© 2014 IBM Corporation

Big Data – Big RiskHow do you protect your sensitive data?

October 2014

David Valovcindvalovcin@us.ibm.com

© 2014 IBM Corporation2

A New Era of Smart

Requirement:

Extracting insight from an immense volume, variety and velocity of data, in a timely and cost-effective manner.

The Big Data opportunity comes with big security risks

All kinds of data

Large volumes

Valuable insight, but difficult to extract

Often extremely time sensitive

What is big data?

• What kind of information is stored in big data?

• Who’s watching big data access?

• How do you ensure compliance?

• Security is the key to enabling enterprise rollouts of big data

• If it’s not secure, it can be breached.

© 2014 IBM Corporation3

A New Era of Smart

Data breaches are in the news every weekA “Fear Factor” is causing some orgs to hold back on new mobile, cloud, and big data initiatives

Data-breach costs take toll on Target profit… its profit in the fourth quarter fell 46 percent on a revenue decline of 5.3

percent as the breach scared off customers worried about the security of their private data.

Account Takeover:

Bank Faces Two Suits

Health Breach Tally: 30 Million Victims

More than 30.6 million individuals have been affected by major healthcare data breaches since September 2009

Canadian Breach: Sorting Out the Cause

Gaps in carrying out security policies led to the exposure of 583,000 records last year at Employment and Social Development Canada,totaling $1.5 million

in allegedly fraudulent wires

© 2014 IBM Corporation4

A New Era of Smart

Risks are increasing . . .

© 2014 IBM Corporation5

A New Era of Smart

© 2014 IBM Corporation6

A New Era of Smart

© 2014 IBM Corporation7

A New Era of Smart

http://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012_en_xg.pdf?CMP=DMC-SMB_Z_ZZ_ZZ_Z_TV_N_Z038

Time span of events by percent of breaches

7

Minutes to compromise, months to discover & remediate

Time span of events by percent of breaches

© 2014 IBM Corporation8

A New Era of Smart

Compliance – many regulations both internal & external

8 8

© 2014 IBM Corporation9

A New Era of Smart

9

Key drivers for data security can be compliance

HIPAAHealth Insurance Portability and Accountability Act. The Privacy Rule and Security Rule specifies protections of sensitive patient information.

PCI-DSSPayment Care Industry Data Security Standard. Technical and operational requirements to protect cardholder data.

SOXSarbanes-Oxley Act. Response to financial fraud, most concerned with financial data integrity and transparency.

© 2014 IBM Corporation10

A New Era of Smart

© 2014 IBM Corporation11

A New Era of Smart

Where is the sensitive

data?

How to prevent

unauthorized activities?

How to protect

sensitive data to reduce

risk?

How to secure the

repository?

DiscoveryClassification

Identity & Access Management

Activity Monitoring

AlertingOutliers

Masking/ EncryptionAssessment

Who should have

access?

What is actually

happening?

Discover Harden Assess Monitor Report

Security Policies

Dormant Entitlements

Dormant Data

Compliance Reporting&

Security Alerts Data Protection&

Enforcement

Key questions to ask . . .

© 2014 IBM Corporation12

A New Era of Smart

Security and compliance concerns in Big Data environments

Structured

Unstructured

Streaming

Big Data Platform

Hadoop Cluster

Clients

• Who is running big data requests?

• What is being accessed?

• Is there an exceptional number of file permission exceptions?

• Are these jobs part of an authorized program list accessing the data?

• Has some new query application been developed that you were previously unaware existed (extracting sensitive data)?

© 2014 IBM Corporation13

A New Era of Smart

Information Ingestion

and Integration

Data Exploration

Archive

Real-timeAnalytics

Information Governance, Security and Business Continuity

Data Exploration

Enterprise Warehouse

Data Marts

InfoSphere Data Privacy for Hadoop

Structured

Streaming

Unstructured

Define and share big data project blueprints, data definitions

Discover and classify sensitive big data

Mask and redact sensitive data within and for Hadoop systems

Monitor Hadoop Data Activity

Big Data Repositories Analytics

CognitiveLearn Dynamically?

PrescriptiveBest Outcomes?

PredictiveWhat Could Happen?

DescriptiveWhat Has Happened?

Exploration and Discovery

What Do You Have?

