sb-au logo
Story image

How to address the security risks created by big data

08 Jun 2017

Big data is full of possibilities - including possibilities for security breaches. The more data your organisation has, the more likely they'll be targeted by an attack according to advice from Aleron.

“Never before has so much information been so readily available to organisations. Those that have worked out how to aggregate and analyse that data effectively are reaping benefits such as better, faster decision-making, improved understanding of customer behaviour, and the ability to predict some future events," comments Alex Morkos, Aleron's director.

However, he believes that organisations haven't quite mastered the security challenges associated with it.

“The more data an organisation possesses, the more likely it is that they’ll be a target for attack. This is especially true if they collect and store sensitive information such as credit card details, mailing addresses, passwords, and so on; cybercriminals can gain big financial rewards once they have their hands on this data.”

Breaches also come with tough consequences, and not just through financial penalties. Once customers lose faith in businesses, it's hard to get them back.

“Data is both friend and foe; it can help organisations be more effective but it can also make them a target. Too many organisations are holding onto massive amounts of data that they don’t need anymore. When the analysis project is done, businesses should look to dispose of the information safely. However, for many organisations there’s almost a fear of missing out if they delete the data," Morkos explains.

Aleron has put together a list of six key tips to protect data and reputations:

1. Decide what data really needs to be collected. Some businesses collect data for its own sake rather than for a specific analysis purpose. This is dangerous, as it leads to overwhelming amounts of data that are hard to protect. Businesses should limit data collection to the information required for specific purposes. This is also a requirement of the Australian Privacy Act.

2. Understand the value of data. Many organisations don’t even know what data they possess, nor do they know its value. This value increases the more data is connected. Until the value is known, organisations can’t make informed decisions on what to do with that data and how to protect it.

3. Classify data so it can be found. Data is constantly in motion. Classifying it makes it easier to find and, therefore, protect.

4. Employ a mature data infrastructure team. Managing data appropriately is essential to minimising the risk. This means storing or managing the storage of data in a way it can defend itself, or being able to de-personalising information where possible and deleting it where appropriate.

5. Know where the data lives. For some organisations, data lives in a mixture of on-premise and cloud-based repositories and is regularly transmitted for analysis purposes. It’s important to know where data lives and how those locations may affect its safety. For example, data stored in offshore data centres may not be subject to the same privacy laws as data held in Australia.

6. Educate staff regarding data policies. Staff members are often the weakest link in data protection, albeit often unwittingly. Educating staff regarding data collection, storage, and analysis policies and procedures reduces the chances they will inadvertently cause a breach.

“Businesses shouldn’t be afraid to leverage big data. However, they should protect themselves and their customers and stakeholders by putting strong security measures in place. This includes security technology as well as processes and policies designed to keep information safe, both at rest and in transit," Morkos concludes.

Link image
Email threats remain prominent months into pandemic
With the surge in remote working, new cybersecurity risks have thrived, and productivity challenges abound. Having a top-notch solution can save many a security headache.More
Story image
Trend Micro launches cloud solution for Microsoft Azure
“The security of the cloud is a cloud providers’ responsibility, but security in the cloud falls to the customer, which is where we fit."More
Download image
Strengthen the weakest link in your security chain
Globalisation. Remote working. High-turnover workforces. These factors and more add up to make increasingly dynamic workforces - and without proper management, your business could fall behind.More
Download image
Why there's a huge push for NFV in today's enterprises
To help networking and IT professionals better understand the opportunities and challenges associated with deploying NFV technology, new research based on responses from more than 1,300 IT and networking professionals from around the world is now available. More
Story image
Data breaches costing companies millions - could incident response help?
On average, data breaches cost companies $3.86 million per breach, with compromised employee accounts the most expensive root cause.More
Story image
Interview: Acronis co-founder on going all-in for DLP
Data-loss prevention (DLP) strategies are a cornerstone of wider cybersecurity ecosystems, especially to counter the risks of remote working. Acronis co-founder Stas Protassov explains its significance and why it acquired a DLP powerhouse.More