Monday, January 14, 2013

Big Data Solution for the Big Security Problem

Recently, I wrote about the content security dilemma. As much as we are trying to secure our information without completely giving up on convenience, we can barely stay one step ahead of the bad guys. The hackers, equipped with easily available immense computing power are using brute-force attacks to overcome even the most sophisticated authentication and encryption technologies.

The inconvenient truth remains, that we don’t really have any practical security today outside the perimeter security measures offered by encryption. As soon as the information leaves the secure repository, it is basically no longer secure. If I share a report with you via email, social software, or shared folder, I can only hope that my trust in you will be rewarded by your discretion. If not, you can easily share the document with anyone and I can’t do anything about it.

So what do we do? How do we secure our data in transit? After all, we have to make it travel to put it to work. Data locked up in a vault is of limited value. The answer isn’t easy and it will likely consist of multiple measures.

First, we will adopt advanced means of authentication to ensure that it really is the right person accessing the data. I have described some of such advanced authentication in the above mentioned article - ranging from multi-factor authentication to, yes, chip implants.

Next, we will employ our social media networks as a mean of collective endorsement of authenticity. Authenticity is an issue for both, the people and the information assets. Is the message from Barack Obama really from the President or from an imposter? Is the report I’ve received the right report or has it been substituted by malicious disinformation? Endorsement by a group of people doesn’t completely solve the problem, of course, but it adds another hurdle for the bad guys. Just think of the product reviews on Amazon. Sure, they can be fake but it is a lot of work to fake them and so most of them can be trusted and so can be the products they endorse.

Finally, we will see a greater use of analytics to identify any suspicious behavior - just like the credit card companies do today. The idea is that they trust every transaction as long as the transaction remains within the expected pattern of behavior. When the behavior deviates from the expected pattern, you get one of those calls. Most of us have received a call alerting us to a fraudulent transaction at some point. The system works. It may not prevent the initial fraudulent transaction but with a sufficient audit trail, that transaction can be investigated. What’s important, though, is that the timely detection prevents any subsequent transactions.

This is a big data problem in need of a big data solution.  Analytics software will be reviewing the behavior patterns of people accessing data and detecting any behavior that is out of the norm. Such behaviors will be flagged for investigation while the system shuts down any additional data exposure.


Yet again, there is no perfect solution in sight. But we may have a few options to stay ahead of the bad guys. Because for the foreseeable future, information security remains an arms race. The only way to defend ourselves from the ever smarter hackers will be our ever stronger defenses.

4 comments:

  1. Good post. I am going to save the URL and will definitely visit again.

    ReplyDelete
  2. This is very interesting. I really love this article, I got to learn some new things and I'm excited to share them with my colleagues. This is an awesome site by the way.

    ReplyDelete
  3. This is a stunning concept that can potentially enhance the security systems at a significant level. I think that this counters for most of the departments that can prove vital for them. The business security are immensely requiring the safety more prominently.

    ReplyDelete