Thales eSecurity Blog

Protecting Big Data, while Preserving Analytical Agility

The age of Big Data is upon us. And, as more data is available for analytical purposes, more sensitive and private information is at risk. As The 2018 Thales Global Data Threat Report notes, “The top Big Data security issue is that sensitive data can be anywhere – and therefore everywhere – a concern expressed by 34% of global and U.S. respondents.”

Protecting the confidentiality and integrity of warehoused data and ensuring that access is controlled is vital to keeping that data secure. Moreover, encryption keys must be protected and managed in a trusted manner for security and compliance with regulations. But in a Big Data analytics environment, the data must also be instantaneously available to those authorized to use it. So, while strong encryption secures data, it must be done in a manner that does not impact performance or interfere with the database query process.

Protecting Big Data, while Preserving Analytical Agility

Pivotal Greenplum is an open source data warehouse that provides powerful and rapid analytics on very large volumes of data. Uniquely geared toward machine learning and advanced data science, Greenplum is powered by an advanced cost-based query optimizer delivering unmatched analytical query performance on large volumes of data. Pivotal Greenplum provides flexibility and tight integration with leading analytical libraries and software stacks.

For added security, Pivotal Greenplum integrates with Thales eSecurity’s Vormetric Transparent Encryption (VTE) to establish with maximum efficiency strong controls around sensitive data, with very limited overhead. Thales eSecurity’s VTE delivers data-at-rest encryption with centralized key management, privileged user access control, and security intelligence to protect the data and proactively meet compliance reporting requirements for structured databases and unstructured files. The solution can be deployed without any changes to applications, databases or infrastructure so security organizations can implement encryption with minimal disruption, effort, and cost.

Thales eSecurity VTE delivers continuous protection long after the encryption key is applied. Enhanced security features include:

  • Persistent enforcement of security policies that protect against unauthorized access by users and processes
  • Continual logging of all access attempts to monitor authorized and unauthorized user activity
  • Granular controls and least-privileged access policies to protect data from advanced persistent threat (APTs) and misuse by privileged users
  • Specialized policy setting to control administrators with root privileges, processes, file types, time of day, and other parameters
  • Security intelligence capabilities to provide detailed data event logs to satisfy compliance and forensic reporting, and to enable additional data security analytics with popular security information and event management (SIEM) systems

As an agent running at the file system or volume level on a server, Thales eSecurity VTE offers flexible implementation. The agent is available for a broad selection of Windows, Linux, and UNIX platforms, and can be used in physical, virtual, cloud, and big data environments, regardless of the underlying storage technology.

In a world where data breaches are all to common, Pivotal Greenplum has partnered with Thales eSecurity to ensure its Big Data is also safe data.

For more information on the Thales eSecurity and Pivotal solution, please click here.

For more information on Vormetric Transparent Encryption, please click here.

You can also follow Thales eSecurity on Twitter, LinkedIn and Facebook.