SlideShare ist ein Scribd-Unternehmen logo

The Security of Big Data: An Enterprise Perspective

Als PPTX, PDF herunterladen
Open Data Center Alliance
Open Data Center Alliance

Everyone knows that there are risks associated with moving enterprise data to a Cloud and everyone knows the huge potential that the analytics of Big Data can bring especially when using the Cloud, but what happens when these two converge. The presentation will discuss some of the security and privacy challenges associated with Big Data in the Cloud and will present a number of key initiatives that the ODCA have done to support enterprises that wish to take this step. To listen to the webinar based on this presentation with audio please visit the ODCA BrightTalk channel: https://www.brighttalk.com/webcast/9831/109843

Technologie
1 von 24
BIG DATA, CLOUD, SECURITY, AND ODCA USAGE MODELS Ian Lamont BMW AG
ODCA Big Data and Security Seminar | 2 BIG DATA (WIKIPEDIA) Big Data is the term for a collection of data sets so large that it becomes difficult to process using hands-on database management tools and processing applications. The challenges include capture, curation, storage, search, sharing, transfer, analysis, and visualisation.
ODCA Big Data and Security Seminar | 3 CHALLENGES • Privacy (particularly in Europe)  Security  Valid and fair usage  Right to be forgotten  Jurisdiction
ODCA Big Data and Security Seminar | 4 BIG DATA (WIKIPEDIA) Big Data is the term for a collection of data sets so large that it becomes difficult to process using hands-on database management tools and processing applications. The challenges include capture, curation, storage, search, sharing, transfer, analysis, and visualisation.
ODCA Big Data and Security Seminar | 5 BIG DATA SECURITY
ODCA Big Data and Security Seminar | 6 PLATFORM SECURITY • Provider Assurance Usage Model  Provides standard definitions of Security for Cloud Services  Bronze, Silver, Gold, and Platinum.  Mirror internal security levels to external requirements.
ODCA Big Data and Security Seminar | 7 NETWORK AND FIREWALL ISOLATION Network segregation and firewalls are required to protect all assets managed in the cloud. The level of involvement of the cloud provider in the management of firewall rule sets will vary depending on the level of service offered. Bronze The firewall rule sets are managed by the cloud provider with no direct involvement of the cloud subscriber. Silver The firewall rule sets are managed by the cloud provider with changes advised to the cloud subscriber before implementation. The cloud provider should offer network segmentation between logical tiers. Gold The firewall rule sets are managed by the cloud subscriber. The cloud provider retains access to the firewall at the administrator level in order to provide system maintenance. The cloud provider must offer network segmentation between logical tiers and should offer Layer-7 protection to prevent application- level attacks. Platinum The cloud provider has no access to firewalls. All admin tasks including rule updates are managed by the cloud subscriber. The cloud provider must offer network segregation between logical tiers and Layer-7 protection to prevent application-level attacks.
ODCA Big Data and Security Seminar | 8 VULNERABILITY MANAGEMENT A vulnerability management process that ensures installation of system and software patches within the targets is identified below. The test process must ensure proper function of the patch and compatibility to the actual target systems with no negative impact on resource utilization (i.e., memory and CPU consumption). Bronze Vulnerabilities with a basic Common Vulnerability Scoring System (CVSS) score of greater than 9 (or those rated as High by Microsoft or other vendors) must be patched within 96 hours; all others within 1 month. Silver Vulnerabilities with a basic CVSS score of greater than 5 (or those rated as Medium or High by Microsoft or other vendors) must be patched within 96 hours; all others within 1 month. Gold Vulnerabilities with a basic CVSS score of greater than 2 (or those rated as Low, Medium, or High by Microsoft or other vendors) must be patched within 96 hours; all others within 1 month. Platinum All vulnerabilities must be patched within 24 hours of their release by the vendor.
ODCA Big Data and Security Seminar | 9 PLATFORM SECURITY
ODCA Big Data and Security Seminar | 10 BIG DATA SECURITY
ODCA Big Data and Security Seminar | 11 DATA SECURITY • Encryption  Data at Rest  Data in Transit • Data Masking  Anonymization and Pseudonymization • Access Methods  User type profiling • Backup, Restore, and Archiving
ODCA Big Data and Security Seminar | 12 DATA LIFECYCLE
ODCA Big Data and Security Seminar | 13 ACCESS POINTS
ODCA Big Data and Security Seminar | 14 DATA FLOW 1
ODCA Big Data and Security Seminar | 15 DATA FLOW 2
ODCA Big Data and Security Seminar | 16 IDENTITY AND ACCESS MANAGEMENT • Identity Provisioning • Governance and Auditing • Privileged User Access • Single Sign On
ODCA Big Data and Security Seminar | 17 IDM BASIC MODEL
ODCA Big Data and Security Seminar | 18 IDM CLOUD MODEL
ODCA Big Data and Security Seminar | 19 IDM GOVERNANCE
ODCA Big Data and Security Seminar | 20 OTHER ODCA COLLATERAL • Security Monitoring • Interoperability • Guide to • SaaS Interoperability • Information as a Service • also Data Mgmt for Info_aaS • and much more ……
ODCA Big Data and Security Seminar | 21 OTHER PROBLEMS / CHALLENGES !!! • e-Discovery (UM coming soonish) • Data Ownership • plus anything else you can think of !
ODCA Big Data and Security Seminar | 22 Standardized Response Checklists Accelerate TTM Shared Practices Drive Scale Streamlined Requirements Accelerate Adoption Available to Members at: www.opendatacenteralliance.org URL for Public content: www.opendatacenteralliance.org MORE INFORMATION AND ASSETS
ODCA Big Data and Security Seminar | 23 Go forth (securely) and Big Data QUESTIONS Artist: Thierry Gregorius
ODCA Big Data and Security Seminar | 24 www.opendatacenteralliance.org

