How can businesses secure their big data lakes?

One trend that's becoming more popular than ever among enterprises looking to make the most of their information is the concept of the 'data lake'. This involves pooling pieces of incoming information from a wide range of sources into a centralised resource, in order to make it easier to analyse and spot key insights.

However, while the data lake can greatly help businesses understand their operations and identify areas for improvement, it does open them up to new threats, especially in the current era where cyber criminals are becoming more sophisticated all the time.

It was noted by Infoworld that data lakes have become hugely tempting targets for hackers. One key reason for this is that, with so much potentially valuable information all stored in the same place, the rewards on offer compared to the effort required are very high.

In the past, a determined hacker may have needed to break into several discrete systems in order to access the same amount of information that is now held in a single location, where only one set of defences must be breached. Even if the protections in place for a data lake are stronger, many criminals will determine it is well worth the effort.

What's more, data lakes do not only contain raw information. They also store enriched and reconciled data that carries much more potential for malicious users to gain insight into the secrets of individuals or corporations.     

Finally, Infoworld observed that security technologies for big data solutions – and Hadoop platforms in particular – are not as well-developed as their counterparts for more traditional systems.

"Securing big data requires the combination of specific but also very traditional security technologies, but it is also a process and policies issue," Infoworld writer Yves de Montcheuil stated. "One of the top risks is the creation of new silos for application identity – separating big data security from the rest and soon creating a divergence between systems."

A common result of this is systems that have very wide-ranging admin privileges, but also place constraints on an organisation's ability to meet compliance or to mitigate risks.

To combat these dangers, IT and security professionals need to focus closely on their big data activities. While experts may already be familiar with the 'three Vs' of big data, they also need to be thinking about 'three As' when it comes to securing these systems.

These are authentication, authorisation and accounting. By ensuring businesses have strong access control systems in place and a full log of all activities that are taking place, they will be in a much better position to spot any areas that have been compromised.

These principles will already be familiar to many users, as they should have security frameworks incorporating these elements in their traditional systems. The challenge for IT pros will be to integrate them into their big data without having to completely overhaul their policies.

"Big data must integrate with existing technology frameworks," Mr De Montcheuil said. "Or, another way to view this is that technology frameworks must evolve to integrate with big data technologies. And it's not going to be a simple endeavor to keep up."