SlideShare uma empresa Scribd logo

The Security of Big Data: An Enterprise Perspective

Transferir como PPTX, PDF
Open Data Center Alliance
Open Data Center Alliance

Everyone knows that there are risks associated with moving enterprise data to a Cloud and everyone knows the huge potential that the analytics of Big Data can bring especially when using the Cloud, but what happens when these two converge. The presentation will discuss some of the security and privacy challenges associated with Big Data in the Cloud and will present a number of key initiatives that the ODCA have done to support enterprises that wish to take this step. To listen to the webinar based on this presentation with audio please visit the ODCA BrightTalk channel: https://www.brighttalk.com/webcast/9831/109843

Tecnologia
1 de 24
BIG DATA, CLOUD, SECURITY, AND ODCA USAGE MODELS Ian Lamont BMW AG
ODCA Big Data and Security Seminar | 2 BIG DATA (WIKIPEDIA) Big Data is the term for a collection of data sets so large that it becomes difficult to process using hands-on database management tools and processing applications. The challenges include capture, curation, storage, search, sharing, transfer, analysis, and visualisation.
ODCA Big Data and Security Seminar | 3 CHALLENGES • Privacy (particularly in Europe)  Security  Valid and fair usage  Right to be forgotten  Jurisdiction
ODCA Big Data and Security Seminar | 4 BIG DATA (WIKIPEDIA) Big Data is the term for a collection of data sets so large that it becomes difficult to process using hands-on database management tools and processing applications. The challenges include capture, curation, storage, search, sharing, transfer, analysis, and visualisation.
ODCA Big Data and Security Seminar | 5 BIG DATA SECURITY
ODCA Big Data and Security Seminar | 6 PLATFORM SECURITY • Provider Assurance Usage Model  Provides standard definitions of Security for Cloud Services  Bronze, Silver, Gold, and Platinum.  Mirror internal security levels to external requirements.
ODCA Big Data and Security Seminar | 7 NETWORK AND FIREWALL ISOLATION Network segregation and firewalls are required to protect all assets managed in the cloud. The level of involvement of the cloud provider in the management of firewall rule sets will vary depending on the level of service offered. Bronze The firewall rule sets are managed by the cloud provider with no direct involvement of the cloud subscriber. Silver The firewall rule sets are managed by the cloud provider with changes advised to the cloud subscriber before implementation. The cloud provider should offer network segmentation between logical tiers. Gold The firewall rule sets are managed by the cloud subscriber. The cloud provider retains access to the firewall at the administrator level in order to provide system maintenance. The cloud provider must offer network segmentation between logical tiers and should offer Layer-7 protection to prevent application- level attacks. Platinum The cloud provider has no access to firewalls. All admin tasks including rule updates are managed by the cloud subscriber. The cloud provider must offer network segregation between logical tiers and Layer-7 protection to prevent application-level attacks.
ODCA Big Data and Security Seminar | 8 VULNERABILITY MANAGEMENT A vulnerability management process that ensures installation of system and software patches within the targets is identified below. The test process must ensure proper function of the patch and compatibility to the actual target systems with no negative impact on resource utilization (i.e., memory and CPU consumption). Bronze Vulnerabilities with a basic Common Vulnerability Scoring System (CVSS) score of greater than 9 (or those rated as High by Microsoft or other vendors) must be patched within 96 hours; all others within 1 month. Silver Vulnerabilities with a basic CVSS score of greater than 5 (or those rated as Medium or High by Microsoft or other vendors) must be patched within 96 hours; all others within 1 month. Gold Vulnerabilities with a basic CVSS score of greater than 2 (or those rated as Low, Medium, or High by Microsoft or other vendors) must be patched within 96 hours; all others within 1 month. Platinum All vulnerabilities must be patched within 24 hours of their release by the vendor.
ODCA Big Data and Security Seminar | 9 PLATFORM SECURITY
ODCA Big Data and Security Seminar | 10 BIG DATA SECURITY
ODCA Big Data and Security Seminar | 11 DATA SECURITY • Encryption  Data at Rest  Data in Transit • Data Masking  Anonymization and Pseudonymization • Access Methods  User type profiling • Backup, Restore, and Archiving
ODCA Big Data and Security Seminar | 12 DATA LIFECYCLE
ODCA Big Data and Security Seminar | 13 ACCESS POINTS
ODCA Big Data and Security Seminar | 14 DATA FLOW 1
ODCA Big Data and Security Seminar | 15 DATA FLOW 2
ODCA Big Data and Security Seminar | 16 IDENTITY AND ACCESS MANAGEMENT • Identity Provisioning • Governance and Auditing • Privileged User Access • Single Sign On
ODCA Big Data and Security Seminar | 17 IDM BASIC MODEL
ODCA Big Data and Security Seminar | 18 IDM CLOUD MODEL
ODCA Big Data and Security Seminar | 19 IDM GOVERNANCE
ODCA Big Data and Security Seminar | 20 OTHER ODCA COLLATERAL • Security Monitoring • Interoperability • Guide to • SaaS Interoperability • Information as a Service • also Data Mgmt for Info_aaS • and much more ……
ODCA Big Data and Security Seminar | 21 OTHER PROBLEMS / CHALLENGES !!! • e-Discovery (UM coming soonish) • Data Ownership • plus anything else you can think of !
ODCA Big Data and Security Seminar | 22 Standardized Response Checklists Accelerate TTM Shared Practices Drive Scale Streamlined Requirements Accelerate Adoption Available to Members at: www.opendatacenteralliance.org URL for Public content: www.opendatacenteralliance.org MORE INFORMATION AND ASSETS
ODCA Big Data and Security Seminar | 23 Go forth (securely) and Big Data QUESTIONS Artist: Thierry Gregorius
ODCA Big Data and Security Seminar | 24 www.opendatacenteralliance.org