Empfohlen

BIG DATA AND SECURITY CHALLENGES
BIG DATA AND SECURITY CHALLENGESBIG DATA AND SECURITY CHALLENGES
BIG DATA AND SECURITY CHALLENGESanupriti
 
Big security for big data
Big security for big dataBig security for big data
Big security for big dataAri Elias-Bachrach
 
Big data security the perfect storm
Big data security the perfect stormBig data security the perfect storm
Big data security the perfect stormUlf Mattsson
 
Hadoop and Big Data Security
Hadoop and Big Data SecurityHadoop and Big Data Security
Hadoop and Big Data SecurityChicago Hadoop Users Group
 
Big Data Security Analytics (BDSA) with Randy Franklin
Big Data Security Analytics (BDSA) with Randy FranklinBig Data Security Analytics (BDSA) with Randy Franklin
Big Data Security Analytics (BDSA) with Randy FranklinSridhar Karnam
 
Conference Presenation Cyber security and big data , Prof. Lili Saghafi
Conference Presenation Cyber security and big data , Prof. Lili SaghafiConference Presenation Cyber security and big data , Prof. Lili Saghafi
Conference Presenation Cyber security and big data , Prof. Lili SaghafiProfessor Lili Saghafi
 
Zettaset Elastic Big Data Security for Greenplum Database
Zettaset Elastic Big Data Security for Greenplum DatabaseZettaset Elastic Big Data Security for Greenplum Database
Zettaset Elastic Big Data Security for Greenplum DatabasePivotalOpenSourceHub
 
Big Data (security Issue)
Big Data (security Issue)Big Data (security Issue)
Big Data (security Issue)Export Promotion Bureau
 

Empfohlen

BIG DATA AND SECURITY CHALLENGES
BIG DATA AND SECURITY CHALLENGESBIG DATA AND SECURITY CHALLENGES
BIG DATA AND SECURITY CHALLENGESanupriti
 
Big security for big data
Big security for big dataBig security for big data
Big security for big dataAri Elias-Bachrach
 
