IBM Software Four steps to a proactive big data security and privacy strategy



Similar documents
IBM InfoSphere Guardium Data Activity Monitor for Hadoop-based systems

How To Protect Data From Attack On A Computer System

Securing and protecting the organization s most sensitive data

Strengthen security with intelligent identity and access management

IBM Security QRadar Risk Manager

IBM Security QRadar Risk Manager

IBM Software Top tips for securing big data environments

8 Steps to Holistic Database Security

IBM Security Privileged Identity Manager helps prevent insider threats

Preemptive security solutions for healthcare

For healthcare, change is in the air and in the cloud

IBM Security QRadar Vulnerability Manager

Applying IBM Security solutions to the NIST Cybersecurity Framework

Boosting enterprise security with integrated log management

IBM Software Five steps to successful application consolidation and retirement

Safeguarding the cloud with IBM Dynamic Cloud Security

How To Create An Insight Analysis For Cyber Security

Breaking down silos of protection: An integrated approach to managing application security

IBM Unstructured Data Identification and Management

Business-driven governance: Managing policies for data retention

IBM Data Security Services for endpoint data protection endpoint data loss prevention solution

IBM Software Cloud service delivery and management

IBM Data Security Services for endpoint data protection endpoint data loss prevention solution

Stay ahead of insiderthreats with predictive,intelligent security

Risk-based solutions for managing application security

IBM Software Wrangling big data: Fundamentals of data lifecycle management

IBM Security X-Force Threat Intelligence

IBM Software Understanding big data so you can act with confidence

Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs

The Smart Archive strategy from IBM

IBM Policy Assessment and Compliance

The IBM Cognos family

IBM ediscovery Identification and Collection

Simplify security management in the cloud

Empowering intelligent utility networks with visibility and control

IBM Analytics Make sense of your data

IBM SmartCloud for Service Providers

Reducing the cost and complexity of endpoint management

Application Monitoring for SAP

Getting the most out of big data

IBM InfoSphere Optim Data Masking solution

IBM PowerSC. Security and compliance solution designed to protect virtualized datacenters. Highlights. IBM Systems and Technology Data Sheet

Safeguarding the cloud with IBM Security solutions

IBM Software Integrating and governing big data

IBM Security Intrusion Prevention Solutions

Four keys to effectively monitor and control secure file transfer

IBM SmartCloud Monitoring

IBM Software Delivering trusted information for the modern data warehouse

Embracing SaaS: A Blueprint for IT Success

IBM Software Business-driven data privacy policies

Driving workload automation across the enterprise

IBM Analytical Decision Management

Adopt a unified, holistic approach to a broad range of data security challenges with IBM Data Security Services.

Beyond passwords: Protect the mobile enterprise with smarter security solutions

Data Security: Fight Insider Threats & Protect Your Sensitive Data

The Impact of HIPAA and HITECH

Consolidated security management for mainframe clouds

IBM Software A Journey to Adaptive MDM

Making critical connections: predictive analytics in government

A Websense Research Brief Prevent Data Loss and Comply with Payment Card Industry Data Security Standards

Move beyond monitoring to holistic management of application performance

Security management solutions White paper. IBM Tivoli and Consul: Facilitating security audit and compliance for heterogeneous environments.

Teradata and Protegrity High-Value Protection for High-Value Data

IBM InfoSphere Guardium Vulnerability Assessment

White paper September Realizing business value with mainframe security management

IBM Software InfoSphere Guardium. Planning a data security and auditing deployment for Hadoop

IBM Endpoint Manager for Server Automation

IBM Cognos Enterprise: Powerful and scalable business intelligence and performance management

Big Data, Big Risk, Big Rewards. Hussein Syed

Secure Data Transmission Solutions for the Management and Control of Big Data

Strategies for assessing cloud security

IBM Analytics. The truth about information governance and the cloud

IBM Software Top Three Myths about Big Data Security

Cisco SAFE: A Security Reference Architecture

The IBM Cognos family

Beyond listening Driving better decisions with business intelligence from social sources

Avoiding insider threats to enterprise security

IBM InfoSphere Guardium Vulnerability Assessment

Gaining the upper hand in today s cyber security battle

Continuing the MDM journey

Optimize workloads to achieve success with cloud and big data

IBM Software IBM Business Process Management Suite. Increase business agility with the IBM Business Process Management Suite

Big data management with IBM General Parallel File System

IBM InfoSphere Optim Test Data Management

Addressing IT governance, risk and compliance (GRC) to meet regulatory requirements and reduce operational risk in financial services organizations

Securing the mobile enterprise with IBM Security solutions

Predictive analytics with System z

Data Privacy: The High Cost of Unprotected Sensitive Data 6 Step Data Privacy Protection Plan

How To Use Big Data To Help A Retailer

IBM Software The fundamentals of data lifecycle management in the era of big data

Provide access control with innovative solutions from IBM.

