Untitled Document
Untitled Document
Untitled Document
|
From the Blogosphere Big Data Security for Apache Hadoop
Ten Tips for HadoopWorld attendees
Oct. 27, 2012 09:00 AM
Big Data takes center stage today at the Strata Conference & Hadoop World in New York, the world’s largest gathering of the Apache Hadoop™ community. A key conversation topic will be how organizations can improve data security for Hadoop and the applications that run on the platform. As you know, Hadoop and similar data stores hold a lot of promise for organizations to finally gain some value out of the immense amount of data they're capturing. But HDFS, Hive and other nascent NoSQL technologies were not necessarily designed with comprehensive security in mind. Often what happens as big data projects grow is sensitive data like HIPAA data, PII and financial records get captured and stored. It's important this data remains secure at rest.
I polled my fellow co-workers at Gazzang last week, and asked them to come up with a top ten list for securing Apache Hadoop. Here's what they delivered. Enjoy:
Think about security before getting started – You don’t wait until after a burglary to put locks on your doors, and you should not wait until after a breach to secure your data. Make sure a serious data security discussion takes place before installing and feeding data into your Hadoop cluster.
Consider what data may get stored – If you are using Hadoop to store and run analytics against regulatory data, you likely need to comply with specific security requirements. If the stored data does not fall under regulatory jurisdiction, keep in mind the risks to your public reputation and potential loss of revenue if data such as personally identifiable information (PII) were breached.
Encrypt data at rest and in motion – Add transparent data encryption at the file layer as a first step toward enhancing the security of a big data project. SSL encryption can protect big data as it moves between nodes and applications.
As Securosis analyst Adrian Lane wrote in a recent blog, “File encryption addresses two attacker methods for circumventing normal application security controls. Encryption protects in case malicious users or administrators gain access to data nodes and directly inspect files, and it also renders stolen files or disk images unreadable. It is transparent to both Hadoop and calling applications and scales out as the cluster grows. This is a cost-effective way to address several data security threats.”
Store the keys away from the encrypted data – Storing encryption keys on the same server as the encrypted data is akin to locking your house and leaving the key in your front door. Instead, use a key management system that separates the key from the encrypted data.
Institute access controls – Establishing and enforcing policies that govern which people and processes can access data stored within Hadoop is essential for keeping rogue users and applications off your cluster.
Require multi-factor authentication - Multi-factor authentication can significantly reduce the likelihood of an account being compromised or access to Hadoop data being granted to an unauthorized party.
Use secure automation – Beyond data encryption, organizations should look to DevOps tools such as Chef or Puppet for automated patch and configuration management.
Frequently audit your environment – Project needs, data sets, cloud requirements and security risks are constantly changing. It’s important to make sure you are closely monitoring your Hadoop environment and performing frequent checks to ensure performance and security goals are being met.
Ask tough questions of your cloud provider – Be sure you know what your cloud provider is responsible for. Will they encrypt your data? Who will store and have access to your keys? How is your data retired when you no longer need it? How do they prevent data leakage?
Centralize accountability – Centralizing the accountability for data security ensures consistent policy enforcement and access control across diverse organizational silos and data sets.
Did we miss anything? If so, please comment below, and enjoy Strata +HadoopWorld.
About David TishgartAfter spending years at large corporations including Dell, AMD and BMC, David Tishgart joined the startup ranks leading product marketing for Gazzang. Focused on security for big data, he helps communicate the benefits and challenges that big data can present, offering practical solutions. When not ranting about encryption and key management, you can find David clamoring for a big data application that can fine tune his fantasy football team.