Recomendados

BIG DATA AND SECURITY CHALLENGES
BIG DATA AND SECURITY CHALLENGESBIG DATA AND SECURITY CHALLENGES
BIG DATA AND SECURITY CHALLENGESanupriti
 
Big security for big data
Big security for big dataBig security for big data
Big security for big dataAri Elias-Bachrach
 
Big data security the perfect storm
Big data security the perfect stormBig data security the perfect storm
Big data security the perfect stormUlf Mattsson
 
Hadoop and Big Data Security
Hadoop and Big Data SecurityHadoop and Big Data Security
Hadoop and Big Data SecurityChicago Hadoop Users Group
 
Big Data Security Analytics (BDSA) with Randy Franklin
Big Data Security Analytics (BDSA) with Randy FranklinBig Data Security Analytics (BDSA) with Randy Franklin
Big Data Security Analytics (BDSA) with Randy FranklinSridhar Karnam
 
Conference Presenation Cyber security and big data , Prof. Lili Saghafi
Conference Presenation Cyber security and big data , Prof. Lili SaghafiConference Presenation Cyber security and big data , Prof. Lili Saghafi
Conference Presenation Cyber security and big data , Prof. Lili SaghafiProfessor Lili Saghafi
 
Zettaset Elastic Big Data Security for Greenplum Database
Zettaset Elastic Big Data Security for Greenplum DatabaseZettaset Elastic Big Data Security for Greenplum Database
Zettaset Elastic Big Data Security for Greenplum DatabasePivotalOpenSourceHub
 
Big Data (security Issue)
Big Data (security Issue)Big Data (security Issue)
Big Data (security Issue)Export Promotion Bureau
 

Recomendados

BIG DATA AND SECURITY CHALLENGES
BIG DATA AND SECURITY CHALLENGESBIG DATA AND SECURITY CHALLENGES
BIG DATA AND SECURITY CHALLENGESanupriti
 
Big security for big data
Big security for big dataBig security for big data
Big security for big dataAri Elias-Bachrach
 
