Security Experts:

Native Hadoop Security Tools Fall Short in Big Data Environments: Survey

While an overwhelming majority of Hadoop users agree that data security is a critical requirement, most disagree or are not sure that its native security tools provide enough protection for their sensitive data, according to a recent survey.

When a small but targeted audience of 150 attendees at last month's Strata + Hadoop World Summit in San Jose were, Calif. were asked whether data security is a critical requirement for their Hadoop data lake or hub, 86 percent said that it was.

The survey, conducted Protegrity, a provider of enterprise data security solutions, also found that 80 percent of respondents said their organizations will be spending more on Hadoop-related projects this year.

"When 89 percent of the Big Data professionals we surveyed disagree or are not sure that security tools native to Hadoop provide enough protection for their sensitive data, it demonstrates a tremendous need for increased education around Big Data security and the availability of more robust data security solutions for Hadoop," said Protegrity CEO Suni Munshani.

In terms of usage, 80 percent of those surveyed indicated that their organizations are already using Hadoop in production environments.

"Enterprises are storing and processing data across many execution engines at a scale that has not been possible before. This in turn has made security a crucial component of enterprise Hadoop," said Munshani. "Given how those surveyed said that production deployments and spending on Hadoop Big Data projects are increasing, responsible organizations are looking to apply enterprise-grade security to their highly sensitive data in Hadoop to meet corporate risk management standards, privacy policies and complex compliance and regulatory requirements."

"While not surprising, these findings are alarming. They show that in the past few years enterprise technology environments have changed dramatically but the tools used to secure them haven't adapted accordingly," Andrew Rubin, CEO of Illumio, told SecurityWeek. "Today, 80 percent of the traffic within data centers, which include Hadoop databases, ha s little-to-no form of network security applied. There is an absolute lack of needed segmentation, encryption or visualization of any sort.”

"Since the vast bulk of breaches occur inside the data center, IT managers must turn to new approaches and invest in solutions that reduce attack surfaces, enable encryption and stay a step ahead of the most worrisome threats," Rubin added.

Related: Managing Security Permissions of Data Subsets in Hadoop

view counter
For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.