Big data security the perfect storm
Big data security the perfect stormBig data security the perfect storm
Big data security the perfect stormUlf Mattsson
 
Hadoop and Big Data Security
Hadoop and Big Data SecurityHadoop and Big Data Security
Hadoop and Big Data SecurityChicago Hadoop Users Group
 
Big Data Security Analytics (BDSA) with Randy Franklin
Big Data Security Analytics (BDSA) with Randy FranklinBig Data Security Analytics (BDSA) with Randy Franklin
Big Data Security Analytics (BDSA) with Randy FranklinSridhar Karnam
 
Conference Presenation Cyber security and big data , Prof. Lili Saghafi
Conference Presenation Cyber security and big data , Prof. Lili SaghafiConference Presenation Cyber security and big data , Prof. Lili Saghafi
Conference Presenation Cyber security and big data , Prof. Lili SaghafiProfessor Lili Saghafi
 
Zettaset Elastic Big Data Security for Greenplum Database
Zettaset Elastic Big Data Security for Greenplum DatabaseZettaset Elastic Big Data Security for Greenplum Database
Zettaset Elastic Big Data Security for Greenplum DatabasePivotalOpenSourceHub
 
Big Data (security Issue)
Big Data (security Issue)Big Data (security Issue)
Big Data (security Issue)Export Promotion Bureau
 
Network Security‬ and Big ‪‎Data Analytics‬
Network Security‬ and Big ‪‎Data Analytics‬Network Security‬ and Big ‪‎Data Analytics‬
Network Security‬ and Big ‪‎Data Analytics‬Allot Communications
 
Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence Stefaan Van daele
 
Big Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat ProtectionBig Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat ProtectionBlue Coat
 
Workshop: Big Data Visualization for Security
Workshop: Big Data Visualization for SecurityWorkshop: Big Data Visualization for Security
Workshop: Big Data Visualization for SecurityRaffael Marty
 
Big data security
Big data securityBig data security
Big data securityJoey Echeverria
 
Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)Peter Wood
 
Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title) Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title) Coastal Pet Products, Inc.
 
Big Data Security with Hadoop
Big Data Security with HadoopBig Data Security with Hadoop
Big Data Security with HadoopCloudera, Inc.
 
Information security in big data -privacy and data mining
Information security in big data -privacy and data miningInformation security in big data -privacy and data mining
Information security in big data -privacy and data miningharithavijay94
 
Big Data Security and Governance
Big Data Security and GovernanceBig Data Security and Governance
Big Data Security and GovernanceDataWorks Summit/Hadoop Summit
 
ODCA DevOps: Magnifying Business Value
ODCA DevOps: Magnifying Business ValueODCA DevOps: Magnifying Business Value
ODCA DevOps: Magnifying Business ValueOpen Data Center Alliance
 
Cloud & Enterprise IT. Hybrid IT, Coexistence Strategies
Cloud & Enterprise IT. Hybrid IT, Coexistence StrategiesCloud & Enterprise IT. Hybrid IT, Coexistence Strategies
Cloud & Enterprise IT. Hybrid IT, Coexistence StrategiesOpen Data Center Alliance
 
Open Data Center Alliance 2014 Member Survey on Cloud Adoption
Open Data Center Alliance 2014 Member Survey on Cloud AdoptionOpen Data Center Alliance 2014 Member Survey on Cloud Adoption
Open Data Center Alliance 2014 Member Survey on Cloud AdoptionOpen Data Center Alliance
 
ODCA Board Best Practice: High Performance Computing at BMW
ODCA Board Best Practice: High Performance Computing at BMWODCA Board Best Practice: High Performance Computing at BMW
ODCA Board Best Practice: High Performance Computing at BMWOpen Data Center Alliance
 
Forecast 2014: Making Better Business Decisions with Big Data and IoT
Forecast 2014: Making Better Business Decisions with Big Data and IoTForecast 2014: Making Better Business Decisions with Big Data and IoT
Forecast 2014: Making Better Business Decisions with Big Data and IoTOpen Data Center Alliance
 