Big data security the perfect storm
Big data security the perfect stormBig data security the perfect storm
Big data security the perfect stormUlf Mattsson
 
Hadoop and Big Data Security
Hadoop and Big Data SecurityHadoop and Big Data Security
Hadoop and Big Data SecurityChicago Hadoop Users Group
 
Big Data Security Analytics (BDSA) with Randy Franklin
Big Data Security Analytics (BDSA) with Randy FranklinBig Data Security Analytics (BDSA) with Randy Franklin
Big Data Security Analytics (BDSA) with Randy FranklinSridhar Karnam
 
Conference Presenation Cyber security and big data , Prof. Lili Saghafi
Conference Presenation Cyber security and big data , Prof. Lili SaghafiConference Presenation Cyber security and big data , Prof. Lili Saghafi
Conference Presenation Cyber security and big data , Prof. Lili SaghafiProfessor Lili Saghafi
 
Zettaset Elastic Big Data Security for Greenplum Database
Zettaset Elastic Big Data Security for Greenplum DatabaseZettaset Elastic Big Data Security for Greenplum Database
Zettaset Elastic Big Data Security for Greenplum DatabasePivotalOpenSourceHub
 
Big Data (security Issue)
Big Data (security Issue)Big Data (security Issue)
Big Data (security Issue)Export Promotion Bureau
 
Network Security‬ and Big ‪‎Data Analytics‬
Network Security‬ and Big ‪‎Data Analytics‬Network Security‬ and Big ‪‎Data Analytics‬
Network Security‬ and Big ‪‎Data Analytics‬Allot Communications
 
Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence Stefaan Van daele
 
Big Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat ProtectionBig Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat ProtectionBlue Coat
 
Workshop: Big Data Visualization for Security
Workshop: Big Data Visualization for SecurityWorkshop: Big Data Visualization for Security
Workshop: Big Data Visualization for SecurityRaffael Marty
 
Big data security
Big data securityBig data security
Big data securityJoey Echeverria
 
Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)Peter Wood
 
Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title) Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title) Coastal Pet Products, Inc.
 
Big Data Security with Hadoop
Big Data Security with HadoopBig Data Security with Hadoop
Big Data Security with HadoopCloudera, Inc.
 
Information security in big data -privacy and data mining
Information security in big data -privacy and data miningInformation security in big data -privacy and data mining
Information security in big data -privacy and data miningharithavijay94
 
Big Data Security and Governance
Big Data Security and GovernanceBig Data Security and Governance
Big Data Security and GovernanceDataWorks Summit/Hadoop Summit
 
ODCA DevOps: Magnifying Business Value
ODCA DevOps: Magnifying Business ValueODCA DevOps: Magnifying Business Value
ODCA DevOps: Magnifying Business ValueOpen Data Center Alliance
 
Cloud & Enterprise IT. Hybrid IT, Coexistence Strategies
Cloud & Enterprise IT. Hybrid IT, Coexistence StrategiesCloud & Enterprise IT. Hybrid IT, Coexistence Strategies
Cloud & Enterprise IT. Hybrid IT, Coexistence StrategiesOpen Data Center Alliance
 
Open Data Center Alliance 2014 Member Survey on Cloud Adoption
Open Data Center Alliance 2014 Member Survey on Cloud AdoptionOpen Data Center Alliance 2014 Member Survey on Cloud Adoption
Open Data Center Alliance 2014 Member Survey on Cloud AdoptionOpen Data Center Alliance
 
ODCA Board Best Practice: High Performance Computing at BMW
ODCA Board Best Practice: High Performance Computing at BMWODCA Board Best Practice: High Performance Computing at BMW
ODCA Board Best Practice: High Performance Computing at BMWOpen Data Center Alliance
 
Forecast 2014: Making Better Business Decisions with Big Data and IoT
Forecast 2014: Making Better Business Decisions with Big Data and IoTForecast 2014: Making Better Business Decisions with Big Data and IoT
Forecast 2014: Making Better Business Decisions with Big Data and IoTOpen Data Center Alliance
 
