ibm canada: how secure is your big data?
TRANSCRIPT
1 #SmarterBiz
How Secure is Your Big Data?
Eric Offenberg
WW Sales Enablement Leader
IBM Security
2 #SmarterBiz
The Era of Big Data has Arrived• Organizations are jumping into
big data with both feet
• Departmental projects, and rogue IT teams are sprouting up everywhere
• Any and all available data is being used within these projects
3 #SmarterBiz© 2014 IBM Corporation3
We are in an era of continuous breachesAttackers are relentless, victims are targeted, and the damage toll is rising
Source:
IBM X-Force Threat Intelligence Quarterly – 1Q 2014
Operational
Sophistication
IBM X-Force declared
Year of the
Security Breach
Near Daily Leaks
of Sensitive Data
40% increase in reported data
breaches and incidents
Relentless Use
of Multiple Methods
500,000,000+ records were leaked, while the future
shows no sign of change
2011 2012 2013
Note: Size of circle estimates relative impact of incident in terms of cost to business.
2011 2012 2013
4 #SmarterBiz
4
25 May 2015
Why Big Data ?
Case study: Aviation Data
Jet sensors:
Collect jet engine data ( temperature, humidity, air pressure ) to predict part
failure, take preventative action. Reduce cost by pre-empting failure
Reduce down-time:
Preventative maintenannce reduces down time, thus more planes to service
customers.
Analyzing arrivals/departure data, weather conditions and other data sources
airlines can bette rmanage their fleets and schedules.
Happier customers:
Improved customer satisfaction is the result of fewer delays, increased customer
loyalty and increased bookings.
Nalayze customer’s flying patterns airlines can identify new routes and add other
services to benefits customers and the airline.
Greener:
More efficient jet engines consume less fuel and emit fewer CO2 gases
5 #SmarterBiz5
Case study: Facebook Messaging
▪ High write throughput
▪ Every message, instant message, SMS, and e-mail
▪ Search indexes for all of the above
▪ Denormalized schema
▪ A product at massive scale on day one
▪ 6k messages a second
▪ 50k instant messages a second
▪ 300TB data growth/month compressed
…
6 #SmarterBiz
Why is Big Data so Messy?
Time Constraints
Inconsistency
New, Less Certain Sources
Ambiguity & Incompleteness
7 #SmarterBiz
Data is the key target for security breaches5..5 and Database Servers Are The Primary Source of Breached Data
www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012_en_xg.pdf
2012 Data Breach Report from Verizon Business RISK
Team
� Database servers contain your client’s
most valuable information
– Financial records
– Customer information
– Credit card and other account records
– Personally identifiable information
– Patient records
� High volumes of structured data
� Easy to access
“Go where the money is5 and go there
often.” - Willie Sutton
WH
Y?
8 #SmarterBiz
What is Bring Attacked?
Key Sectors & Industries5 Most Attacked Industries*
Government
Health & Social
Services
Financial Services Insurance
Retail &
Wholesale
Utilities
Information &
Communication
Manufacturing
Transportation
*Attack rates can differ greatly between industries
9 #SmarterBiz
Understanding the Data
Understanding the VALUE it brings Understanding the RISK it presents
- Business insights
- How data is consumed by
the business
- How active is the data
- Who consumes the
information
- What insights gained
- Find sensitivity of data
- Classify data elements
- Inspect & classify extracted
data
- Identify how exposed is the data
Value to the
Business
Risk
Above the lineHigh value data with low (or at least acceptable) risk levels
Below the lineRisk levels are too high given the business value of the data
Low Value, High Risk
Dormant table with
sensitive data
Low Value, Low
Risk
Temp table with no
sensitive data
High Value, High Risk
Table with sensitive data
that is used often by
business application
High Value, Low Risk
Table with no sensitive data
that is used often by an
important business
application
10 #SmarterBiz
BIG DATA PLATFORM
Greater Necessity for Data Security for Big Data
Regulatory
Compliance
Data Breach
The same risks apply�
�and Big Data introduces new challenges
New Data Users
Attractive
Target
Fewer Tools
Brand Reputation
11 #SmarterBiz
Big Data Technology Barriers to Security and Privacy
SOURCE SYSTEMS,
DATA MARTS, SILOS
BIG DATA
PLATFORM
USER ACCESS
REQUESTS
Lack tools to quickly and
effectively protect data on
sources or platform
Unclear understanding of
sensitive data
Difficulty finding potentially
sensitive data and
relationships
Inability to track users/data
access activity
Inconsistent security
controls among traditional
and big data infrastructure
12 #SmarterBiz
Understand and Define
Secure and Protect
Monitor and Audit
� Locate and inventory data sources
across the enterprise
� Identify sensitive data and classify
� Understand relationships
� Define policies and metrics
� Prevent authorized users from
misusing sensitive data
� Prevent intrusion and theft of data
� Fully redact sensitive unstructured data
� De-identify confidential data
� Audit and report compliance
� Monitor and enforce review of policy
exceptions
� Assess database vulnerabilities
� Automate data protection compliance
Scale to handle
big data
Scale to handle
big data
Support wide
range of data
sources
Support wide
range of data
sources
Provide agility
for faster
deployments
Provide agility
for faster
deployments
A Holistic Approach to Data Security and Privacy
13 #SmarterBiz
Best practice for Securing Big Data:Implement database activity monitoring
- Create a secure, detailed, verifiable audit trail of all database activities
User activity, including privileged users
User creation and object creation and manipulation
- Gain visibility into all database activity involving sensitive data
Who, what, when and how
Real-time alerts for suspicious activity
- Integrate with business processes for audit compliance
Dissemination of reports to appropriate personnel for signoff and review
Retain reports and signoffs per audit requirements
- Cross-platform, common solution for the enterprise.
