Much of the growth in Big Data projects in recent years is derived from the performance and flexibility of virtualisation and cloud computing. The flexibility to protect data wherever it resides is critical to the continued success of many Big Data projects. Virtualised security appliances providing a complete range of unified threat management (UTM) functionality must be positioned at key locations throughout the public, private, and hybrid cloud architectures frequently found in Big Data environments.
The biggest gaps today are in authentication, authorisation, role based access control, auditing, monitoring, backup and recovery. The difficulty in capturing, managing, and processing information quickly in Big Data environments will continue to make security an afterthought in many organisations. As portable storage and bandwidth continue to increase, the mobility of these larger data sets will also increase resulting in breaches and disclosure of sensitive data sets.
Fortinet is already addressing many of the above issues with our product line today but we will continue to improve these products in 2013 and beyond, helping enterprises tackle Big Data security issues more effectively and at lower cost.
Organisations of all sizes are both excited by the opportunities the cloud provides and concerned about the challenges posed by moving data and applications to the cloud. In spite of the potential for increased ROI and lower TCO, securing data in the cloud is often cited as the No. 1 concern by IT professionals looking to take advantage of cloud-based services.
There are a variety of security challenges related to both private and public cloud computing. Two commonly cited ones are the exposure of sensitive data to unauthorised personnel and data loss. It is imperative that organisations look carefully at how its data will be protected as it enters, travels through and leaves the cloud.
Securing Data Entering and Leaving the Cloud
Data entering and leaving the cloud should be subjected to the same level of scrutiny as any other data entering or leaving the network. Critical network security technologies such as firewall, intrusion prevention, application control and content filtering need to provide that level of scrutiny.
The additional challenge associated with securing data in the cloud is that the security architecture must also secure the multi-tenant nature of the traffic. This means the security architecture must have the ability to enforce separate policies on traffic, depending on origin or destination. The security technologies in place must also have the ability to keep traffic entirely separate in order to avoid any risk of unauthorised access.
Securing Data in the Cloud
Once data is in the cloud, new challenges around security emerge. The primary concern is the need to maintain control over data as it flows from virtual machine to virtual machine. Traditional hardware-based appliances have no control over the data once in the cloud, which requires the presence of virtual security appliances to inspect and protect the data in the virtualised environment.
Sign up for CIO Asia eNewsletters.