Forecast 2014: The Grand Challenge, Simplifying IT to Unleash Innovation
Forecast 2014: The Grand Challenge, Simplifying IT to Unleash InnovationForecast 2014: The Grand Challenge, Simplifying IT to Unleash Innovation
Forecast 2014: The Grand Challenge, Simplifying IT to Unleash InnovationOpen Data Center Alliance
 
Forecast 2014: Why Open Platforms Matter to Enterprises and Developers
Forecast 2014: Why Open Platforms Matter to Enterprises and DevelopersForecast 2014: Why Open Platforms Matter to Enterprises and Developers
Forecast 2014: Why Open Platforms Matter to Enterprises and DevelopersOpen Data Center Alliance
 
Forecast 2014: ODCA Cloud Maturity Model V2.0
Forecast 2014: ODCA Cloud Maturity Model V2.0Forecast 2014: ODCA Cloud Maturity Model V2.0
Forecast 2014: ODCA Cloud Maturity Model V2.0Open Data Center Alliance
 
Forecast 2014: TOSCA: An Open Standard for Business Application Agility and P...
Forecast 2014: TOSCA: An Open Standard for Business Application Agility and P...Forecast 2014: TOSCA: An Open Standard for Business Application Agility and P...
Forecast 2014: TOSCA: An Open Standard for Business Application Agility and P...Open Data Center Alliance
 
Forecast 2014: Maximizing Your Cloud Service Quality and Costs
Forecast 2014: Maximizing Your Cloud Service Quality and Costs Forecast 2014: Maximizing Your Cloud Service Quality and Costs
Forecast 2014: Maximizing Your Cloud Service Quality and Costs Open Data Center Alliance
 
Forecast 2014: TOSCA Proof of Concept
Forecast 2014: TOSCA Proof of ConceptForecast 2014: TOSCA Proof of Concept
Forecast 2014: TOSCA Proof of ConceptOpen Data Center Alliance
 
Forecast 2014: Welcome to the ODCA University - School is Way Cool!
Forecast 2014: Welcome to the ODCA University - School is Way Cool!Forecast 2014: Welcome to the ODCA University - School is Way Cool!
Forecast 2014: Welcome to the ODCA University - School is Way Cool!Open Data Center Alliance
 

Mais conteúdo relacionado

Destaque

Network Security‬ and Big ‪‎Data Analytics‬
Network Security‬ and Big ‪‎Data Analytics‬Network Security‬ and Big ‪‎Data Analytics‬
Network Security‬ and Big ‪‎Data Analytics‬Allot Communications
 
Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence Stefaan Van daele
 
Big Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat ProtectionBig Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat ProtectionBlue Coat
 
Workshop: Big Data Visualization for Security
Workshop: Big Data Visualization for SecurityWorkshop: Big Data Visualization for Security
Workshop: Big Data Visualization for SecurityRaffael Marty
 
Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)Peter Wood
 
Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title) Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title) Coastal Pet Products, Inc.
 
Big Data Security with Hadoop
Big Data Security with HadoopBig Data Security with Hadoop
Big Data Security with HadoopCloudera, Inc.
 
Information security in big data -privacy and data mining
Information security in big data -privacy and data miningInformation security in big data -privacy and data mining
Information security in big data -privacy and data miningharithavijay94
 

Destaque (10)

Network Security‬ and Big ‪‎Data Analytics‬
Network Security‬ and Big ‪‎Data Analytics‬Network Security‬ and Big ‪‎Data Analytics‬
Network Security‬ and Big ‪‎Data Analytics‬
 
Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence
 
Big Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat ProtectionBig Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat Protection
 
Workshop: Big Data Visualization for Security
Workshop: Big Data Visualization for SecurityWorkshop: Big Data Visualization for Security
Workshop: Big Data Visualization for Security
 
Big data security
Big data securityBig data security
Big data security
 
Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)
 
Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title) Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title)
 
Big Data Security with Hadoop
Big Data Security with HadoopBig Data Security with Hadoop
Big Data Security with Hadoop
 
Information security in big data -privacy and data mining
Information security in big data -privacy and data miningInformation security in big data -privacy and data mining
Information security in big data -privacy and data mining
 
Big Data Security and Governance
Big Data Security and GovernanceBig Data Security and Governance
Big Data Security and Governance
 

Mais de Open Data Center Alliance

Cloud & Enterprise IT. Hybrid IT, Coexistence Strategies
Cloud & Enterprise IT. Hybrid IT, Coexistence StrategiesCloud & Enterprise IT. Hybrid IT, Coexistence Strategies
Cloud & Enterprise IT. Hybrid IT, Coexistence StrategiesOpen Data Center Alliance
 
Open Data Center Alliance 2014 Member Survey on Cloud Adoption
Open Data Center Alliance 2014 Member Survey on Cloud AdoptionOpen Data Center Alliance 2014 Member Survey on Cloud Adoption
Open Data Center Alliance 2014 Member Survey on Cloud AdoptionOpen Data Center Alliance
 
ODCA Board Best Practice: High Performance Computing at BMW
ODCA Board Best Practice: High Performance Computing at BMWODCA Board Best Practice: High Performance Computing at BMW
ODCA Board Best Practice: High Performance Computing at BMWOpen Data Center Alliance
 
Forecast 2014: Making Better Business Decisions with Big Data and IoT
Forecast 2014: Making Better Business Decisions with Big Data and IoTForecast 2014: Making Better Business Decisions with Big Data and IoT
Forecast 2014: Making Better Business Decisions with Big Data and IoTOpen Data Center Alliance
 
Forecast 2014: The Grand Challenge, Simplifying IT to Unleash Innovation
Forecast 2014: The Grand Challenge, Simplifying IT to Unleash InnovationForecast 2014: The Grand Challenge, Simplifying IT to Unleash Innovation
Forecast 2014: The Grand Challenge, Simplifying IT to Unleash InnovationOpen Data Center Alliance
 
Forecast 2014: Why Open Platforms Matter to Enterprises and Developers
Forecast 2014: Why Open Platforms Matter to Enterprises and DevelopersForecast 2014: Why Open Platforms Matter to Enterprises and Developers
Forecast 2014: Why Open Platforms Matter to Enterprises and DevelopersOpen Data Center Alliance
 
Forecast 2014: ODCA Cloud Maturity Model V2.0
Forecast 2014: ODCA Cloud Maturity Model V2.0Forecast 2014: ODCA Cloud Maturity Model V2.0
Forecast 2014: ODCA Cloud Maturity Model V2.0Open Data Center Alliance
 
Forecast 2014: TOSCA: An Open Standard for Business Application Agility and P...
Forecast 2014: TOSCA: An Open Standard for Business Application Agility and P...Forecast 2014: TOSCA: An Open Standard for Business Application Agility and P...
Forecast 2014: TOSCA: An Open Standard for Business Application Agility and P...Open Data Center Alliance
 
Forecast 2014: Maximizing Your Cloud Service Quality and Costs
Forecast 2014: Maximizing Your Cloud Service Quality and Costs Forecast 2014: Maximizing Your Cloud Service Quality and Costs
Forecast 2014: Maximizing Your Cloud Service Quality and Costs Open Data Center Alliance
 
Forecast 2014: Welcome to the ODCA University - School is Way Cool!
Forecast 2014: Welcome to the ODCA University - School is Way Cool!Forecast 2014: Welcome to the ODCA University - School is Way Cool!
Forecast 2014: Welcome to the ODCA University - School is Way Cool!Open Data Center Alliance
 
Forecast 2014: Software Defined Networking - What's New?
Forecast 2014: Software Defined Networking - What's New? Forecast 2014: Software Defined Networking - What's New?
Forecast 2014: Software Defined Networking - What's New? Open Data Center Alliance
 