Real-time asset location visibility improves operational efficiencies

Reduce your data storage footprint and tame the information explosion

IBM Content Analytics with Enterprise Search, Version 3.0

AD Management Survey: Reveals Security as Key Challenge

Smarter Energy: optimizing and integrating renewable energy resources

Securing the Cloud infrastructure with IBM Dynamic Cloud Security

Transcription:

Four steps to a proactive big data security and privacy strategy Elevate data security to the boardroom agenda

Contents 2

Introduction You ve probably heard the saying Data is the new oil. Just as raw oil can be turned into fuel to power everything from lawnmowers to jets, analyzing data can generate transformative insights, whether for individualizing marketing campaigns, understanding business risks or creating smarter cities. And like oil companies on the quest for new wells, leading organizations are looking to develop more and deeper insights by extending their enterprise architectures to accommodate data from new sources. When organizations integrate data from these disparate sources with their existing enterprise data, they get a better view into their customers, business operations and competitors. However, the power to harness big data comes with the responsibility to safeguard it both externally and internally. Big data contains valuable information some of it sensitive customer data that creates a lot of risk. It can be a honeypot for internal and external attackers, but accidental and unforeseen data leaks are just as damaging as deliberate attacks. As today s organizations accumulate more data in on-premises and cloud repositories, the risk of a data breach rises accordingly. In fact, the Identity Theft Resource Center recorded 30 percent more breaches in 2013 compared to 2012, and pegged compromised records for 2013 at a whopping 91 million worldwide. 1 This ebook outlines four steps to develop a proactive approach to data security and privacy that will help you keep big data safe, and shows how IBM InfoSphere solutions can help protect data while giving your staff the right levels of access to do their jobs efficiently and accurately. 3

Why a proactive data security approach matters In December 2013, a leading retailer was a victim of a data security breach. Thieves siphoned off massive amounts of payment card information, putting more than 40 million customers at risk of identity theft. 2 Spectacular breaches like this are increasing pressure on governments to develop new legislation that holds enterprises more accountable for data security failures. Unfortunately for the corporate victims, recent breaches also mark a turning point in consumer tolerance. The failure to protect data has not only resulted in stiff financial penalties levied by governments and trade groups; it also has led to measurable increases in customer churn, shrinking brand equity and even falling share prices. No time to wait for security Given the increasing reliance on big data for business insight and competitive advantage and the risk to revenue and reputation if that data is misused organizations must take a proactive approach to secure enterprise data and enhance defenses against emerging threats. Well-established mandates such as the Sarbanes- Oxley Act, Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry Data Security Standard (PCI DSS), Federal Information Security Management Act (FISMA) and the European Union (EU) Data Privacy Directive were created as a result of past fraud, theft and data misuse. 4

Why a proactive data security approach matters 4 As shown in Figure 1, data breaches can happen for a variety of reasons. Whatever the cause and wherever the data resides whether in a data warehouse or on an Apache Hadoop platform breaches have an adverse impact on the business. A proactive and holistic approach to data security and privacy helps organizations mitigate risk, demonstrate compliance and prepare for additional regulatory constraints without interrupting critical business processes or daily operations. Such an approach also helps organizations tailor policies and processes for different types of data and the different information needs of internal and external stakeholders without compromising business process efficiency. US: $201 per compromised record Germany: $195 per compromised record. Common cause of breaches: Malicious/ criminal attacks India: $51 per compromised record. Common cause of breaches: System glitch, business process failure UK: Common cause of breaches: Human error Brazil: $70 per compromised record. Common cause of breaches: Human error Arabian region: Common cause of breaches: Malicious/ criminal attacks Source: Ponemon Institute. "2014 Global Cost of Data Breach Study: Global Study," sponsored by IBM. May 2014. ibm.com/services/costofbreach Figure 1. Data breach costs and causes vary around the world, but all have damaging effects on reputation and budgets. 5