Untitled Document
| Cloud Expo - Cloud Looms Large on SYS-CON.TV |
 |
Cloud Expo 2012 East Opening Keynote by SHI
In this Cloud Expo Keynote, Henry Fastert, SHI's Chief Technologist and Managing Partner, will share insight on how the latest generation of cloud computing is now capable of addressing the needs of the enterprise mission critical applications. These mission-critical applications require computing infrastructure that is secure, optimizes performance, and is highly resilient. The purpose of the keynote is to highlight how the latest cloud computing designs have evolved in terms of security, availability, and overall service quality to meet the needs of mission critical applications.
|
|
John Engates, CTO of Rackspace Hosting Live From New York City
Last year, cloud computing pundits predicted that 2012 would be the year when the clouds would open. They were right as cloud computing enthusiasts all over are embracing the open ecosystem; however, denying one vendor the right to serve as the de facto API is only the tip of the iceberg of this computing climate change. Join Rackspace Chief Technology Officer John Engates as he discusses the open ecosystem and how ultimately, winning cloud technologies will be based on the ecosystem they represent.
|
|
Keynote: Step up to a Higher Cloud
Cloud is a transformational shift in computing that can have a powerful effect on enterprise IT when designed correctly and used to its full potential. Join Citrix in a discussion that centers on building, connecting and empowering users with cloud services and hear examples of how enterprises are solving real-world business challenges with an architecture and solution purpose-built for the cloud.
|
|
A Pragmatic Journey to the Cloud
As enterprise adoption of cloud computing accelerates, organizations must have a strategy and roadmap for moving to the cloud. Faced with different options including building a private cloud, subscribing to public clouds, or leveraging a hybrid cloud, organizations need a rational and pragmatic approach. This session explores the emerging trends in cloud computing and offers best practices for how organizations can successfully navigate a journey to the cloud.
|
 |
Cloud Expo Breaking News By Jeremy Geelan  If zettabytes of data exist, why is less than 1% of the world’s data being analyzed today? Seasoned entrepreneur and startup CEO Radhika Subramanian believes that the inability to analyze and gain value from Big Data is that organizations are taking a services-centered approach. As the title of the session implies, Subramanian believes that the data needs to do the talking, not armies of analysts searching and querying databases. Her company has developed high-speed, advanced algorithms to autom... May. 18, 2013 11:30 AM EDT Reads: 1,875 | By Jeremy Geelan  Need to scale your data tier? The foundation of every application is the database layer, and today application architects have more choices than ever. With these choices come new questions: Which database technology is best for your application? How can your application take advantage of Big Data technology? Can you run your relational database at Big Data scale? What does it take to implement a comprehensive data infrastructure, including your core database, incorporating SQL, No SQL and Big Da... May. 18, 2013 11:00 AM EDT Reads: 3,249 | By Elizabeth White  SYS-CON Events announced today that Zyrion Inc., the leading provider of Cloud and IT Monitoring software solutions, has been named “Entrance Carpet Sponsor” of SYS-CON's 12th International Cloud Expo, which will take place on June 10–13, 2013, at the Javits Center in New York City, New York.
Zyrion is the leading provider of integrated Cloud and Network monitoring software for distributed and complex datacenter environments, and offers the most scalable monitoring platform in the industry. Zyr... May. 18, 2013 11:00 AM EDT Reads: 1,024 | By Pat Romanski  The cloud-enabled data center sits at the center of IT transformation. It facilitates the interconnection and communities that come together, propelling growth for both buyers and sellers.
In his session at the 12th International Cloud Expo, Gerry Fassig, CoreSite’s Vice President of Sales, will discuss how CoreSite is bringing together best-of-breed partners through the Open Cloud Exchange resulting in public, private, and hybrid cloud interconnection and management as well as connectivity to... May. 18, 2013 11:00 AM EDT Reads: 1,094 | By Jeremy Geelan  At pennies per virtual machine-hour, the economics of cloud computing are both compelling and daunting to replicate. Whether you are building your own cloud infrastructure, building a public cloud or choosing a cloud service, there are key strategy and technology decisions that make the difference between success and failure.