Forecast 2014: Infrastructure as a Service (IaaS)
Forecast 2014: Infrastructure as a Service (IaaS)Forecast 2014: Infrastructure as a Service (IaaS)
Forecast 2014: Infrastructure as a Service (IaaS)Open Data Center Alliance
 
Forecast 2014: Business Strategy Enabled by Cloud
Forecast 2014: Business Strategy Enabled by Cloud Forecast 2014: Business Strategy Enabled by Cloud
Forecast 2014: Business Strategy Enabled by Cloud Open Data Center Alliance
 
Forecast 2014 Keynote: Re-architecting the Data Center for the Digital Servic...
Forecast 2014 Keynote: Re-architecting the Data Center for the Digital Servic...Forecast 2014 Keynote: Re-architecting the Data Center for the Digital Servic...
Forecast 2014 Keynote: Re-architecting the Data Center for the Digital Servic...Open Data Center Alliance
 

Mais de Open Data Center Alliance (20)

ODCA DevOps: Magnifying Business Value
ODCA DevOps: Magnifying Business ValueODCA DevOps: Magnifying Business Value
ODCA DevOps: Magnifying Business Value
 
Cloud & Enterprise IT. Hybrid IT, Coexistence Strategies
Cloud & Enterprise IT. Hybrid IT, Coexistence StrategiesCloud & Enterprise IT. Hybrid IT, Coexistence Strategies
Cloud & Enterprise IT. Hybrid IT, Coexistence Strategies
 
Open Data Center Alliance 2014 Member Survey on Cloud Adoption
Open Data Center Alliance 2014 Member Survey on Cloud AdoptionOpen Data Center Alliance 2014 Member Survey on Cloud Adoption
Open Data Center Alliance 2014 Member Survey on Cloud Adoption
 
ODCA Board Best Practice: High Performance Computing at BMW
ODCA Board Best Practice: High Performance Computing at BMWODCA Board Best Practice: High Performance Computing at BMW
ODCA Board Best Practice: High Performance Computing at BMW
 
Forecast 2014: Making Better Business Decisions with Big Data and IoT
Forecast 2014: Making Better Business Decisions with Big Data and IoTForecast 2014: Making Better Business Decisions with Big Data and IoT
Forecast 2014: Making Better Business Decisions with Big Data and IoT
 
Forecast 2014: The Grand Challenge, Simplifying IT to Unleash Innovation
Forecast 2014: The Grand Challenge, Simplifying IT to Unleash InnovationForecast 2014: The Grand Challenge, Simplifying IT to Unleash Innovation
Forecast 2014: The Grand Challenge, Simplifying IT to Unleash Innovation
 
Forecast 2014: Why Open Platforms Matter to Enterprises and Developers
Forecast 2014: Why Open Platforms Matter to Enterprises and DevelopersForecast 2014: Why Open Platforms Matter to Enterprises and Developers
Forecast 2014: Why Open Platforms Matter to Enterprises and Developers
 
Forecast 2014: ODCA Cloud Maturity Model V2.0
Forecast 2014: ODCA Cloud Maturity Model V2.0Forecast 2014: ODCA Cloud Maturity Model V2.0
Forecast 2014: ODCA Cloud Maturity Model V2.0
 
Forecast 2014: TOSCA: An Open Standard for Business Application Agility and P...
Forecast 2014: TOSCA: An Open Standard for Business Application Agility and P...Forecast 2014: TOSCA: An Open Standard for Business Application Agility and P...
Forecast 2014: TOSCA: An Open Standard for Business Application Agility and P...
 
