Big Data Requires Even Bigger Security

This week we announced the industry’s first privileged Identity Management solution for Big Data.  Centrify has partnered with three of the leading Big Data analytics vendors — Cloudera, HortonWorks and MapR — to extend their security capabilities to include privileged identity management.

This announcement is very significant for the industry, not because of the partnerships themselves, but because we are working closely with these vendors at this critical pilot-to-production stage in the evolution of Big Data.

Let’s face facts: Despite the complexity of today’s threat landscape, we as an industry recognize that stronger security technology could have thwarted the numerous hacks and identity thefts that have plagued recent headlines. We know that precautions can be taken, and we know we have either not paid sufficient attention to the risk or have taken an (ill-) educated risk in deciding not to address security. We also know that security technology has been around for a very long time and that leveraging this technology has not been front and center.

This announcement is significant because Centrify really is the first privileged identity management vendor to focus on Big Data. We are raising the bar and declaring that the deployment of production Big Data environments without privileged identity management is a mistake.

Screen Shot 2015-02-17 at 6.47.50 PMIt’s a mistake because when Big Data goes into production it becomes the high-risk asset itself; it becomes the focus for cyber attackers because people know how much sensitive data it contains.

Missing privileged identity management for Big Data means that insider threats are more likely. Insider threats are multiplied when IT-administrators who manage and configure Big Data leverage over-privileged accounts. Enforcing a least privilege model for IT admins and securing the service accounts that are used for machine-to-machine (M2M) communication between nodes greatly reduces your exposure to insider threats. Privileged identity management also helps after an attack, since auditing and session recording are used for forensics investigations.

To manage the complex threat landscape, we are advocating that enterprises implement privileged identity management either alongside existing security technology or directly built into their solutions. We are saying Centrify is at the forefront of a market that is predicted to explode to $50.2 billion by 2020. Let’s make sure it’s secure – and let’s not repeat the mistakes of the past.

Over the past six months, 50 of our customers came to us to explain how they were using Centrify to secure their Big Data environments. With this announcement, we have productized those lessons and have certified capabilities with these vendors. I’m hoping others will follow, because I believe we as an industry need to shift gears and think security-first. In the same way that putting a better lock on your apartment can reduce risk, so can bringing an end to the sharing of passwords and the provision of user-level auditing via your most critical asset — Big Data.