Security&Governance
-
Upload
datio-big-data -
Category
Data & Analytics
-
view
230 -
download
0
Transcript of Security&Governance
BIG DATA IS STILL A NEW TECHNOLOGY FOR MOST ORGANISATIONS, AND ANY TECHNOLOGY THAT IS NOT WELL UNDERSTOOD WILL INTRODUCE NEW VULNERABILITIES
Many businesses already use Big Data to store data. However they may not have the access rights control required from a
security perspective.
Big Data breaches can be big, so data security becomes even more critical
CRITICAL RISKS IN BIG DATA PLATFORMS
∎ BIG data, BIGGER security leaks∎ The attack surface of the nodes in a cluster may not be adequately
hardened∎ Access to data from multiple locations may not be sufficiently controlled∎ Regulatory requirements with logs and audit trails may not be fulfilled,
BIG
CHALLENGE∎ Platform must have a comprehensive security
solution
∎ A secure integration into BBVA security is a need
GOSEC is a centralized security component managing fine-grained access control across Big Data services: HDFS, Cassandra, Kafka and Big Data web applications such as Viewer.
WHAT IS IT?GOSEC allows management policies controlling access to files, topics, tables, databases… These policies can be set for individual users or groups
USERS & GROUPS MANAGEMENT
Users & groups are not directly managed in GOSEC.They are always recovered from organization Identity Provider (LDAP).
USERS & GROUPS MANAGEMENT
Roles & profiles are an easy way to set up security policies for dynamic group memberships or user tasks.
USERS & GROUPS MANAGEMENT
Every operation is audited by GOSEC.
Only security admins have access to the audit log.
BBVA INTEGRATION
Synchronized IDP
Armadilloand Global Directory
Data Encoding
for Security
Strategy to prevent
internal and
external data
leakage
“DATA IS GOING TO DEFINE THE COMPETITIVE ADVANTAGE IN THE GLOBAL FINANCIAL ECOSYSTEM OF THE FUTURE”
“WE ARE BEGINNING TO BUILD DATA-DRIVEN BANK”Francisco González, November 2015
WHY IS DATA GOVERNANCE NECESSARY?
Large data volumes and various data
types
Democratize the use of the
data with new flexible
and agile exploitation
Data management policies that
ensure quality & traceability
Data Centric
WHAT WE EXPECT OF DATA GOVERNANCE?
Data DictionaryFunctional and Technical Level
LineageTraceability of data throughout its life cycle
QualityData Quality and Process Quality
Standards and Best PracticesStandards for each platform technology
Visualization and ExplorationGraphical solution for governance data