Forecast 2014: Maximizing Your Cloud Service Quality and Costs
Forecast 2014: Maximizing Your Cloud Service Quality and Costs Forecast 2014: Maximizing Your Cloud Service Quality and Costs
Forecast 2014: Maximizing Your Cloud Service Quality and Costs
 
Forecast 2014: TOSCA Proof of Concept
Forecast 2014: TOSCA Proof of ConceptForecast 2014: TOSCA Proof of Concept
Forecast 2014: TOSCA Proof of Concept
 
Forecast 2014: Welcome to the ODCA University - School is Way Cool!
Forecast 2014: Welcome to the ODCA University - School is Way Cool!Forecast 2014: Welcome to the ODCA University - School is Way Cool!
Forecast 2014: Welcome to the ODCA University - School is Way Cool!
 
Forecast 2014: Software Defined Networking - What's New?
Forecast 2014: Software Defined Networking - What's New? Forecast 2014: Software Defined Networking - What's New?
Forecast 2014: Software Defined Networking - What's New?
 
Forecast 2014: Cloud-Aware Applications
Forecast 2014: Cloud-Aware Applications Forecast 2014: Cloud-Aware Applications
Forecast 2014: Cloud-Aware Applications
 
Forecast 2014: eDiscovery and Forensics
Forecast 2014: eDiscovery and Forensics Forecast 2014: eDiscovery and Forensics
Forecast 2014: eDiscovery and Forensics
 
Forecast 2014: Cloud Service Brokering
Forecast 2014: Cloud Service BrokeringForecast 2014: Cloud Service Brokering
Forecast 2014: Cloud Service Brokering
 
Forecast 2014: Infrastructure as a Service (IaaS)
Forecast 2014: Infrastructure as a Service (IaaS)Forecast 2014: Infrastructure as a Service (IaaS)
Forecast 2014: Infrastructure as a Service (IaaS)
 
Forecast 2014: SaaS Data Exchange
Forecast 2014: SaaS Data ExchangeForecast 2014: SaaS Data Exchange
Forecast 2014: SaaS Data Exchange
 
Forecast 2014: Business Strategy Enabled by Cloud
Forecast 2014: Business Strategy Enabled by Cloud Forecast 2014: Business Strategy Enabled by Cloud
Forecast 2014: Business Strategy Enabled by Cloud
 
Forecast 2014 Keynote: Re-architecting the Data Center for the Digital Servic...
Forecast 2014 Keynote: Re-architecting the Data Center for the Digital Servic...Forecast 2014 Keynote: Re-architecting the Data Center for the Digital Servic...
Forecast 2014 Keynote: Re-architecting the Data Center for the Digital Servic...
 

Último

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 

Último (20)

