Compliance, big data and data security – three prongs of a particularly complex set of requirements for business. Whilst the latter pair, big data and data security, pose a significant challenge on their own, combined with the General Data Protection Regulation (GDPR), they become near untenable without significant consideration and investment.
With GDPR now looming, having been codified into EU law for almost the last year, organisations that once believed they could take advantage of big data easily and securely find themselves sorely mistaken.
Indeed, when managing data, the need for the compliance and security of that information has been paramount. But with the advent of actual, usable, big data, these two requirements have become far more complex.
According to recent commissioned research from Forrester, surveying 150 enterprise data security decision makers, there was a significant gap between what these specialists rated as “very important” versus what they were actually prepared for in terms of security. Whilst 41% believed that “sensitive data discovery or classification” ranked as “very important” as a key capability, just over half of those (23%) felt they were “very prepared” to deal with the issue. Of privileged user monitoring, whilst 26% believed it was “very important” just 17% admitted to being “very prepared”.
In terms of compliance, we see a similar picture. Of those same decision makers, while 46% believed “proof of compliance” was “very important”, just 25% were very prepared. In closing, the research noted that in terms of security and compliance preparedness, compatibility, internal governance and allowing third-party administrator access to data were ranked as the top three challenges, at 46%, 37% and 35% respectively.
As more and more businesses adopt big data policies, taking disparate data sources and turning them into actionable insights, the requirement for compliant (and secure) business practices becomes pressing.
The issue, in many cases, comes down to two key areas - perception and budget. As business owners and key decision makers truly buy in to the benefits that big data can bring, any investment would, in theory, come at the detriment of other vital aspects. With the database element (MongoDB, NoSQL, etc.) of big data, however, we are now seeing an interesting shift. Built-in compliance and security functions.
Indeed, according to the research, Database Activity Monitoring (DAM) tools are now becoming a far more prevalent tool to bring greater visibility and control to business processes – at least in terms of big data management.
According to the authors of the report: “The consistent policies requirement makes perfect sense when you consider that most cloud migration will be a gradual process, since few organizations will be able to move everything at once … In-house security expertise is a must-have regardless of where data resides - in the cloud, on-premises, or both.”
The team continued, stating: “Realistically most organizations will probably end up managing both cloud and data center-hosted systems for a significant length of time.”
Today, cloud services are in a state of flux – a hybrid offering sat between public and private. As these requirements and solutions shift, however, so too do we see a shift in the compliance and security functions. While, traditionally, these functions have been entirely separate, with the ability to integrate this functionality within specific areas, it stands to reason that the divergent requirement for security and compliance lessens.
For businesses, the balance between big data usability, compliance and security is a continual challenge… but with a greater range of tools available to integrate these disparate requirements, it’s becoming an issue that is far more manageable.