Welcome!

SDN Journal Authors: Liz McMillan, Yeshim Deniz, Elizabeth White, Pat Romanski, TJ Randall

Related Topics: @DXWorldExpo, Microsoft Cloud, Agile Computing, @CloudExpo, Cloud Security, SDN Journal

@DXWorldExpo: Article

Five Big Questions About Big Data Encryption

The NSA PRISM story is raising the stakes on Data Privacy. Encryption has never been more important

A few months ago experts predicted 2013 would be the Year of Big Data. To a large extent, those predictions have been spot on, with Big Data investment on the rise and success stories emerging across a variety of industries from insurance to pharma to professional basketball.

The Big Data narrative may be shifting though, as debate around data privacy heats up. No doubt the two topics are almost inextricably linked, as the PBS News Hour points out, but it wasn’t until late last week that the issue of data privacy became a trending topic in the U.S.

Citizens can vent, politicians can banter, news media can report, but the reality is Big Data is not going to be regulated away for the sake of privacy, so it’s incumbent upon organizations that collect big data to secure it, and ensure the data never falls into the hands of unauthorized individuals.

Encryption is one of the most widely used and effective means of securing big data, and organizations don’t need to hire a cryptographer to implement it.

Below are five questions you must ask before selecting an encryption and key management vendor:

1. Does the solution give you full control over your keys, even as data flows from one system to another?
It’s often said that key management is the hardest part of data encryption. That’s because there’s often a lack of clarity around key management and access. When evaluating encryption vendors, be sure to ask what types of key control policies can be established to prevent unauthorized access, and always be sure the data owner, not the cloud provider or other administrator, has complete control of the encryption keys.

2. Does the encryption solution allow for separation of duties between authorized personnel and systems administrators?
What good is data encryption if everyone, whether they need it or not, has access to the encrypted data? Proper, policy-controlled key management allows for separation of duties that allows system and cloud administrators to perform their jobs but restricts them from accessing encrypted data.

Remember, the most important part of key management is ensuring the keys do not reside on the same server as the encrypted data. This is akin to locking your car and leaving the keys in the driver’s side door.

3. Does the solution work in mixed IT environments where data is stored in public and private clouds as well as in an on-premises data center?
Look for a software-based encryption solution that performs just as well in an on-prem data center as it does in the cloud. Remember that regardless of where the data is stored, it’s important that the data owner, not the hosting provider, retain possession and management of the crypto keys. If your encryption solution doesn’t allow you to manage the keys, then look elsewhere.

4. Has the solution been tested and/or benchmarked on the applications running in your environment?
Most large organizations utilize a variety of database applications from the more traditional like MySQL and PostgreSQL to newer big data apps like Cassandra, MongoDB and HBase. To ensure your encryption utility functions cross-platform and meets your performance standards, ask your provider whether they’ve tested against the databases that are most important to you.

5. Does the solution use NIST-validated encryption algorithms?
The National Institute of Standards and Technology (NIST) Computer Security Division publishes security requirements, FIPS 140-2, for cryptographic modules. If your vendor solution uses FIPS-validated crypto modules, you can feel confident in the strength of their cryptographic algorithm.

Let’s face it, big data isn’t going away. The value derived from it is simply way too valuable. And like anything else of value, it's time to take security seriously. If you are collecting and interacting with data, it’s your responsibility to protect it - protect the privacy of your customers, your employees and your IP. If your business relies on data, it’s time to get vocal and ask the hard questions.

More Stories By David Tishgart

David Tishgart is a Director of Product Marketing at Cloudera, focused on the company's cloud products, strategy, and partnerships. Prior to joining Cloudera, he ran business development and marketing at Gazzang, an enterprise security software company that was eventually acquired by Cloudera. He brings nearly two decades of experience in enterprise software, hardware, and services marketing to Cloudera. He holds a bachelor's degree in journalism from the University of Texas at Austin.

CloudEXPO Stories
Nicolas Fierro is CEO of MIMIR Blockchain Solutions. He is a programmer, technologist, and operations dev who has worked with Ethereum and blockchain since 2014. His knowledge in blockchain dates to when he performed dev ops services to the Ethereum Foundation as one the privileged few developers to work with the original core team in Switzerland.
Organize your corporate travel faster, at lower cost. Hotailors is a next-gen AI-powered travel platform. What is Hotailors? Hotailors is a platform for organising business travels that grants access to the best real-time offers from 2.000.000+ hotels and 700+ airlines in the whole world. Thanks to our solution you can plan, book & expense business trips in less than 5 minutes. Accordingly to your travel policy, budget limits and cashless for your employees. With our reporting, integrations and real-time analytics, you can easily control your travel policy, reduce spendings and increase the efficiency of your company. Hotailors ia an artificial intelligence powered marketplace for business travels. Friendly to use technology based on artificial intelligence to plan, book and expense business travel in 5 minutes. Within one login on one dashboard, user has access to almos...
Digital Transformation (DX) is a major focus with the introduction of DXWorldEXPO within the program. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throughout enterprises of all sizes. We are offering early bird savings on all ticket types where you can save significant amount of money by purchasing your conference tickets today.
"Calligo is a cloud service provider with data privacy at the heart of what we do. We are a typical Infrastructure as a Service cloud provider but it's been designed around data privacy," explained Julian Box, CEO and co-founder of Calligo, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
DXWorldEXPO LLC announced today that the upcoming DXWorldEXPO | DevOpsSUMMIT | CloudEXPO New York will feature 10 companies from Poland to participate at the "Poland Digital Transformation Pavilion" on November 12-13, 2018. Polish Digital Transformation companies which will exhibit at CloudEXPO | DevOpsSUMMIT | DXWorldEXPO include All in Mobile, dhosting, Cryptomage, Perfect Gym, Polcom, Apius Technologies, Aplisens, ELZAB SA, TELDAT, and Rebug.io.