This session will share industry best practices for deploying cloud infrastructure that maximize the benefits of cloud economics, agility and interoperability. Learn how... May. 18, 2013 11:00 AM EDT Reads: 221 | By Liz McMillan  With the right tools, file storage today can be in the cloud or on-premise, with seamless and secure access and publishing regardless of location. Novel, high-speed transport technologies that alleviate the bottlenecks and limitations of traditional data movement protocols are now intrinsically enabled for cloud object storage, such as Amazon Web Services S3 and Microsoft Windows Azure. Companies of all types and sizes can use the latest technology to ingest and distribute large media files to a... May. 18, 2013 10:45 AM EDT Reads: 1,175 | By Jeremy Geelan  Organizations across the world are increasingly starting to see the benefits of moving more and more services to the cloud. The focus on the cost-saving potential of cloud is rapidly shifting to completely transforming the business with cloud. As organizations are investing enormous sums on technology they are starting to realize that in order to maximize the return on investment and accelerate the business transformation process the first area of focus should be people. By ensuring the organiza... May. 18, 2013 10:45 AM EDT Reads: 1,243 | By Jeremy Geelan  Companies around the world are moving into on-premise private cloud environments. Many connect their private cloud to their public cloud service providers. In his session at 12th Cloud Expo | Cloud Expo New York [June 10-13], Brian Patrick Donaghy will talk about examples of what worked, what failed and why we should think about this evolution. May. 18, 2013 10:00 AM EDT Reads: 1,812 | By Liz McMillan  Enterprise cloud adoption revolves around pushing the BYOD movement and focusing on data security.
In his session at the 12th International Cloud Expo, Ross Brouse, COO and President of Solar VPS, will cover how cloud adoption is driven by consumerism, humanity’s need to socialize, our addiction to new gadgets and the ability of data to stay secure in a growing collaborative world. The cloud is a drug and we’re just getting hooked.
Ross Brouse is the COO and President of Solar VPS. He is a tr... May. 18, 2013 10:00 AM EDT Reads: 1,021 | By Jeremy Geelan  New, "Super-Sized" 4-Day Cloud Computing Bootcamp is a brief introduction to cloud computing carefully created and devised to help you keep up with evolving trends like Big Data, PaaS, APIs, Mobile, Social and Data Analytics. Solutions built around these topics require a sound cloud computing infrastructure to be successful while assisting customers harvest real benefits from this transformational change that is happening in the IT ecosystem. May. 18, 2013 10:00 AM EDT Reads: 721 |
Best Recent Articles on Cloud Computing & Big Data Topics  By Jeremy Geelan The Arlington, Virginia-based National Science Foundation has just released its "Report on Support for Cloud Computing" - in response to the America Competes Reauthorization Act of 2010, Section 524.
It is an absolute must-read for all concerned with current and future research projects in Cloud Computing. Reads: 8,303  By Jeremy Geelan "The volume of data we're generating now from machines pales in comparison to the volume of data we'll soon generate from our own bodies," says data security expert Dave Asprey. Writing in a Trend Micro blog, Asprey - who is one of the leaders in the emerging Quantified Self movement - explains his vision of a world in which personal biometrical data is shared via the cloud. Reads: 14,317  By Wolfram Jost Cloud computing has caught the attention of business leaders around the world in every
industry because of its enormous transformative potential. Visionary companies know that
the value of the cloud is far greater than the current focus solely on technology and operating
costs: when combined with a collaborative approach to designing processes, cloud computing
will change how we do business.
Reads: 19,721  By Elizabeth White Want to make sense of the hottest new concept in Enterprise IT?
Want to understand in just hours what experts have spent many hundreds of days deciphering?
Cloud computing is a technology that has rapidly evolving peppered with a lot of hype along the way. Customers find it hard to navigate through this and make sense of what aspects of this technology will give them real business benefit.
Cloud Computing Bootcamp, led by our 2013 Bootcamp Instructor Larry Carvalho, is a great way to get a practical understanding of this technology. We offer multiple days of actionable insight into what vendor offerings are currently available and help you comprehend their strategy.
The ever-popular Bootcamp, which is now held regularly around the world, is being held in conjunction with the 12th Cloud Expo, June 10-13, 2013, at the Javits Center, New York, NY. Reads: 10,407  By Larry Bettino Did you know that ninety percent of the data in the world has been created in the last two years? Every day, we create 2.5 quintillion (or 2.518) bytes of data, according to IBM.