Forecast 2014: The Grand Challenge, Simplifying IT to Unleash Innovation
Forecast 2014: The Grand Challenge, Simplifying IT to Unleash InnovationForecast 2014: The Grand Challenge, Simplifying IT to Unleash Innovation
Forecast 2014: The Grand Challenge, Simplifying IT to Unleash InnovationOpen Data Center Alliance
 
Forecast 2014: Why Open Platforms Matter to Enterprises and Developers
Forecast 2014: Why Open Platforms Matter to Enterprises and DevelopersForecast 2014: Why Open Platforms Matter to Enterprises and Developers
Forecast 2014: Why Open Platforms Matter to Enterprises and DevelopersOpen Data Center Alliance
 
Forecast 2014: ODCA Cloud Maturity Model V2.0
Forecast 2014: ODCA Cloud Maturity Model V2.0Forecast 2014: ODCA Cloud Maturity Model V2.0
Forecast 2014: ODCA Cloud Maturity Model V2.0Open Data Center Alliance
 
Forecast 2014: TOSCA: An Open Standard for Business Application Agility and P...
Forecast 2014: TOSCA: An Open Standard for Business Application Agility and P...Forecast 2014: TOSCA: An Open Standard for Business Application Agility and P...
Forecast 2014: TOSCA: An Open Standard for Business Application Agility and P...Open Data Center Alliance
 
Forecast 2014: Maximizing Your Cloud Service Quality and Costs
Forecast 2014: Maximizing Your Cloud Service Quality and Costs Forecast 2014: Maximizing Your Cloud Service Quality and Costs
Forecast 2014: Maximizing Your Cloud Service Quality and Costs Open Data Center Alliance
 
Forecast 2014: TOSCA Proof of Concept
Forecast 2014: TOSCA Proof of ConceptForecast 2014: TOSCA Proof of Concept
Forecast 2014: TOSCA Proof of ConceptOpen Data Center Alliance
 
Forecast 2014: Welcome to the ODCA University - School is Way Cool!
Forecast 2014: Welcome to the ODCA University - School is Way Cool!Forecast 2014: Welcome to the ODCA University - School is Way Cool!
Forecast 2014: Welcome to the ODCA University - School is Way Cool!Open Data Center Alliance
 

Weitere ähnliche Inhalte

Andere mochten auch

Network Security‬ and Big ‪‎Data Analytics‬
Network Security‬ and Big ‪‎Data Analytics‬Network Security‬ and Big ‪‎Data Analytics‬
Network Security‬ and Big ‪‎Data Analytics‬Allot Communications
 
Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence Stefaan Van daele
 
Big Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat ProtectionBig Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat ProtectionBlue Coat
 
Workshop: Big Data Visualization for Security
Workshop: Big Data Visualization for SecurityWorkshop: Big Data Visualization for Security
Workshop: Big Data Visualization for SecurityRaffael Marty
 
Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)Peter Wood
 
Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title) Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title) Coastal Pet Products, Inc.
 
Big Data Security with Hadoop
Big Data Security with HadoopBig Data Security with Hadoop
Big Data Security with HadoopCloudera, Inc.
 
Information security in big data -privacy and data mining
Information security in big data -privacy and data miningInformation security in big data -privacy and data mining
Information security in big data -privacy and data miningharithavijay94
 

Andere mochten auch (10)

Network Security‬ and Big ‪‎Data Analytics‬
Network Security‬ and Big ‪‎Data Analytics‬Network Security‬ and Big ‪‎Data Analytics‬
Network Security‬ and Big ‪‎Data Analytics‬
 
Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence
 
Big Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat ProtectionBig Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat Protection
 
Workshop: Big Data Visualization for Security
Workshop: Big Data Visualization for SecurityWorkshop: Big Data Visualization for Security
Workshop: Big Data Visualization for Security
 
Big data security
Big data securityBig data security
Big data security
 
Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)
 
Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title) Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title)
 
Big Data Security with Hadoop
Big Data Security with HadoopBig Data Security with Hadoop
Big Data Security with Hadoop
 
Information security in big data -privacy and data mining
Information security in big data -privacy and data miningInformation security in big data -privacy and data mining
Information security in big data -privacy and data mining
 
Big Data Security and Governance
Big Data Security and GovernanceBig Data Security and Governance
Big Data Security and Governance
 

Mehr von Open Data Center Alliance

Cloud & Enterprise IT. Hybrid IT, Coexistence Strategies
Cloud & Enterprise IT. Hybrid IT, Coexistence StrategiesCloud & Enterprise IT. Hybrid IT, Coexistence Strategies
Cloud & Enterprise IT. Hybrid IT, Coexistence StrategiesOpen Data Center Alliance
 
Open Data Center Alliance 2014 Member Survey on Cloud Adoption
Open Data Center Alliance 2014 Member Survey on Cloud AdoptionOpen Data Center Alliance 2014 Member Survey on Cloud Adoption
Open Data Center Alliance 2014 Member Survey on Cloud AdoptionOpen Data Center Alliance
 
ODCA Board Best Practice: High Performance Computing at BMW
ODCA Board Best Practice: High Performance Computing at BMWODCA Board Best Practice: High Performance Computing at BMW
ODCA Board Best Practice: High Performance Computing at BMWOpen Data Center Alliance
 
Forecast 2014: Making Better Business Decisions with Big Data and IoT
Forecast 2014: Making Better Business Decisions with Big Data and IoTForecast 2014: Making Better Business Decisions with Big Data and IoT
Forecast 2014: Making Better Business Decisions with Big Data and IoTOpen Data Center Alliance
 
Forecast 2014: The Grand Challenge, Simplifying IT to Unleash Innovation
Forecast 2014: The Grand Challenge, Simplifying IT to Unleash InnovationForecast 2014: The Grand Challenge, Simplifying IT to Unleash Innovation
Forecast 2014: The Grand Challenge, Simplifying IT to Unleash InnovationOpen Data Center Alliance
 
Forecast 2014: Why Open Platforms Matter to Enterprises and Developers
Forecast 2014: Why Open Platforms Matter to Enterprises and DevelopersForecast 2014: Why Open Platforms Matter to Enterprises and Developers
Forecast 2014: Why Open Platforms Matter to Enterprises and DevelopersOpen Data Center Alliance
 
Forecast 2014: ODCA Cloud Maturity Model V2.0
Forecast 2014: ODCA Cloud Maturity Model V2.0Forecast 2014: ODCA Cloud Maturity Model V2.0
Forecast 2014: ODCA Cloud Maturity Model V2.0Open Data Center Alliance
 
Forecast 2014: TOSCA: An Open Standard for Business Application Agility and P...
Forecast 2014: TOSCA: An Open Standard for Business Application Agility and P...Forecast 2014: TOSCA: An Open Standard for Business Application Agility and P...
Forecast 2014: TOSCA: An Open Standard for Business Application Agility and P...Open Data Center Alliance
 
Forecast 2014: Maximizing Your Cloud Service Quality and Costs
Forecast 2014: Maximizing Your Cloud Service Quality and Costs Forecast 2014: Maximizing Your Cloud Service Quality and Costs
Forecast 2014: Maximizing Your Cloud Service Quality and Costs Open Data Center Alliance
 
Forecast 2014: Welcome to the ODCA University - School is Way Cool!
Forecast 2014: Welcome to the ODCA University - School is Way Cool!Forecast 2014: Welcome to the ODCA University - School is Way Cool!
Forecast 2014: Welcome to the ODCA University - School is Way Cool!Open Data Center Alliance
 
Forecast 2014: Software Defined Networking - What's New?
Forecast 2014: Software Defined Networking - What's New? Forecast 2014: Software Defined Networking - What's New?
Forecast 2014: Software Defined Networking - What's New? Open Data Center Alliance
 
