always carried out.
5.Information coming in should be constantly validated, to ensure its credibility and accuracy, but that is not the case for most systems
6.Attack on systems that contain sensitive and personal information of the customers can put the customers at risk.
7.Certain organizations do not deploy any kind of access controls to differentiate between the confidentiality levels of data within the organization.
8.Monitoring and tracking of systems is difficult with the current scale of Big Data application.
Of course, it is important to understand that just touting these challenges is not the solution. Often times, there aren’t enough resources to keep the system updated at all times. Like in the case of WannaCry ransomware attack, some of the systems used by the hospitals that were attacked with the ransomware were using Windows XP, a system that has not been supported by Windows for a while now. It is easy to blame the organization for not updating their systems and regularly finding patches, but it is also important to understand that a hospital with a focus on saving lives may not always have the right resources lined up to keep the systems updated. It’s not a blame game, and it’s a big challenge for our generation to solve.
Big Data and Cyber Security have arrived to take their place in businesses today. And this poses both a threat and opportunity for companies. From the point of view of cyber security, Big Data has brought in newer opportunities of analysis and protection, making it possible for companies to prevent cyber-attacks in the future.
A lot of companies feel that they can meet the main challenge and safeguard information, however, when the size of data that needs processing and analysis is taken into consideration, the depth of the challenge is understood. For instance, a medium-size network with 10,000 devices (web-based, mobile-based and cloud-based) will be transmitting approximately 25 TB in a time frame of 24 hours. This means that more than 3 Gigabits need to be analyzed in every second to predict cyber-attacks.Businesses need to analyze how modern technologies can be put into play so that personal and confidential data is safeguarded. If this motive is achieved, then the opportunities presented by big data are immense.
•Detection of frauds and replacement of SIEM systems
•Optimization of sales and marketing campaigns through business intelligence as there is an abundance of data and analytics available
According to cloud computing experts, the most suitable technique to enhance Big Data security is by the acknowledging the role played by organizations who provide the platforms and systems to access the data, by providing timely patches and security upgrades. Making security a high priority for systems puts the onus on system as well as application builders to be vigilant about security flaws, and also puts more eyeballs on the security front. With several vendors providing various solutions, you get a more precise defense against the security threats targeting Big Data applications.
Interestingly, players in the antivirus industry are more open and freely exchange relevant information about Big Data security threats and updates. Industry leaders try and develop what can survive the recent malicious malware and ransomware attacks, providing major advantages for the security of Big Data.It’s also not just always upto the IT Department to keep the organization safe and secure. The people accessing the system need to be educated to detect malicious content to better protect the system. For an example, if there is tracking of access to the data by defining roles and assigning permissions to the user, there is better possibility of detecting the system that exposed the organization to the threat. The user of that system can then be educated on the threat and how to avoid future exposure to that threat, either by updating the system or knowing what might be a malicious link and so on.
•Do not focus all your attention on device security. Application security is of more importance.
•Keep devices and servers that contain sensitive information isolated.
•Introduce reactive and proactive protection.
•Offer real-time security management.
As was mentioned before, just touting these recommendations doesn’t make it all better and a secure system. We have to work towards constantly improving our approach to security threats, and Big Data may just be able to help track it.
The security of cloud-based systems is a major threat that companies adopting Big Data may have to look out for in the future. Services like Stream Nation and Dropbox have become targets and are being extensively attacked. These cloud services when attacked transfer commands and data without any kind of intimation to the actual user.
New malware and ransomware are being developed on an on-going basis. The recent WannaCry malware has disrupted the operations of many organizations and caused extensive damage to data. It has targeted Spain, Britain, Ukraine, Russia and other countries in a way that systems are being locked with data held for a ransom.
To begin with, the ransomware attacks Windows PCs and encrypts the data within. Hundreds of dollars are then demanded as ransom to provide the key for the decryption of these files. The attack took less than six hours to spread across several systems in the healthcare industry, before it caught the attention of researchers. Hospitals in England had to even shift their emergency patients due to the attack of WannaCry.
Malware and other malicious attacks are becoming complex with every passing day. In fact, there is an increase in the number of malware being reported every year. Unfortunately, companies that have adopted Big Data applications are more likely to face these issues on a regular basis. However, there is still a solution for every possible problem that has emerged. All you need to do is identify the effective and suitable solution.