As corporations across all industries globally are struggling with how to retain, aggregate and analyze this mounting volume of what the industry refers to as Big Data, it also provides a unique opportunity for innovative startups that recognize the business prospects Big Data presents. Big Data is not just unlocking new information but new sources of economic and business value.
Interactivity is driving Big Data, with people and machines both consuming and creating it. Digital companies focused on becoming good at aggregating and analyzing the data created by the end users of their product, who then provide their customers with solid insights taken from that data are at a distinct competitive advantage over others in the marketplace. Reads: 8,242  By Elizabeth White Industry-specific clouds are those PaaS, IaaS, and PaaS services that are tailored for a specific vertical, such as transportation, retail, finance, and health care. IDC sees a $65 billion market in these industry solutions for 2013, rising to $100 billion in 2016.
The value of industry-specific clouds is that businesses within a vertical can connect to applications, processes, and databases that are pre-defined for that vertical within a public or private cloud. They can extend processes and databases into the business domain, versus defining the data and processes within a generic cloud-based platform.
So, are industry specific clouds right for your business? What options are out there? How do you figure out the ROI? Reads: 6,010  By Pat Romanski SYS-CON Events announced today that Rackspace Hosting, the open cloud company, has been named "Platinum Plus Sponsor" of SYS-CON's 12th International Cloud Expo, which will take place on June 10-13, 2013, at the Javits Center in New York City, New York.
Rackspace® Hosting (NYSE: RAX) is the open cloud company, delivering open technologies and powering more than 205,000 customers worldwide. Rackspace provides its renowned Fanatical Support® across a broad portfolio of IT products, including Public Cloud, Private Cloud, Hybrid Hosting and Dedicated Hosting. Rackspace has been recognized by Bloomberg BusinessWeek as a Top 100 Performing Technology Company, is featured on Fortune's list of 100 Best Companies to Work For and is included on the Dow Jones Sustainability Index. Rackspace was positioned in the Leaders Quadrant by Gartner Inc. in the "2011 Magic Quadrant for Managed Hosting." Rackspace is headquartered in San Antonio with offices and data centers around the world.  By Liz McMillan 10th International Cloud Expo, held on June 11-14, 2012 at the Javits Center in New York City, featured four content-packed days with a rich array of sessions about the business and technical value of cloud computing led by exceptional speakers from every sector of the cloud computing ecosystem.
The Cloud Expo series is the fastest-growing Enterprise IT event in the past 10 years, devoted to every aspect of delivering massively scalable enterprise IT as a service.
We invite you to enjoy our photo album of the show - we'll be adding new images all week. Reads: 8,865  By Carmen Gonzalez Ulitzer.com announced "the World's 30 most influential Cloud bloggers," who collectively generated more than 24 million Ulitzer page views. Ulitzer's annual "most influential Cloud bloggers" list was announced at Cloud Expo, which drew more delegates than all other Cloud-related events put together worldwide. "The world's 50 most influential Cloud bloggers 2010" list will be announced at the Cloud Expo 2010 East, which will take place April 19-21, 2010, at the Jacob Javitz Convention Center, in New York City, with more than 5,000 expected to attend. Reads: 45,543  By Kevin Hartig Cloud computing is becoming one of the next industry buzz words. It joins the ranks of terms including: grid computing, utility computing, virtualization, clustering, etc.
Cloud computing overlaps some of the concepts of distributed, grid and utility computing, however it does have its own meaning if contextually used correctly. The conceptual overlap is partly due to technology changes, usages and implementations over the years.
Trends in usage of the terms from Google searches shows Cloud Computing is a relatively new term introduced in the past year. There has also been a decline in general interest of Grid, Utility and Distributed computing.
Likely they will be around in usage for quit a while to come. But Cloud computing has become the new buzz word driven largely by marketing and service offerings from big corporate players like Google, IBM and Amazon. Reads: 199,530  By Elizabeth White SYS-CON Events announced today that Dell Inc. has been named "Silver Sponsor" of SYS-CON's 12th International Cloud Expo, which will take place on June 10-13, 2013, at the Javits Center in New York City, New York.