Forecast 2014: Infrastructure as a Service (IaaS)
Forecast 2014: Infrastructure as a Service (IaaS)Forecast 2014: Infrastructure as a Service (IaaS)
Forecast 2014: Infrastructure as a Service (IaaS)Open Data Center Alliance
 
Forecast 2014: Business Strategy Enabled by Cloud
Forecast 2014: Business Strategy Enabled by Cloud Forecast 2014: Business Strategy Enabled by Cloud
Forecast 2014: Business Strategy Enabled by Cloud Open Data Center Alliance
 
Forecast 2014 Keynote: Re-architecting the Data Center for the Digital Servic...
Forecast 2014 Keynote: Re-architecting the Data Center for the Digital Servic...Forecast 2014 Keynote: Re-architecting the Data Center for the Digital Servic...
Forecast 2014 Keynote: Re-architecting the Data Center for the Digital Servic...Open Data Center Alliance
 

Mehr von Open Data Center Alliance (20)

ODCA DevOps: Magnifying Business Value
ODCA DevOps: Magnifying Business ValueODCA DevOps: Magnifying Business Value
ODCA DevOps: Magnifying Business Value
 
Cloud & Enterprise IT. Hybrid IT, Coexistence Strategies
Cloud & Enterprise IT. Hybrid IT, Coexistence StrategiesCloud & Enterprise IT. Hybrid IT, Coexistence Strategies
Cloud & Enterprise IT. Hybrid IT, Coexistence Strategies
 
Open Data Center Alliance 2014 Member Survey on Cloud Adoption
Open Data Center Alliance 2014 Member Survey on Cloud AdoptionOpen Data Center Alliance 2014 Member Survey on Cloud Adoption
Open Data Center Alliance 2014 Member Survey on Cloud Adoption
 
ODCA Board Best Practice: High Performance Computing at BMW
ODCA Board Best Practice: High Performance Computing at BMWODCA Board Best Practice: High Performance Computing at BMW
ODCA Board Best Practice: High Performance Computing at BMW
 
Forecast 2014: Making Better Business Decisions with Big Data and IoT
Forecast 2014: Making Better Business Decisions with Big Data and IoTForecast 2014: Making Better Business Decisions with Big Data and IoT
Forecast 2014: Making Better Business Decisions with Big Data and IoT
 
Forecast 2014: The Grand Challenge, Simplifying IT to Unleash Innovation
Forecast 2014: The Grand Challenge, Simplifying IT to Unleash InnovationForecast 2014: The Grand Challenge, Simplifying IT to Unleash Innovation
Forecast 2014: The Grand Challenge, Simplifying IT to Unleash Innovation
 
Forecast 2014: Why Open Platforms Matter to Enterprises and Developers
Forecast 2014: Why Open Platforms Matter to Enterprises and DevelopersForecast 2014: Why Open Platforms Matter to Enterprises and Developers
Forecast 2014: Why Open Platforms Matter to Enterprises and Developers
 
Forecast 2014: ODCA Cloud Maturity Model V2.0
Forecast 2014: ODCA Cloud Maturity Model V2.0Forecast 2014: ODCA Cloud Maturity Model V2.0
Forecast 2014: ODCA Cloud Maturity Model V2.0
 
Forecast 2014: TOSCA: An Open Standard for Business Application Agility and P...
Forecast 2014: TOSCA: An Open Standard for Business Application Agility and P...Forecast 2014: TOSCA: An Open Standard for Business Application Agility and P...
Forecast 2014: TOSCA: An Open Standard for Business Application Agility and P...
 
