While the idea of keeping big data secure is not new, have the companies which provide these services been keeping up with the latest cyber threats? From viruses to ransomware there is a range of serious malware and programs which can hack into and delete, steal, or lay ransom to your data. Some areas in which big data security providers need to develop include ransomware, gaps in the Hadoop security stack, and a corporation’s own data policies which may leave it open to breach. Customer trust is an important and growing necessity in online business transactions. Keeping data secure from threats goes a long way toward reassuring customers that their information is safe with the company they wish to do business.
Even as short a time as four years ago, CEOs were less worried about trust in business – just 37% in fact. By 2016, companies were wising up that protected data meant customer trust. In 2016 58% of CEOs took consumer trust seriously. The latest figure is estimated to be 9 out of 10 CEOs. Here are the top three security and privacy threats which companies are currently attempting to come out in front of.
Hadoop Security Stack Gaps
Hadoop offers the distribution of big data for companies as well as analysis and IoT strategies. Unfortunately, it contains data security issues. The three big companies distributing Hadoop have become known for creating distinct and competing stacks of security software. This creates a host of issues related to security including incompatibility and vendor lock-in. With Hadoop data lakes, raw and unstructured data along with semi-structured data of unknown quality is left unstructured until it is read. Also, according to experts, the use of file system based data which has been unprotected inside the security system. These gaps allow third party security gaps.
Corporate Data Policies
Sometimes a company’s policies can be the security breach a hacker uses to get inside your secure data. For instance, an IT department may be hindered in their ability to purchase or implement the newest technology to protect against cyber crimes due to levels of management who must approve a purchase order. While waiting for an approval, cyber security sometimes sits with its gaps and hopes that a hacker will not find and take advantage of them. When it comes to motivation, money is the primary gain for hackers. Therefore a hacker has nothing to lose by trying, trying, and trying again to penetrate a company’s data protection. Some CEOs operate at a disconnect from their IT departments and do not realize the seriousness of the threat of cyber breaches.
Just as it sounds, ransomware takes control of a company’s information and holds it until the company pays the ransom. To do this virtually, they may erase information from a company’s databanks or use specific programs which mean the company cannot access their databanks without help from the ransom hacker. Sometimes with ransomware hackers get in through one of the Hadoop vulnerabilities, port 50070. Hackers are looking for open HDFS installs which they can exploit to their advantage. There are very high tech, highly skilled hackers who take advantage of the availability of the internet to find vulnerable information around the world and use it to their advantage. Russia has become particularly known for its “good” hackers as well as the “bad” hackers, IE White Hat and Black Hat. In this nation, it is considered useful to have both sets of computing skills.
Clearly, there is a gap between knowledge of the vulnerabilities of big data security and implementation of techniques to guard against the vulnerabilities. While more companies are coming online to the realization that data must be safeguarded as much as other areas of a company’s computer systems, integrated security covering every level of potential exploitation is still a new and necessary step.