Sources

InfoSphere BigInsights

© 2014 IBM Corporation14

A New Era of Smart

Key Characteristics

Real-time data activity monitoring for security & compliance

Non-invasive/disruptive, cross-platform architecture Minimal performance impact Prepackaged vulnerability knowledge base and compliance reports Detect or block unauthorized & suspicious activity Granular, real-time policies – who, what when & how Dynamically scalable 100% visibility into data transactions

Continuous, policy-based, real-time monitoring of all data traffic activities

Database infrastructure scanning for vulnerabilities and mis-configured privileges

Data protection compliance automation

Collector Appliance

Host-based probes (S-TAPs)

Data nodes(databases, warehouses, file

shares, Big Data)

© 2014 IBM Corporation15

A New Era of Smart

Extend real-time data activity monitoring across Big Data environments

DATA

InfoSphere BigInsights

DATABASES DATA WAREHOUSES

ENTERPRISE CONTENT MANAGERS

BIG DATA ENVIRONMENTS

FILE SHARES

FTP

ExadataD ATA B A S E

HANA

APPLICATIONS

Optim Archival

Siebel, PeopleSoft, E-Business

DATABASETOOLS

Master Data Management

Data Stage

CICS

InfoSphere Guardium

© 2014 IBM Corporation16

A New Era of Smart

16

Find, view, and filter information about monitored objects, systems, and users. Learn More

IBM InfoSphere Guardium

Open

Filters

View

Task Launcher

Tasks

More View

Audit Trail Summary HR/PROD/Europe

Apply

Where

Group: HR/Prod/Europe

Server: 15

Database: 189

Object: Select object

What

Policy: PCI

Rule: Select rule

Error: Select type

SQL: Select type

Who

User ID: Select user id

Group: Select group

Role: Select role

Grantor: Select grantor

When

History: 3 Hours

Start: Select date / time

End: Select date / time

SummaryDetails

Outliers

Errors Alerts Violations Report

Outliers tab shows the summary over time

© 2014 IBM Corporation17

A New Era of Smart

17

Report: Identify unauthorized jobs

Unauthorized program!

Predefined and customizable reports

© 2014 IBM Corporation18

A New Era of Smart

Guardium integrates with IT Infrastructure for seamless operations

Directory Services(Active Directory, LDAP, TDS, etc)

SIEM(IBM QRadar, Arcsight, RSA

Envision, etc) SNMP Dashboards(Tivoli Netcool, HP Openview, etc)

Change Ticketing Systems

(Tivoli Request Mgr, Remedy, Peregrine, etc)

Vulnerability Standards

(CVE, STIG, CIS Benchmark, SCAP)

Data Classification and Leak Protection

(Credit Card, Social Security, phone, custom, etc)

Security Management Platforms

(IBM QRadar, McAfee ePO )

Application Servers(IBM Websphere, IBM Cognos, Oracle

EBS, SAP, Siebel, Peoplesoft, etc )

Long Term Storage(IBM TSM, IBM Nettezza, EMC Centera,

FTP, SCP, Optim Archive etc)

Authentication(RSA SecurID, Radius, Kerberos,

LDAP)

Software Deployment(IBM Tivoli Provisioning Manager, RPM,

Native Distributions)

Send Alerts (CEF, CSV, Syslog, etc) Send

Events

• STAP

Web Application Firewalls

(F5 ASM)

© 2014 IBM Corporation19

A New Era of Smart

19

© 2014 IBM Corporation20

A New Era of Smart

Schedule a Client Value Engagement (CVE) at no cost to you• Business and IT: Narrow the communication gap• Easy to follow programmatic client-centric approach – determine possible benefits

from solution• Fast time to completion: Less than a weeks– deliverables easy to follow and

understand

Visit a lab for a deeper dive with our Product Managers and R&D teams• In-depth technical discussions & product demonstrations• Product roadmap discussions; get the latest on innovations and research• Collaborate with our best experts on your problems and potential solutions

Visit the web for more about InfoSphere solutions • Understanding and selecting data masking solutions• Understanding encryption requirements of PCI DSS• Managing compliance to protect enterprise data• Top tips for security big data environments• Three guiding principals to improve data security

You Tube: InfoSphere Guardium

Learn more about protecting Big Data and removing risk

@IBM_Guardium

© 2014 IBM Corporation

Thank You

David Valovcindvalovcin@us.ibm.com