Forecast 2014: Maximizing Your Cloud Service Quality and Costs
Forecast 2014: Maximizing Your Cloud Service Quality and Costs Forecast 2014: Maximizing Your Cloud Service Quality and Costs
Forecast 2014: Maximizing Your Cloud Service Quality and Costs
 
Forecast 2014: TOSCA Proof of Concept
Forecast 2014: TOSCA Proof of ConceptForecast 2014: TOSCA Proof of Concept
Forecast 2014: TOSCA Proof of Concept
 
Forecast 2014: Welcome to the ODCA University - School is Way Cool!
Forecast 2014: Welcome to the ODCA University - School is Way Cool!Forecast 2014: Welcome to the ODCA University - School is Way Cool!
Forecast 2014: Welcome to the ODCA University - School is Way Cool!
 
Forecast 2014: Software Defined Networking - What's New?
Forecast 2014: Software Defined Networking - What's New? Forecast 2014: Software Defined Networking - What's New?
Forecast 2014: Software Defined Networking - What's New?
 
Forecast 2014: Cloud-Aware Applications
Forecast 2014: Cloud-Aware Applications Forecast 2014: Cloud-Aware Applications
Forecast 2014: Cloud-Aware Applications
 
Forecast 2014: eDiscovery and Forensics
Forecast 2014: eDiscovery and Forensics Forecast 2014: eDiscovery and Forensics
Forecast 2014: eDiscovery and Forensics
 
Forecast 2014: Cloud Service Brokering
Forecast 2014: Cloud Service BrokeringForecast 2014: Cloud Service Brokering
Forecast 2014: Cloud Service Brokering
 
Forecast 2014: Infrastructure as a Service (IaaS)
Forecast 2014: Infrastructure as a Service (IaaS)Forecast 2014: Infrastructure as a Service (IaaS)
Forecast 2014: Infrastructure as a Service (IaaS)
 
Forecast 2014: SaaS Data Exchange
Forecast 2014: SaaS Data ExchangeForecast 2014: SaaS Data Exchange
Forecast 2014: SaaS Data Exchange
 
Forecast 2014: Business Strategy Enabled by Cloud
Forecast 2014: Business Strategy Enabled by Cloud Forecast 2014: Business Strategy Enabled by Cloud
Forecast 2014: Business Strategy Enabled by Cloud
 
Forecast 2014 Keynote: Re-architecting the Data Center for the Digital Servic...
Forecast 2014 Keynote: Re-architecting the Data Center for the Digital Servic...Forecast 2014 Keynote: Re-architecting the Data Center for the Digital Servic...
Forecast 2014 Keynote: Re-architecting the Data Center for the Digital Servic...
 

Kürzlich hochgeladen

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 

Kürzlich hochgeladen (20)