Becoming proactive: A four-step process Four steps can help you achieve a proactive approach to security and privacy: 1. Discover and classify sensitive data Protecting sensitive data first requires defining what sensitive data means for your enterprise. Once that is clear, determine where sensitive data resides and how it is related to other information and systems. Document the various types of sensitive data and their locations to create a heat map for protection efforts. 2. Harden the environment Once sensitive data is understood and discovered, it s time to harden the environment. Sensitive data both structured and unstructured can be obfuscated through data masking and encryption. First, be sure you have a comprehensive enterprise security strategy in place. Next, confirm that security policies and procedures fit with your strategy and support compliance with regulatory mandates. Finally, evaluate your systems to ensure they enforce the security policies. 3. Secure and continuously monitor access to the data Enterprise data stores require real-time insight to protect and audit data access. Policy-based controls should rapidly detect unauthorized or suspicious activity and alert key personnel. In addition, databases and file shares need protection against internal threats, accidental leaks and malicious activity and should be continually monitored for weaknesses. 4. Protect and remain vigilant As data risks rise, regulators expect organizations not only to increase their reporting, but also to enact auditable data management processes. Confirm that your audit reporting and sign-offs facilitate compliance processes while using intelligent workflows, pre-configured reports and other capabilities to keep costs low and minimize technical and business disruptions. As an iterative process, further protection is introduced with the creation and discovery of additional sensitive data and with changes in regulations and internal policies. 6

The IBM approach to holistic data security and privacy Why IBM InfoSphere for data security and privacy? 8 Progressing through the four steps requires a clear path and solid supporting technology. Based on its years of experience with data security and information governance, IBM has developed a holistic approach to data security and privacy that is anchored by integrated technology and processes designed for the needs of big data (see Figure 2). Throughout the four-step process, IBM helps organizations to: Protect against and prevent data breaches and fraud, from both internal and external sources Control access to sensitive information Streamline the process for compliance around data protection through automation and centralization In addition, IBM solutions offer the ability to scale in an efficient and cost-effective manner as your business grows. Continuously assess database vulnerabilities Monitor entitlements and database credentials Centralize reporting Discover and classify Define sensitive data Discover data sources Classify sensitive data Promote IT/business collaboration Protect and remain vigilant Harden the environment Enable privileged user monitoring Deliver real-time alerts on configuration changes Utilize preconfigured policies and reports Make use of built-in compliance workflows and automated security policies Secure and monitor Enforce change control Mask sensitive data Prevent cyberattacks Encrypt data at rest Figure 2. IBM capabilities support the four steps to achieve holistic data security and privacy with the tools and technologies to help keep data protected yet accessible. 7

Why IBM InfoSphere for data security and privacy? 8 Why IBM InfoSphere for data security and privacy? Data security and privacy are key elements of the IBM InfoSphere Information Integration and Governance (IIG) portfolio, which helps organizations build confidence in big data. InfoSphere solutions deliver an enterprise-class foundation for information-intensive projects, providing the performance, scalability, reliability and acceleration needed to simplify big data challenges and deliver trusted information in a timely fashion. IBM solutions are open and modular and support all aspects of data security and privacy for all types of data including structured, semi-structured and unstructured data no matter where it resides. This broad scope helps organizations proactively protect data and support compliance initiatives while reducing total cost of operations and minimizing risk. With unique breadth and depth in both data governance and other data security and privacy capabilities across industries and geographies, IBM can help you align your people, processes, technology and information to create a cohesive, coordinated approach to data security. IBM data security: Backed by world-class R&D IBM operates one of the world s broadest organizations for data security research, development and delivery, comprising 9 security operations centers, 9 research centers, 11 software security development labs and an Institute for Advanced Security with chapters in the United States, Europe and Asia-Pacific. InfoSphere users can leverage built-in automation capabilities to simplify the process of adapting to changes in audit requirements and the data environment. Audit information from multiple data sources and collectors is automatically normalized and aggregated into a single, secure, centralized audit repository with advanced reporting and analytics. In addition, there is extensive application programming interface (API) support for script-based automation and automated information sharing between functions. These capabilities enhance ROI and enable IT to effectively implement data security even amid shrinking teams and budgets. 8

