Chapter 2. Preventing a Big Data Security Breach: The Hadoop Security Maturity Model
Hadoop is widely used thanks to its ability to handle volume, velocity, and a variety of data. However, this flexibility and scale presents challenges for securing and governing data. In a talk at Strata + Hadoop World New York 2015, experts from MasterCard, Intel, and Cloudera shared what it takes to get your cluster PCI-compliance ready. In this section, we will recap the security gaps and challenges in Hadoop, the four stages of the Hadoop security maturity model, compliance-ready security controls, and MasterCard’s journey to secure their big data.
Hadoop Security Gaps and Challenges
According to Ritu Kama, director of product management for big data at Intel, the security challenges that come with Hadoop are based on the fact that it wasn’t designed with security in mind; therefore, there are security gaps within the framework. If you’re a business manager, for example, and you’re thinking of creating a data lake because you’d like to have all your data in a single location and be able to analyze it holistically, here are some of the security questions and challenges Kama says you will need to address:
Who’s going to have access to the data?
What can they do with the data?
How is your framework going to comply with existing security and compliance controls?
Kama says one of the reasons that big goals and vague projects ...