Mitigating the Security Risks of Big Data

Big data implementations are complex, multi-level stacks, encapsulating some of an organization’s most important and sensitive data. As such, when these deployments go into production, they create a high-risk asset. And herein lies the challenge for IT organizations: securing access to big data while still providing end user access for extracting valuable business insights.

Here are three big data security risks and a simple approach to mitigating them.

Security Risk #1: Unauthorized Access

Unfettered access to big data puts sensitive and valuable data at risk of loss and theft. IT organizations need centralized control over who can access big data, how, and when. Only users with a business need should have access to big data. Least privilege access, or giving users only the privileges they need to perform their jobs, should be standard.

Security Risk #2: Privilege Escalation

Over-privileged accounts increase the risk of insider threats, and big data is no different. Administrators should not have full access to Hadoop clusters and all their data. Instead, as with least privilege access, administrator access should be limited to the specific actions and commands required to do the job. This means enforcing a narrower set of access and privilege rights than the local root account allows.

Security Risk #3: Lack of Visibility

Lack of visibility into what’s happening across the Hadoop cluster creates a number of challenges for IT organizations. Without session recording, it becomes nearly impossible to identify, mitigate, and remediate potential security issues.

And without auditing capabilities, IT organizations have a difficult time proving compliance with regulatory and standards requirements. Given that 83% of big data implementations must meet some level of compliance, it’s imperative that IT organizations implement auditing capabilities.

The Solution: Centralized Identity Management

A centralized identity management solution helps secure big data environments by providing access control, privilege management, and user-level auditing – all without adding a new identity infrastructure to the environment. What’s more, some centralized identity management solutions can leverage existing identity management infrastructures.

The integration of Hadoop clusters, nodes, services, applications, and users into Active Directory allows IT organizations to easily grant users granular privileges based on their role or job function. Furthermore, administrators can be given privileged access to specific functions, data, and nodes without access to the root account.

A comprehensive identity management solution also provides the visibility necessary to detect suspicious activity, troubleshoot system failures, report on historical user activity—and demonstrate compliance. Auditing capabilities and session monitoring attribute all privileged actions to an individual Active Directory account. This makes it easy to determine which users did what across Hadoop clusters, nodes, and services.

Big data implementations often go from pilot to production in short order, as business users are anxious for real-time insights. But it’s imperative that IT organizations take the time to understand the security risks and potential solutions for securing big data. A centralized identity management solution that integrates with Active Directory can help solve these challenges.

Big Data is creating significant opportunities for businesses, and the explosive growth of Hadoop clearly indicates its importance as a Big Data enabling technology. But combining new technologies with high-value data can increase risk potential. Download the Centrify white paper “How Identity Management Solves Five Hadoop Security Risks” to learn how configuring Hadoop environments in secure mode before they enter production, strictly controlling user access to—and administrative privileges within—the Hadoop cluster, and auditing user and administrative activity helps companies to avoid key Hadoop security risks.