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 

The Security of Big Data: An Enterprise Perspective

  • 1. BIG DATA, CLOUD, SECURITY, AND ODCA USAGE MODELS Ian Lamont BMW AG
  • 2. ODCA Big Data and Security Seminar | 2 BIG DATA (WIKIPEDIA) Big Data is the term for a collection of data sets so large that it becomes difficult to process using hands-on database management tools and processing applications. The challenges include capture, curation, storage, search, sharing, transfer, analysis, and visualisation.
  • 3. ODCA Big Data and Security Seminar | 3 CHALLENGES • Privacy (particularly in Europe)  Security  Valid and fair usage  Right to be forgotten  Jurisdiction
  • 4. ODCA Big Data and Security Seminar | 4 BIG DATA (WIKIPEDIA) Big Data is the term for a collection of data sets so large that it becomes difficult to process using hands-on database management tools and processing applications. The challenges include capture, curation, storage, search, sharing, transfer, analysis, and visualisation.
  • 5. ODCA Big Data and Security Seminar | 5 BIG DATA SECURITY
  • 6. ODCA Big Data and Security Seminar | 6 PLATFORM SECURITY • Provider Assurance Usage Model  Provides standard definitions of Security for Cloud Services  Bronze, Silver, Gold, and Platinum.  Mirror internal security levels to external requirements.
  • 7. ODCA Big Data and Security Seminar | 7 NETWORK AND FIREWALL ISOLATION Network segregation and firewalls are required to protect all assets managed in the cloud. The level of involvement of the cloud provider in the management of firewall rule sets will vary depending on the level of service offered. Bronze The firewall rule sets are managed by the cloud provider with no direct involvement of the cloud subscriber. Silver The firewall rule sets are managed by the cloud provider with changes advised to the cloud subscriber before implementation. The cloud provider should offer network segmentation between logical tiers. Gold The firewall rule sets are managed by the cloud subscriber. The cloud provider retains access to the firewall at the administrator level in order to provide system maintenance. The cloud provider must offer network segmentation between logical tiers and should offer Layer-7 protection to prevent application- level attacks. Platinum The cloud provider has no access to firewalls. All admin tasks including rule updates are managed by the cloud subscriber. The cloud provider must offer network segregation between logical tiers and Layer-7 protection to prevent application-level attacks.
  • 8. ODCA Big Data and Security Seminar | 8 VULNERABILITY MANAGEMENT A vulnerability management process that ensures installation of system and software patches within the targets is identified below. The test process must ensure proper function of the patch and compatibility to the actual target systems with no negative impact on resource utilization (i.e., memory and CPU consumption). Bronze Vulnerabilities with a basic Common Vulnerability Scoring System (CVSS) score of greater than 9 (or those rated as High by Microsoft or other vendors) must be patched within 96 hours; all others within 1 month. Silver Vulnerabilities with a basic CVSS score of greater than 5 (or those rated as Medium or High by Microsoft or other vendors) must be patched within 96 hours; all others within 1 month. Gold Vulnerabilities with a basic CVSS score of greater than 2 (or those rated as Low, Medium, or High by Microsoft or other vendors) must be patched within 96 hours; all others within 1 month. Platinum All vulnerabilities must be patched within 24 hours of their release by the vendor.
  • 9. ODCA Big Data and Security Seminar | 9 PLATFORM SECURITY
  • 10. ODCA Big Data and Security Seminar | 10 BIG DATA SECURITY
  • 11. ODCA Big Data and Security Seminar | 11 DATA SECURITY • Encryption  Data at Rest  Data in Transit • Data Masking  Anonymization and Pseudonymization • Access Methods  User type profiling • Backup, Restore, and Archiving
  • 12. ODCA Big Data and Security Seminar | 12 DATA LIFECYCLE
  • 13. ODCA Big Data and Security Seminar | 13 ACCESS POINTS
  • 14. ODCA Big Data and Security Seminar | 14 DATA FLOW 1
  • 15. ODCA Big Data and Security Seminar | 15 DATA FLOW 2
  • 16. ODCA Big Data and Security Seminar | 16 IDENTITY AND ACCESS MANAGEMENT • Identity Provisioning • Governance and Auditing • Privileged User Access • Single Sign On
  • 17. ODCA Big Data and Security Seminar | 17 IDM BASIC MODEL
  • 18. ODCA Big Data and Security Seminar | 18 IDM CLOUD MODEL
  • 19. ODCA Big Data and Security Seminar | 19 IDM GOVERNANCE
  • 20. ODCA Big Data and Security Seminar | 20 OTHER ODCA COLLATERAL • Security Monitoring • Interoperability • Guide to • SaaS Interoperability • Information as a Service • also Data Mgmt for Info_aaS • and much more ……
  • 21. ODCA Big Data and Security Seminar | 21 OTHER PROBLEMS / CHALLENGES !!! • e-Discovery (UM coming soonish) • Data Ownership • plus anything else you can think of !
  • 22. ODCA Big Data and Security Seminar | 22 Standardized Response Checklists Accelerate TTM Shared Practices Drive Scale Streamlined Requirements Accelerate Adoption Available to Members at: www.opendatacenteralliance.org URL for Public content: www.opendatacenteralliance.org MORE INFORMATION AND ASSETS
  • 23. ODCA Big Data and Security Seminar | 23 Go forth (securely) and Big Data QUESTIONS Artist: Thierry Gregorius
  • 24. ODCA Big Data and Security Seminar | 24 www.opendatacenteralliance.org