As reported by the Ponemon Institute, the cost of a data breach in the U.S. is on average $5.4M and over $190 per record. Many organizations trying to manage their volumes of rapidly growing and changing data have faced enormous penalties and loss of business due to data breaches. Datameer has worked with a number of companies to securely implement big data analytics, including companies that specialize in software security or services. The following are 3 things to look for in a big data analytics solution, based on what we’ve gathered from these experiences.
1. Approach: Built for Hadoop
We have found the approach to big data security is critical. Many masking and encryption solutions are effectively “bolt-on” security to a Hadoop environment. These solutions were designed for databases or data warehouses and modified to support Hadoop. Unfortunately, this bolt-on approach will often fail to scale and lead to performance issues.
2. Built-in capabilities to secure your Hadoop environments
In order to accelerate time to value, it’s important to have these capabilities built-in:
- Secure access (e.g. SSL)
- Role based access control
- Support for Kerberos
- Integration with existing LDAP or Active Directory
- Logging – auditing
- Disk encryption with key management
3. Successful deployment experience with many customers, including large enterprises
At Datameer, we have worked with a number of companies to build secure big data analytics solutions. Avoiding the cost of breach is critical not only because of the high cost. The loss of trust and damaged reputation as a result of data breach could put a company out of business. So you’ll want to see that a number of customers have used the solution successfully in production without incident. At Datameer, our solution is composed of:
- Authentication – Datameer provides Active Directory/LDAP integration and mutual authentication by leveraging Kerberos.
- Authorization – Datameer provides role-based access, reserving certain actions for administrators only.
- Encryption – Datameer supports the use of HTTPS. In addition all end user credentials, data store passwords and keys (SSH, EC2, etc.) maintained by Datameer are masked in the UI and encrypted in the Datameer metadata store.
For more information, see our webinar on the topic here.