Big data security protection should be "data-centered", "technology-supported", "management as a means", focusing on the data system and ecological environment. Define the source of data, organizational form, path management, application scenarios, etc., around the collection of big data, transmission, storage, application, **** enjoyment, destruction and other processes, to build a security protection system consisting of organizational management, institutional regulations, technical means, to achieve the closed-loop management of big data security protection.

1. Big data collection security

Yuan through the data security management, data type and security level marking, the corresponding functions embedded in the backend data management system, or its seamless docking, so as to ensure that the network security responsibility system, security level protection, data classification and classification management, and other types of data security system effective implementation.

2. Big data storage and transmission security

The confidentiality and integrity of data is guaranteed through cryptography. In the data transmission link, the establishment of encrypted transmission links between different security domains can also be directly encrypted data, in the form of ciphertext transmission, to ensure the security of the transmission process. During data storage, data encryption, disk encryption, HDFS encryption and other technologies can be adopted to guarantee storage security.

3. Big data application security

In addition to firewalls, intrusion monitoring, anti-virus, anti-DDos, vulnerability scanning and other security measures, it should also be unified management of the account, to strengthen the management of the data security domain, so that the original data does not leave the data security domain, which can effectively guard against the risk of insiders stealing data. In addition, it should also desensitize sensitive data such as cell phone number, ID number, home address, age and so on.

4. Big data **** enjoyment and destruction

In the data **** enjoyment, in addition to the relevant management system should be followed, should also be combined with the security domain, in order to meet the business needs at the same time, effective management of data **** enjoyment behavior. In the process of data destruction, it can be operated by software or physical means to ensure that the data stored in the disk is permanently deleted and unrecoverable.

(1) physical security measures: physical security mainly includes environmental security, equipment security, media security and other aspects. Handling of secret information system center room should use effective technical precautions, the important system should also be equipped with security personnel for regional protection.

(2) operational security measures: operational security mainly includes backup and recovery, virus detection and elimination, electromagnetic compatibility. The main equipment, software, data and power supply of the classified system should be backed up and have the ability to restore the system operation in a relatively short period of time. The relevant state authorities should be approved by the checking and killing software should be used in time to check and kill the virus, including the server and the client's check and kill the virus.

(3) information security measures: to ensure the confidentiality of information, integrity, availability and anti-repudiation is the central task of information security and confidentiality.

(4) security and confidentiality management security measures: security and confidentiality management of classified computer information systems, including management organizations at all levels, management systems and management technology in three areas.

International Committee for Standardization definition is "for the data processing system and the adoption of technical and management of security protection, protection of computer hardware, software, data is not due to accidental or malicious reasons and was destroyed, changed, revealed."　　China's Ministry of Public Security Computer Management Supervision Department's definition is "computer security refers to computer asset security, that is, computer information system resources and information resources from natural and man-made harmful factors of threat and harm."