14 #SmarterBiz
Typical home grown solutions are costly and ineffective
Create reports
Manual review
Manual remediation dispatch and tracking
Native
Database
Logging
• Pearl/UNIX Scripts/C++
• Scrape and parse the data
• Move to central repository
Native
Database
Logging
Native
Database
Logging
Native
Database
Logging
• Significant labor cost to review data and maintain process• High performance impact on DBMS from native logging
• Not real time• Does not meet auditor requirements for Separation of Duties
• Audit trail is not secure• Inconsistent policies enterprise-wide
15 #SmarterBiz
•Real-time monitoring of all data
access, such as privileged user
activity
•Detecting malicious activity and
enforcing security policy
•Compliance process automation
•Support for multi-platform data
environments
Key Characteristics
� Single Integrated Appliance
� Non-invasive/disruptive, cross-platform architecture
� Dynamically scalable
� SOD enforcement for DBA access
� Granular, real-time policies
� Who, what, when, how
� 100% visibility including local DBA access
� No need for easily tampered native audit logs
� Eliminate performance impact of native audit
� Prepackaged vulnerability knowledge base
and compliance reports for SOX, PCI, etc.
� Integration with broader security and
compliance management vision
Collector
Appliance
Host-based
Probes
S-TAP
Data Repositories
(databases, data warehouses,
Hadoop, file share)
Central Manager Appliance
IBM Guardium Data Activity Monitoring
16 #SmarterBiz
Big Data Privacy and Security
Agile Governance
Innovation
• Nonintrusive real-time activity monitoring for
various NoSQL and Hadoop repositories
• Fully integrated into the standard activity
monitoring for relational databases
Value
• Prevent data breaches
• Ensure the integrity of sensitive data
• Reduce cost of compliance
Usage
• Monitor access to sensitive data
• Alert on unauthorized access to data
• Produce detailed activity reports
Netezza
Teradata
2011
Netezza
Teradata
BigInsight
Cloudera
2012
Netezza
Teradata
BigInsight
Cloudera
MongoDB
CouchDB
Cassandra
Green Plum
HortonWorks
2013
17 #SmarterBiz
Solved: Guardium Fills the Hadoop Security Gap
- Guardium is not Hadoop distribution bound, and already support:
HortonWorks, Cloudera, Greenplum, Apache, etc.,
AND BigInsights
- Guardium monitors key components that businesses require:
HDFS – Hadoop File System (ls, chmod, mkdir, 5)
Exception monitoring
MapReduce
Oozie – workflow scheduler
HBase – key value data store
Hive – data warehouse
- Guardium provides answers to the questions businesses need to ask
Who, When, Where, What was accessed, and How
18 #SmarterBiz
Top government agencies
8 of the top 10 telcos worldwide
2 of the top 3 global retailers
XX
5 of the top 6 global insurers
5 of the top 5 global banks XX 4 of the top 4 global managed
healthcare providersProtecting access to over
$10,869,929,241 in financial
assetsProtecting access to
136 million patients’
private information
Safeguarding the integrity
of 2.5 billion credit card or
personal information
transactions per year
Protecting more than 100,000
databases with personal and
private information
Safeguarding the
integrity of the world’s
government information
and defense
Maintaining the privacy
of over 1,100,000,000
subscribers
IBM Data Security Chosen by Leading Organizations Worldwide
19 #SmarterBiz
Link to the case study
http://public.dhe.ibm.com/c
ommon/ssi/ecm/en/imc145
73usen/IMC14573USEN.P
DF
A Private Bank in the UAE
automates security
compliance reporting in a big
data environment
Need
• The bank processes several terabytes of data
daily and required a solution which addressed
the new security risks evolving around the
world, especially with respect to protecting big
data environments.
Benefits
• Achieves ROI in 8 months
• A scalable security monitoring solution that
supports diverse database environment and
does not impact application performance
• The time required to produce audit and
compliance reports has gone from two months
to near real-time
20 #SmarterBiz
NEXT STEPS:
1. Visit me in the Social HubB Let’s Talk & Tweet #SmarterBiz
2. See our Security Representative in the Tech Showcase for detailed demonstrations
3. Please Sign up for MaaS360: http://www.maas360.com/
AppScan: http://www-03.ibm.com/software/products/en/appscan
4. For Additional Information
or type this URL into your browser: ibm.biz/sbs2015
21 #SmarterBiz
Gracias
Merci
Grazie
ObrigadoDanke
Japanese
French
Russian
German
Italian
Spanish
Brazilian Portuguese
Arabic
Traditional Chinese
Simplified Chinese
Thai
TackSwedish
Danke
DziękujęPolish
Hebrew