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 

The Security of Big Data: An Enterprise Perspective

  • 1. BIG DATA, CLOUD, SECURITY, AND ODCA USAGE MODELS Ian Lamont BMW AG
  • 2. ODCA Big Data and Security Seminar | 2 BIG DATA (WIKIPEDIA) Big Data is the term for a collection of data sets so large that it becomes difficult to process using hands-on database management tools and processing applications. The challenges include capture, curation, storage, search, sharing, transfer, analysis, and visualisation.
  • 3. ODCA Big Data and Security Seminar | 3 CHALLENGES • Privacy (particularly in Europe)  Security  Valid and fair usage  Right to be forgotten  Jurisdiction
  • 4. ODCA Big Data and Security Seminar | 4 BIG DATA (WIKIPEDIA) Big Data is the term for a collection of data sets so large that it becomes difficult to process using hands-on database management tools and processing applications. The challenges include capture, curation, storage, search, sharing, transfer, analysis, and visualisation.
  • 5. ODCA Big Data and Security Seminar | 5 BIG DATA SECURITY
  • 6. ODCA Big Data and Security Seminar | 6 PLATFORM SECURITY • Provider Assurance Usage Model  Provides standard definitions of Security for Cloud Services  Bronze, Silver, Gold, and Platinum.  Mirror internal security levels to external requirements.
  • 7. ODCA Big Data and Security Seminar | 7 NETWORK AND FIREWALL ISOLATION Network segregation and firewalls are required to protect all assets managed in the cloud. The level of involvement of the cloud provider in the management of firewall rule sets will vary depending on the level of service offered. Bronze The firewall rule sets are managed by the cloud provider with no direct involvement of the cloud subscriber. Silver The firewall rule sets are managed by the cloud provider with changes advised to the cloud subscriber before implementation. The cloud provider should offer network segmentation between logical tiers. Gold The firewall rule sets are managed by the cloud subscriber. The cloud provider retains access to the firewall at the administrator level in order to provide system maintenance. The cloud provider must offer network segmentation between logical tiers and should offer Layer-7 protection to prevent application- level attacks. Platinum The cloud provider has no access to firewalls. All admin tasks including rule updates are managed by the cloud subscriber. The cloud provider must offer network segregation between logical tiers and Layer-7 protection to prevent application-level attacks.
  • 8. ODCA Big Data and Security Seminar | 8 VULNERABILITY MANAGEMENT A vulnerability management process that ensures installation of system and software patches within the targets is identified below. The test process must ensure proper function of the patch and compatibility to the actual target systems with no negative impact on resource utilization (i.e., memory and CPU consumption). Bronze Vulnerabilities with a basic Common Vulnerability Scoring System (CVSS) score of greater than 9 (or those rated as High by Microsoft or other vendors) must be patched within 96 hours; all others within 1 month. Silver Vulnerabilities with a basic CVSS score of greater than 5 (or those rated as Medium or High by Microsoft or other vendors) must be patched within 96 hours; all others within 1 month. Gold Vulnerabilities with a basic CVSS score of greater than 2 (or those rated as Low, Medium, or High by Microsoft or other vendors) must be patched within 96 hours; all others within 1 month. Platinum All vulnerabilities must be patched within 24 hours of their release by the vendor.
  • 9. ODCA Big Data and Security Seminar | 9 PLATFORM SECURITY
  • 10. ODCA Big Data and Security Seminar | 10 BIG DATA SECURITY
  • 11. ODCA Big Data and Security Seminar | 11 DATA SECURITY • Encryption  Data at Rest  Data in Transit • Data Masking  Anonymization and Pseudonymization • Access Methods  User type profiling • Backup, Restore, and Archiving
  • 12. ODCA Big Data and Security Seminar | 12 DATA LIFECYCLE
  • 13. ODCA Big Data and Security Seminar | 13 ACCESS POINTS
  • 14. ODCA Big Data and Security Seminar | 14 DATA FLOW 1
  • 15. ODCA Big Data and Security Seminar | 15 DATA FLOW 2
  • 16. ODCA Big Data and Security Seminar | 16 IDENTITY AND ACCESS MANAGEMENT • Identity Provisioning • Governance and Auditing • Privileged User Access • Single Sign On
  • 17. ODCA Big Data and Security Seminar | 17 IDM BASIC MODEL
  • 18. ODCA Big Data and Security Seminar | 18 IDM CLOUD MODEL
  • 19. ODCA Big Data and Security Seminar | 19 IDM GOVERNANCE
  • 20. ODCA Big Data and Security Seminar | 20 OTHER ODCA COLLATERAL • Security Monitoring • Interoperability • Guide to • SaaS Interoperability • Information as a Service • also Data Mgmt for Info_aaS • and much more ……
  • 21. ODCA Big Data and Security Seminar | 21 OTHER PROBLEMS / CHALLENGES !!! • e-Discovery (UM coming soonish) • Data Ownership • plus anything else you can think of !
  • 22. ODCA Big Data and Security Seminar | 22 Standardized Response Checklists Accelerate TTM Shared Practices Drive Scale Streamlined Requirements Accelerate Adoption Available to Members at: www.opendatacenteralliance.org URL for Public content: www.opendatacenteralliance.org MORE INFORMATION AND ASSETS
  • 23. ODCA Big Data and Security Seminar | 23 Go forth (securely) and Big Data QUESTIONS Artist: Thierry Gregorius
  • 24. ODCA Big Data and Security Seminar | 24 www.opendatacenteralliance.org