Information security research and training provider SANS Institute released its first study regarding the use of and security challenges large enterprise businesses and government face as more and more of them make use of “Big Data” information-gathering and analytics systems.
Sponsored by enterprise data management provider Cloudera, SANS found that more than half (55 percent) of organizations surveyed were operating Big Data systems – either in pilot, proof-of-concept, or full-production modes. Nearly 2 in 10 (28 percent) said they intend to roll out Big Data applications within the next two years.
Big Data Survey Results
Government, finance and IT organizations were the top three industries to collect and make use of big data for business intelligence. Telecommunications (9.9 percent) and health care organizations (8.1 percent) round out the top five. Collectively, they account for more than 6 in 10 (64 percent) of Big Data systems implementations among the organizations surveyed.
The Cloudera-SANS’ research report “Enabling Big Data by Removing Security and Compliance Barriers” also reveals the main data types that surveyed organizations are managing via Big Data systems:
- Personally identifiable information (PII): 73 percent;
- Employee records: 64 percent;
- Intellectual property: 59 percent;
- Payment card information: 53 percent;
- National security intelligence information: 40 percent.
Pressure to assure compliance with government rules and regulations is on the rise, SANS’ researchers found. More than 8 in 10 (83 percent) said their Big Data systems must comply with one or more regulatory standards.
“Today, the world of data security is still relatively new — threat intelligence, traditional security approaches and a focus on managing mobile and cloud resources have generally advanced the state of data security. But until now, a comprehensive look at security as it relates to big data, Hadoop and the many related applications in use hasn’t existed,” report author and SANS Institute analyst Barbara Filkins was quoted as saying.
Regarding applications of Big Data systems, the report reveals:
- 54% integrate with existing identity and access management systems to manage sensitive data access and 45% authorize user access based on roles (RBAC);
- 78% of those able to rank security control effectiveness said host-based security technologies were the most effective;
- 72% of those able to rank security control effectiveness said network-based security technologies were the most effective;
- 40% of those able to rank security control effectiveness said encryption technologies were very effective;
- 25% (highest percentage) of respondents said that the CIO and CTO are responsible for big data governance;
- 18% (second highest percentage) said that the CSO and CISO are responsible for big data governance;
- Less than 5% said system administrators, security administrators and app developers and managers held responsibility.
