|By Gilad Parann-Nissany||
|April 7, 2014 10:00 AM EDT||
The combination of cloud computing and big data is a match made in heaven. Big data requires a flexible compute environment, which can scale quickly and automatically to support massive amounts of data. Infrastructure clouds provide exactly that. But whenever cloud computing is discussed, the question comes up:
What about cloud security for big data?
When it comes to cloud security in a big data use case, the expectation is that any security solution will provide the same flexibility as the cloud without compromising the overall security of the implementation. When taking your big data to the cloud, the following four tips will enable you to achieve cloud flexibility paired with strict cloud security.
1. Encrypt sensitive data (seriously)
Data encryption creates the “virtual walls” for your cloud infrastructure. Deploying cloud encryption is considered a fundamental first step, but there is no solution with a “one size fits all” approach. Some encryption solutions require on premise gateway encryption, which does not work well in cloud big-data scenarios. Other approaches (for example, data encryption powered by the cloud provider itself) force the end user to trust someone else with the encryption keys, which is both risky and a compliance deal-breaker.
Recent encryption technologies, like split-key encryption, are tailored specifically to the cloud and leverage the best of both worlds by providing an infrastructure cloud solution while keeping the encryption keys safe and in the hands of the customer.
To achieve the best possible encryption for your big data scenario, use split-key encryption.
2. Look for cloud security solutions that can architecturally scale
In big data, each component of the architecture should scale, and the cloud security solution is no different. When selecting a cloud security solution, make sure it is available across all relevant cloud geo-locations. Furthermore, it must scale effectively with your big data infrastructure.
On the surface level, this means, of course, that hardware cannot be involved. Hardware Security Modules (HSMs) do not fit the big data use case because of the inability to scale and flex to fit the cloud model.
To achieve the necessary scalability, use a cloud security solution that is designed for the cloud, but achieves security that is comparable to (or better than) hardware-based solutions.
3. Automate as much as possible
Big data cloud computers are frustrated from the fact that their cloud security architecture does not easily scale (see tip #2). Traditional encryption solutions require an HSM (hardware) element. Needless to say, hardware implementation cannot be automated.
To be able to automate as much of your cloud security as possible, strive for a virtual appliance approach, not a hardware approach. Also, make sure that a usable API (ideally a RESTful API) is available as part of the cloud security offering.
A virtual appliance plus RESTful API will enable the required flexibility and automation needed in a cloud big data use case.
4. Do not compromise on data security
Because cloud security is often complicated, we see “security shortcuts” in big data implementations. Security shortcuts are usually taken to avoid complexity and maintain the big data architecture “unharmed.”
Some customers use freeware encryption tools and keep the encryption key on disk (which is highly insecure and may expose the encrypted data to anyone with access to the virtual disk), while others simply do not encrypt. These shortcuts are certainly not complicated, but, obviously, they are also not secure.
When it comes to big data security, map your data according to its sensitivity and protect it accordingly. In some cases, the consequences are dramatic. Not all big data infrastructure is secure, and one might need to find an alternative, if the data at stake is regulated or sensitive.
Cloud security for big data is available
Big data can continue to enjoy the scalability, flexibility, and automation offered by cloud computing while maintaining the strictest security standards for the data. Encryption is considered a fundamental first step in protecting cloud (big) data, and new technologies such as split-key encryption and homomorphic key management should be leveraged to protect sensitive data and comply with regulations like HIPAA, PCI, and many others.
A producer of the first smartphones and tablets, presenter Lee M. Williams will talk about how he is now applying his experience in mobile technology to the design and development of the next generation of Environmental and Sustainability Services at ETwater. In his session at @ThingsExpo, Lee Williams, COO of ETwater, will talk about how he is now applying his experience in mobile technology to the design and development of the next generation of Environmental and Sustainability Services at ET...
Aug. 29, 2015 03:45 PM EDT
WSM International, the pioneer and leader in server migration services, has announced an agreement with WHOA.com, a leader in providing secure public, private and hybrid cloud computing services. Under terms of the agreement, WSM will provide migration services to WHOA.com customers to relocate some or all of their applications, digital assets, and other computing workloads to WHOA.com enterprise-class, secure cloud infrastructure. The migration services include detailed evaluation and planning...
Aug. 29, 2015 12:00 PM EDT Reads: 126
Consumer IoT applications provide data about the user that just doesn’t exist in traditional PC or mobile web applications. This rich data, or “context,” enables the highly personalized consumer experiences that characterize many consumer IoT apps. This same data is also providing brands with unprecedented insight into how their connected products are being used, while, at the same time, powering highly targeted engagement and marketing opportunities. In his session at @ThingsExpo, Nathan Trel...
Aug. 29, 2015 11:00 AM EDT Reads: 192
SYS-CON Events announced today that Pythian, a global IT services company specializing in helping companies leverage disruptive technologies to optimize revenue-generating systems, has been named “Bronze Sponsor” of SYS-CON's 17th Cloud Expo, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Founded in 1997, Pythian is a global IT services company that helps companies compete by adopting disruptive technologies such as cloud, Big Data, advance...
Aug. 29, 2015 11:00 AM EDT Reads: 232
While many app developers are comfortable building apps for the smartphone, there is a whole new world out there. In his session at @ThingsExpo, Narayan Sainaney, Co-founder and CTO of Mojio, will discuss how the business case for connected car apps is growing and, with open platform companies having already done the heavy lifting, there really is no barrier to entry.
Aug. 29, 2015 10:30 AM EDT Reads: 101
SYS-CON Events announced today that HPM Networks will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. For 20 years, HPM Networks has been integrating technology solutions that solve complex business challenges. HPM Networks has designed solutions for both SMB and enterprise customers throughout the San Francisco Bay Area.
