Although Big Data benefits companies a great deal, there are certain risks associated with its use. The more data the company stores, the more they open themselves up to a potential data security breaches. Such an event could have massive financial consequences for a company, so most of them are trying their hardest to avoid it.
For example, the 2016 Cost of Data breach report found that the average data security breach now cost $4M compared to the previous’ year’s $3.8M.
Recently, Cloud Security Alliance released a new report that contains 100 best practices for cloud security, as well as big data security. CSA has some well-known members, including Microsoft, Red Hat, and Amazon Web Services.
One of the major suggestions mentioned that businesses working with Apache Hadoop should be using Kerberos or any other similar authentication service. Among the other valuable pieces of advice is a general rule of thumb that any databases should avoid including personally-identifiable information such as names, addresses, and social security numbers. If it has to be used, it needs to at least be masked in some way.
The report also pointed out that non-relational database users, NoSQL to name one, are at increased risk, because those types of databases do not come with extra security features. A possible solution is using strong encryption methods like Secure Hash Algorithm 2, RSA, or AES, with the encryption keys being stored separately from the database itself and backed up to a secure offline location.