When we started talking about virtualization a few years ago, we were destined to see the birth of cloud solutions, and as these solutions matured, companies and users began to store their data in the cloud, which slowly led to the advent of the Big Data era.

Currently, access to data is slowly moving from computers to mobile devices, and when taking the subway, we see more and more people getting used to taking out their cell phones or flat-panel computers to start reading or browsing related information, which means that access to data has evolved from the past to the present anytime, anywhere, at any time.

And when we start using gmail, facebook, and google, it seems like we can upload all sorts of data endlessly, and access it at any time, browse it, and so on, which means that the data in the cloud backend has grown a lot.

What about security in this context? These big data services, whether they are public services, or a variety of corporate data, once open access, there began to be security issues, simply put, from the user authentication issues to protect the user, has been thinking about how to protect these including sensitive or non-sensitive personal data, and so on, and this issue began to gradually ferment.

When we return to the basic elements, we will find that a variety of attacks, 90% of which are achieved through the network, the network has become an indispensable medium of attack inside. Yes, when an enterprise is attacked by APT, a large amount of information obtained after analyzing the results, the malicious program may use mail, through the network to pass to the internal enterprise, a few days ago, the noisy network army attack events, etc., most of them are related to the network attack.

The challenges of security under big data are:

1. The complexity of the backend system

On top of the data, there are often a variety of complex applications to support, and therefore more complex in the security considerations. Users may adopt a single-storage 3-tier architecture, or a more complex Web Service service architecture. Regardless of the architecture, the main goal is to add value to large amounts of data and provide various interfaces or results to the user.

2. Multi-party network access

Despite the complexity of the back-end applications, the simplest way for users to access the services is through the network, which usually includes as many different devices as possible to allow access to the services as opposed to the front-end access to the network. However, for an intruder, this creates a very convenient way to attack, which allows the attacker to try to attack the overall service through various paths, and then explore the system vulnerabilities for in-depth attacks.

3. Instant Monitoring and Response

Once big data starts to be delivered to various users through services, the system starts to generate various changes, including changes in data and changes in applications. In this case, security scenarios will also follow the changes, such as whether someone is conducting a dictionary attack on the application, blocking the attack, and so on. When large amounts of data start to move, and as the amount of usage increases, immediate monitoring becomes more difficult, mainly because it is easier for attackers to get in between normal users and launch attacks on the system. This can overwhelm system administrators and make it more difficult to detect, let alone respond in a timely manner.

In these circumstances, when we think about security in the context of big data, we can go back to the basics, detecting and strengthening defenses across the entire system.

Three basic directions to consider the security of big data:

1. Application security

Data is generally not directly used, but through the application to show, from the concept of protecting data, the need to strengthen the front-end applications, so companies can be in the application before the launch, in the middle, after the development of a variety of applications to carry out security testing.

Through application security testing, enterprises can provide corresponding basic security testing for applications that use data, and achieve the first step of information security.

2. Network security defense system

The second barrier after the application is in fact the network. Enterprises provide services, relative to the provision of a variety of network access, enterprises can consider by strengthening network security to start, such as in the past, only in the export of the deployment of network security defense equipment, the idea of expanding to the internal system architecture, that is, in the internal deployment of a new generation of network defense systems, effective defense of a variety of attacks to the network.

3. Intelligent security analysis system

When big data comes, enterprises will start deploying various security measures with time, intelligent security analysis system can be used as the security brain of the enterprise, through a variety of related analysis, to determine whether it is possible to suffer from the relevant attacks and help enterprises to react in advance. Intelligent security analysis system allows enterprises to detect by the original passive, improve the active is mining, and even use historical information for threat analysis, so that you can find a variety of potential security threats early.

The security of big data is not a closed issue that can be reached through a single solution, and each enterprise can match different solutions based on the nature of their data and the context in which it is used. For example, in a variety of hosts, there may still be SSO mechanisms, there may still be host security solutions, anti-virus solutions and so on. Therefore, it is recommended that users start with basic defense, such as basic application security, and basic network security, and then, through the intelligent security analysis system to collaborate on the operation of the various security defense solutions.