Big data and network security? Safe to say, the two disciplines produce very different schools of thought among IT professionals. Yet at the same time, the two distinct arenas are increasingly used in tandem to bolster organizations’ security infrastructure and overarching security posture.
Network security professionals would just as well lump big data under the all-inclusive umbrella of network data in need of protection. Meanwhile, just as pervasive, an opposite response often gives undue deference to the value of big data with over-engineered solutions.
But, according to Ryan Potter, Fortinet director of security strategy, the two areas are often more connected than you might think – and are increasingly becoming more so to strengthen organizations’ security standing.
But first, let’s narrow down the definition big data. Big data covers a lot of territory--broadly defined as a series of data sets so vast that they elude common software tools attempting to capture, analyze and process it within a reasonable timeframe. And while the size and amount of data that falls into the category of “big data” is relatively subjective, it often ranges from terabytes to hundreds of petabytes. To nail it down a bit more precisely, the entire volume of global business data, across all organizations, is estimated to be doubling every 1.2 years.
Meanwhile, it’s worth noting that big data in and of itself isn’t anything new. IT professionals have been dealing with large and unwieldy volumes of mass data for a long time. However, it’s been only recently that users have had access to a slew of new technologies and tools such as in-memory databases, scale-out software architectures and open source applications such as Hadoop, HBase, MapReduce and Cassandra, among others, which have lowered the barrier to entry and made big data more available to organizations spanning all market segments.
In that regard, big data challenges have emerged as “new” to many organization. And subsequently, organizations are still determining how and where big data fits into the overarching fabric of information security.
Essentially, Potter says, big data and network security intersect in two distinct areas: securing big data and using big data as a tool to enhance and propel network and application security.
From a network security perspective, incorporating big data into related solutions means using it to analyze Web logs, social networking data, Internet text, documents, search indexing and call detail records, among other things. But the scope can be deepened to include complex and interdisciplinary scientific research, surveillance, medical records, media archives and large-scale e-commerce, to name a few more.
Meanwhile, securing big data requires certain mechanisms around its entire lifecycle. The process starts with secure collection, followed by protecting access to transactional data. Security then incorporates assessing big data threats and protecting against attacks to data -- both at rest and during analysis.
However, defining big data as well as how and where it converges with security is just the first step. Practical application then dictates that users define a big data security plan -- which not surprisingly, is similar to creating any other data security strategy. To that end, users need to determine data confidentiality levels, identify and classify the most sensitive data, establish where critical data should be stored, and create access models for data and analysis.
At its core, big data compounds and complicates routine security challenges. But by the same token, big data also introduces the opportunity to resolve network and data security challenges that have previously remained out of reach due to lack of power and necessary correlating intelligence.
Putting that in context, retailer Wal-Mart handles one million plus customer transactions every hour, which are channeled into a database with more than 2.5 petabyte capacity – approximately equivalent to 167 times the information contained in all the books in the US Library of Congress. Other examples? Facebook handles 40 billion photos from its user base. And decoding the human genome, which previously took 10 years, can now be achieved in less than a week -- thanks to big data.
At the end of the day, big data still faces many of the same security challenges experienced by other disruptive, emerging technologies. But looking ahead, performance-based technologies such as throughput, connections, detection and management capabilities will ultimately ease the way for security’s permanent integration into the big data phenomenon.
[This was the first of two parts. Next up, we'll discuss practical solutions that combine both big data and network security technologies. Stay tuned.]