A global telecommunications company ingests 300 million customer records in under 1.5 minutes every day. A mid-size firm handles 3.7 billion transactions annually. A car manufacturer streams real-time sensor data from vehicles. Big data analytics lie at the heart of all these systems, driving transformation, innovation, and identification of new threats, and these projects include massive quantities of sensitive data. But with centralized big data platforms, cyberattackers can now focus on a known, single target—and with IoT connected devices, physical risk is added to the risk of a data breach.
Data privacy regulations, such as the European Union’s General Data Protection Regulation (GDPR), are harmonizing legislation across regions and having global impact. But what really needs to happen is a movement to data-centric security, where data is transformed by encryption that retains value for analytics but not for attackers. Format- and order-preserving encryption can help protect enterprise data. The promise of homomorphic encryption is that nearly all computation can be done directly on encrypted data.
Data privacy as well as security needs to be at the forefront of strategy and architectural considerations, in commissioning any new enterprise application processing sensitive data and in implementing new big data, IoT, mobile, and cloud initiatives. Privacy by design has emerged as an essential best practice in meeting security and privacy compliance mandates, using data-centric security to neutralize sensitive data in use, in motion, and at rest and software development lifecycle security and automated application vulnerability detection during release and operation.
Modern data-centric security is the technology of choice, minimizing exposure of sensitive data and ensuring attackers get nothing of value when they do penetrate systems. It delivers the ability to render data useless if lost or stolen, through data-centric encryption, as an essential benefit to ensure data remains secure. Brendan Rizzo explains how data encryption and tokenization can help you protect your Hadoop environment and outlines options for securing data and speeding Hadoop implementation, drawing on recent deployments in pharma, health insurance, retail, and telecoms to illustrate the impact to operations and other areas of the business.
With these strategies in place, the risk of compromise by insider attack, malware, or accident is vastly reduced, saving the enterprise and its employees from data breaches, potentially costly postbreach remediation, and damage to brand and reputation.
©2017, O’Reilly UK Ltd • (800) 889-8969 or (707) 827-7019 • Monday-Friday 7:30am-5pm PT • All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. • firstname.lastname@example.org