Welcome!

ColdFusion Authors: Yakov Fain, Maureen O'Gara, Nancy Y. Nee, Tad Anderson, Daniel Kaar

Related Topics: Cloud Expo

Cloud Expo: Article

Enabling Security and Compliance in Big Data

Big Data Compliance

An interesting subplot of this burgeoning, “capture everything” big data culture, is whether a single, byte size piece of information really matters anymore. Big data, after all is really about big picture thinking. At a high level, it’s about how we assemble – on a massive scale – unrelated bits of information to better inform our worldview.

There’s a really good post from a Dark Reading column that calls into question whether organizations running big data applications are able to recognize the individual bits of information that may fall under HIPAA, FERPA, PCI, SOX and other regulatory guidelines.

“If this growing mass of data is becoming increasingly unstructured and accessed from an ever-distributed cloud of users and applications looking to slice and dice it in a million and one ways, how can they be sure they're keeping tabs on the regulated information in all that mix?”

I recognize that encryption and key management are only part of a steady compliance diet, the importance of protecting sensitive bits of data, especially in a NoSQL data store, is critical.

I haven't mentioned my company before in this blog, but I wanted to take time to do so, because Gazzang has a pretty interesting list of clients that rely on us to secure regulatory data. Today Gazzang is working with several customers running big data apps in the U.S. and Europe. One of the primary reasons these companies turn to Gazzang is because we can help them secure those fine-grained bits of data in their Cassandra, Hadoop and MongoDB clusters.

For example, a multi-state educational alliance that promotes personalized learning is using Gazzang zNcrypt™ to encrypt and secure student data. This sensitive information resides on a mix of NoSQL and RDBMS platforms and is subject to the Family Educational Rights and Privacy Act.

We are also working with a European postal service to ensure their sensitive customer data remains confidential when stored on MySQL and MongoDB platforms in the cloud. This is information that falls under EU Data Privacy regulations. See this blog from our partner, Chess iX for further details.

These organizations understand that when it comes to big data security and compliance, the devil truly is in the details.

More Stories By David Tishgart

After spending years at large corporations including Dell, AMD and BMC, David Tishgart joined the startup ranks leading product marketing for Gazzang. Focused on security for big data, he helps communicate the benefits and challenges that big data can present, offering practical solutions. When not ranting about encryption and key management, you can find David clamoring for a big data application that can fine tune his fantasy football team.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.