For more than 28 years, Dell has empowered countries, communities, customers and people everywhere to use technology to realize their dreams. Customers trust Dell to deliver technology solutions that help them do and achieve more, whether they're at home, work, school or anywhere in their world. Learn more about Dell's story, purpose and people behind its customer-centric approach. Reads: 2,631  By Liz McMillan One of the most compelling promises of the cloud is that you can pull out a credit card and be working in minutes. No purchase orders to fill out, no equipment to wait for on the loading dock. Just instant access to the resources you need, when you need them. But accessibility comes at a price, and an unintentional consequence may be that you create yet another orphaned identity silo. Enterprise IT has spent years consolidating its mishmash of directories, only to discover that cloud now threatens to turn back their hard-won victories.
In his session at the 12th International Cloud Expo, Scott Morrison, CTO and Chief Architect at Layer 7 Technologies, will look at strategies to incorporate identity into cloud applications. Enterprise identity or social login can both be a part of your go-to-cloud strategy, but you must plan for this upfront, rather than try to retrofit identity and access control at a later date. Reads: 3,000 By Roger Strukhoff Cloud Expo, Cloud Expo East, Cloud Expo West, Cloud Expo Silicon Valley, Cloud Expo Europe, Cloud Expo Tokyo, Cloud Expo Prague, Cloud Expo Hong Kong, Cloud Expo Sao Paolo are trademarks and /or registered trademarks (USPTO serial number 85009040) of Cloud Expo, Inc. Reads: 16,886 |
 |
|
Save $500
on your “Golden Pass”!
Call 201.802.3020
or click here to Register
Early Bird Expires June 9th.
|
 |
|
 |
|
|
Coming Soon...
Submit your speaking proposal for
the upcoming Cloud Expo in
Santa Clara, CA!
[November 4-7, 2013]
|
 |
|
|
|
|
Please Call
201.802.3021
events (at) sys-con.com
|
 |
SYS-CON's Cloud Expo, held each year in California, New York, Prague, Tokyo, and Hong Kong is the world’s leading Cloud event in its 5th year, larger than all other Cloud events put together.
For sponsorship, exhibit opportunities, and show prospectus: . |
|
|
|
|
|
Singer
Tummler
Singer
Associates |
Taggart
SHI |
Vekiarides
TwinStrata |
Rodenski
Sala Group |
Saadi
SRA |
Linthicum
Cloud
Technology
Partners |
LaMear
Fpweb.net |
Renz
Code42 |
Sagar
Infosys |
Ariola
Parasoft |
Laczynski
Datapipe |
Baumann
Zimory |
Bain
ScaleOut
Software |
Lundberg
Hitachi Data
Systems |
Bowen
LSI |
Brown
Coraid |
|
 |
 |
|
| “ |
Great exhibits, great audience, great floor traffic, great conversations with IT leaders and folks in the channel." |
|
TOM LAYDOS
Director, Marketing & Sales Operations at Evolve IP |
| |
| “ |
We had a great experience! We look forward to helping the people we met at Cloud Expo build their businesses." |
|
Cari.net TWEET
|
| |
| “ |
The 2012 Cloud Expo in NY was a great success for the Dell cloud team as we met with many customers, partners, and cloud technologists." |
|
STEPHEN SPECTOR
Senior Product Marketing, Dell Cloud Services |
| |
| “ |
Cloud Expo turned out to be an amazing gathering of entrepreneurs." |
|
NISH BURKE
Product Marketing Manager, StorageCraft
|
|
|
|
|
|
| Senior Technologists including CIOs, CTOs, VPs of technology, IT directors and managers, network and storage managers, network engineers, enterprise architects, communications and networking specialists, directors of infrastructure Business Executives including CEOs, CMOs, CIOs, presidents, VPs, directors, business development; product and purchasing managers. |
|
 |
|
|
|
SYS-CON Media has a flourishing Media Partner program in which mutually beneficial promotion and benefits are arranged between our own leading Enterprise IT portals and events and those of our partners.
If you would like to participate, please provide us with details of your website/s and event/s or your organization and please include basic audience demographics as well as relevant metrics such as ave. page views per month.