Target data protection with IBM big data and governance solutions 9 It s time to get started The direct and indirect costs associated with data breaches will only continue to escalate. The time to secure enterprise data is now, before big data, analytics and business intelligence initiatives progress to production stages without compliance controls. While many organizations start data security initiatives with compliance in mind, forward-thinking organizations shift to a risk-based model, incorporating data security as a cornerstone for all their business initiatives. This approach positions these organizations to easily adapt to regulatory mandates as they are enacted and enforced. Forward-thinking companies also elevate the importance of data security by making it a part of the boardroom agenda and standard business processes. Data security and privacy are best practices in all of their big data, analytics and business intelligence initiatives. Target data protection with IBM big data and governance solutions Unlike piecemeal approaches, a best practicesbased, holistic approach to data protection aligns people, processes and technologies to help organizations secure data throughout its lifecycle. Data security solutions from IBM support big data environments that include Hadoop, NoSQL and in-memory database platforms. Built-in automation capabilities help reduce the inefficiencies associated with manual tasks and enable the organization to protect data and comply without any adverse impact on the day-to-day business processes. 9

It s time to get started 9 Target data protection with IBM big data and governance solutions 9 Two InfoSphere solutions provide valuable data security and privacy control (see Figure 3): Continuously monitor data access, protect repositories from data breaches and support compliance with IBM InfoSphere Guardium. Ensure that sensitive data is masked and protected with InfoSphere Optim data lifecycle management solutions. To learn more about these data security and privacy solutions, visit: ibm.com/software/data/guardium and ibm.com/software/data/optim Big data environment Data at rest Configuration Data in motion 101 0010 10 AB CDE JKL 101 010 10 AB CDE JKL 101 010 10 Discovery and classification Masking and encryption Vulnerability assessment Entitlements reporting Activity monitoring Blocking and quarantine Dynamic data masking InfoSphere Optim and InfoSphere Guardium Discover Harden Monitor Protect Figure 3. Implement end-to-end data security and privacy with IBM InfoSphere solutions. 10

It s time to get started 9 Target data protection with IBM big data and governance solutions 9 As a core component of IBM Watson Foundations, the IBM big data and analytics platform, InfoSphere solutions offer comprehensive capabilities for information integration and governance that build an infrastructure for data security (see Figure 4). In addition to information security and privacy solutions, InfoSphere provides other critical information governance capabilities, including: Metadata, business glossary and policy management Data integration, including batch data transformation and movement, real-time replication and data federation Data quality Master data management (MDM) Data lifecycle management Figure 4. IBM Watson Foundations supports an integrated approach to big data and analytics. 11

Resources To learn more about the IBM approach to information integration and governance for data security and privacy initiatives, please contact your IBM representative or IBM Business Partner, or check out these resources: Comprehensive data protection for physical, virtual and cloud infrastructures Top Three Myths about Big Data Security Top tips for securing big data environments Webcast: Forrester Research. Inc. - Why big data doesn t have to mean big security challenges Additionally, IBM Global Financing can help you acquire the software capabilities that your business needs in the most cost-effective and strategic way possible. We ll partner with credit-qualified clients to customize a financing solution to suit your business and development goals, enable effective cash management, and improve your total cost of ownership. Fund your critical IT investment and propel your business forward with IBM Global Financing. For more information, visit: ibm.com/financing 12

Copyright IBM Corporation 2014 IBM Corporation Software Group Route 100 Somers, NY 10589 Produced in the United States of America June 2014 IBM, the IBM logo, ibm.com, Guardium, IBM Watson, InfoSphere, and Optim are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the web at Copyright and trademark information at ibm.com/legal/ copytrade.shtml This document is current as of the initial date of publication and may be changed by IBM at any time. Not all offerings are available in every country in which IBM operates. THE INFORMATION IN THIS DOCUMENT IS PROVIDED AS IS WITHOUT ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING WITHOUT ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OR CONDITION OF NON-INFRINGEMENT. IBM products are warranted according to the terms and conditions of the agreements under which they are provided. 1 2013 Identity Theft Resource Center Breach List. March 24, 2014. www.idtheftcenter.org/images/breach/2013/ UpdatedITRCBreachReport2013.pdf 2 Target.com: Data breach FAQ. https://corporate.target.com/about/shopping-experience/payment-card-issue-faq The client is responsible for ensuring compliance with laws and regulations applicable to it. IBM does not provide legal advice or represent or warrant that its services or products will ensure that the client is in compliance with any law or regulation. Please Recycle IMM14158-USEN-00

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information