Big Data Cloud Companies Must Rethink Data Security

Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...

By Jimmy H. Koo

Aug. 26 — Companies engaged in big data analytics that use the cloud must evolve beyond traditional security measures to protect small-scale static data stored on networks with firewalls because such measures provide inadequate data security, according to an Aug. 26 Cloud Security Alliance handbook.

The “Big Data Security and Privacy Handbook” outlined 100 best practices for big data service providers to strengthen their infrastructure. In addition to typical cybersecurity measures, including authentication and access control, the handbook recommended using top of the line cryptographic technologies.

The amount of data that companies collect is expected to double every two years and companies need to be aware that privacy and security issues are “magnified by the volume, variety and the velocity of big data,” the handbook said.

“Today, big data is cheaply and easily accessible to organizations large and small through public cloud infrastructure,” the CSA handbook said. However, this “coupling of big data with public cloud environments” has created new security challenges, according to the handbook. It said that “streaming data demands ultra-fast response times from security and privacy solutions.”

Big Data Isn't Inherently Insecure

The CSA said that it isn't the existence of large amounts of data that creates new security threats.

“The current uses of big data are novel because organizations of all sizes now have access to the information and the means to employ it,” it said. In the past, big data was used only by very large users with the resources and the infrastructure necessary to host and mine tremendous amounts of data. Today, big data is easily and cheaply available to all organizations through the cloud, the handbook said.

The CSA handbook provides 10 considerations for each of the 10 big data risks and threats outlined in CSA's April 2013 report, including end-point input validation and filtering, real-time security monitoring, granular access control and cryptographically enforced data centric security.

By Jimmy H. Koo

To contact the reporter on this story: Jimmy H. Koo in Washington at

To contact the editors responsible for this story: Donald G. Aplin at ; George R. Lynch at

Copyright © 2016 The Bureau of National Affairs, Inc. All Rights Reserved.

Request Bloomberg Law Privacy and Data Security