Aug. 29, 2015 09:30 AM EDT Reads: 843
SYS-CON Events announced today that Micron Technology, Inc., a global leader in advanced semiconductor systems, will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Micron’s broad portfolio of high-performance memory technologies – including DRAM, NAND and NOR Flash – is the basis for solid state drives, modules, multichip packages and other system solutions. Backed by more than 35 years of tech...
Aug. 29, 2015 08:45 AM EDT Reads: 179
U.S. companies are desperately trying to recruit and hire skilled software engineers and developers, but there is simply not enough quality talent to go around. Tiempo Development is a nearshore software development company. Our headquarters are in AZ, but we are a pioneer and leader in outsourcing to Mexico, based on our three software development centers there. We have a proven process and we are experts at providing our customers with powerful solutions. We transform ideas into reality.
Aug. 29, 2015 05:45 AM EDT Reads: 508
As more and more data is generated from a variety of connected devices, the need to get insights from this data and predict future behavior and trends is increasingly essential for businesses. Real-time stream processing is needed in a variety of different industries such as Manufacturing, Oil and Gas, Automobile, Finance, Online Retail, Smart Grids, and Healthcare. Azure Stream Analytics is a fully managed distributed stream computation service that provides low latency, scalable processing of ...
Aug. 28, 2015 07:45 PM EDT Reads: 193
Too often with compelling new technologies market participants become overly enamored with that attractiveness of the technology and neglect underlying business drivers. This tendency, what some call the “newest shiny object syndrome,” is understandable given that virtually all of us are heavily engaged in technology. But it is also mistaken. Without concrete business cases driving its deployment, IoT, like many other technologies before it, will fade into obscurity.
Aug. 28, 2015 06:00 PM EDT Reads: 320
SYS-CON Events announced today that DataClear Inc. will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. The DataClear ‘BlackBox’ is the only solution that moves your PC, browsing and data out of the United States and away from prying (and spying) eyes. Its solution automatically builds you a clean, on-demand, virus free, new virtual cloud based PC outside of the United States, and wipes it clean...
Aug. 28, 2015 09:45 AM EDT Reads: 346
SYS-CON Events announced today that IceWarp will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. IceWarp, the leader of cloud and on-premise messaging, delivers secured email, chat, documents, conferencing and collaboration to today's mobile workforce, all in one unified interface
Aug. 28, 2015 03:00 AM EDT Reads: 360
The Internet of Things (IoT) is about the digitization of physical assets including sensors, devices, machines, gateways, and the network. It creates possibilities for significant value creation and new revenue generating business models via data democratization and ubiquitous analytics across IoT networks. The explosion of data in all forms in IoT requires a more robust and broader lens in order to enable smarter timely actions and better outcomes. Business operations become the key driver of I...
Aug. 28, 2015 12:30 AM EDT Reads: 360
SmartBear Software has updated its API tools, ServiceV for API service virtualization and LoadUI NG for API load testing, to accelerate development and testing processes in Agile teams. Updates to ServiceV enable software teams to rapidly build advanced mocks from real-time API traffic and quickly switch between virtualized “mock” services and actual APIs during diagnostic, load or integration testing in the continuous delivery lifecycle.
Aug. 21, 2015 11:00 AM EDT Reads: 314
Learn how you can use the CoSN SEND II Decision Tree for Education Technology to make sure that your K–12 technology initiatives create a more engaging learning experience that empowers students, teachers, and administrators alike.
Aug. 14, 2015 04:15 PM EDT Reads: 540
The amount of data processed in the world doubles every three years and a global commitment to open source technology is the way to handle this growth. An open technology approach fosters innovation through massive community involvement and impedes expensive vendor lock-in. This benefits buyers as markets remain more competitive. In doing so, open standards and technologies also allow for market hypergrowth, and this is the key to handling the growth of data. A doubling every three years ...
Aug. 14, 2015 11:00 AM EDT
SYS-CON Events announced today that VividCortex, the monitoring solution for the modern data system, will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. The database is the heart of most applications, but it’s also the part that’s hardest to scale, monitor, and optimize even as it’s growing 50% year over year. VividCortex is the first unified suite of database monitoring tools specifically desi...
Aug. 12, 2015 02:30 PM EDT Reads: 418
As organizations shift towards IT-as-a-service models, the need for managing and protecting data residing across physical, virtual, and now cloud environments grows with it. CommVault can ensure protection and E-Discovery of your data – whether in a private cloud, a Service Provider delivered public cloud, or a hybrid cloud environment – across the heterogeneous enterprise. In his session at 17th Cloud Expo, Randy De Meno, Chief Technologist - Windows Products and Microsoft Partnerships at Com...
Aug. 12, 2015 12:00 PM EDT Reads: 421
There are many considerations when moving applications from on-premise to cloud. It is critical to understand the benefits and also challenges of this migration. A successful migration will result in lower Total Cost of Ownership, yet offer the same or higher level of robustness. In his session at 15th Cloud Expo, Michael Meiner, an Engineering Director at Oracle, Corporation, analyzed a range of cloud offerings (IaaS, PaaS, SaaS) and discussed the benefits/challenges of migrating to each offe...
Aug. 11, 2015 10:17 AM EDT Reads: 500
"We've just seen a huge influx of new partners coming into our ecosystem, and partners building unique offerings on top of our API set," explained Seth Bostock, Chief Executive Officer at IndependenceIT, in this SYS-CON.tv interview at 16th Cloud Expo, held June 9-11, 2015, at the Javits Center in New York City.
Aug. 3, 2015 11:00 PM EDT Reads: 890