To get involved, email Lissette Mercado at lissette@sys-con.com.
|
|
|
The World's Most Influential Blogs By Kevin Nikkhoo  A recent Gartner study states that the function of the modern CIO is in flux and that his or her future focus must incorporate digital assets (aka cloud-based data and applications) to remain relevant. Towards the goal of riding the sea change a compiler of stacks to a broker of business needs, secu... May. 18, 2013 09:00 AM EDT Reads: 874 | By Mark van Rijmenam  New technologies allow schools, colleges and universities to analyze absolutely everything that happens. From student behavior, testing results, career development of students as well as educational needs based on changing societies. A lot of this data has already been stored and is used for statist... May. 17, 2013 12:00 PM EDT Reads: 1,128 | By David Tishgart  I'd like to address a recent blog post in CloudTweaks titled, "Cloudera Not Cutting It With Big Data Security." The author makes a number of very salient and valid points about Hadoop security… or lack thereof.
Indeed the Apache Hadoop platform, which includes HDFS and MapReduce and other projects ... May. 17, 2013 09:45 AM EDT Reads: 1,070 | By Mark van Rijmenam  In the coming years, big data will change the way organisations and societies are operated and managed. Big data however, is not the only trend that will impact significantly how organisations operate. Another major trend at the moment is gamification. Gamification will change the way organisations ... May. 17, 2013 07:00 AM EDT Reads: 1,218 | By Gathering Clouds  We all talk about cloud differently, but is there a way we should be speaking about this tech?
Cloud computing is now a widely reported, if not accepted, IT movement that, depending on who you talk to, has changed or is changing the way businesses utilize infrastructure. May. 17, 2013 07:00 AM EDT Reads: 1,006 | By Lori MacVittie  The age of data center automation is upon us. Whether it's cloud or SDN or devops in general, automation as a means to achieve efficiency and, one hopes, free up resources that can be then redirected to focus on innovation.
As is always the case when we begin to move further upwards, abstracting ... May. 14, 2013 09:00 AM EDT Reads: 610 | By Keith Mayer  Windows Azure Virtual Networks offers the power to open up several cross-premises use case scenarios, including Active Directory Disaster Recovery, SQL Database Replication, Windows Server 2012 DFS-R File Replication, Accelerated Cloud File Services with BranchCache, Hybrid Web Applications and MORE... May. 13, 2013 09:00 AM EDT Reads: 1,731 | By Gilad Parann-Nissany  As the infrastructure cloud market (IaaS and PaaS) continues to grow rapidly, we are seeing quite a few customers who are delivering an application – whether it is a mission-critical or SaaS application – and basing their solution on VMware.
VMware Security Cloud Encryption cloud keyboard Cloud Enc... May. 13, 2013 09:00 AM EDT Reads: 1,256 | By Jim Kaskade  Have you heard of products like IBM’s InfoSphere Streams, Tibco’s Event Processing product, or Oracle’s CEP product? All good examples of commercially available stream processing technologies which help you process events in real-time.
I’ve been asked what I consider as “Big Data” versus “Small Dat... May. 11, 2013 10:00 AM EDT Reads: 1,319 | By Keith Mayer  My fellow Technical Evangelists and I have authored a content series that steps through building your very own Private Cloud by leveraging Windows Server 2012, our FREE Hyper-V Server 2012, Windows Azure Infrastructure Services ( IaaS ) and System Center 2012 Service Pack 1.
Week-by-week, we walk ... May. 11, 2013 09:00 AM EDT Reads: 1,970 |
Untitled Document
|
|
|
S.F.S.
Dell |
Singer
NRO |
Pereyra
Oracle |
Ryan
OpSource |
Butte
PwC |
Leone
Oracle |
Riley
AWS |
Varia
AWS |
Lye
Oracle |
O'Connor
AppZero |
Crandell
RightScale |
Nucci
Dell Boomi |
Hillier
CiRBA |
Morrison
Layer 7 Tech |
Robbins
NYT |
Schwarz
Oracle |
|
|
|
.gif)
