10 Best Practices for Security, Compliance Monitoring

Data poisoning

1 - 10 Best Practices for Security, Compliance Monitoring10 Best Practices for Security, Compliance Monitoring

Of the Cloud Security Alliance 100 best practices in big data security, we focus on 10 best practices for ensuring real-time security and compliance monitoring.

2 - Anomaly DetectionAnomaly Detection

Apply big data analytics to detect anomalous connections to a cluster to ensure only authorized connections are allowed.

3 - Event Log MonitoringEvent Log Monitoring

Mine the events in log files to ensure that the big data infrastructure remains compliant with the risk-acceptance profile of the infrastructure.

4 - Front-End DeploymentFront-End Deployment

Implement front-end systems, such as routers, application-level firewalls and database access firewalls. These systems parse requests and stop bad requests.

5 - Security in the CloudSecurity in the Cloud

As big data deployments move to the cloud, security is top-of-mind. Consider cloud-level security to avoid becoming the weak spot in the big data infrastructure stack.

6 - Adding ControlsAdding Controls

Use cluster-level security to ensure multiple-level security. Best security practices for the cluster include the use of Kerberos or SESAME in a Hadoop cluster for authentication and access control lists for access.

7 - Application ProtectionApplication Protection

Apply application-level security to protect applications in the infrastructure stack as attackers shift their focus from operating systems to databases and applications.

8 - Pay Attention to Privacy RightsPay Attention to Privacy Rights

To avoid legal issues when collecting and managing data, follow laws and regulations that relate to privacy rights in each step of the data lifecycle: collection, storage, transmission, use and destruction of data.

9 - Ethical ConcernsEthical Concerns

Consider technical and ethical questions around data use, accounting for all applicable privacy and legal regulations at the very least.

10 - Minimize Evasion AttacksMinimize Evasion Attacks

Monitor evasion attacks to avoid potential system attacks and/or unauthorized access, and consider using different monitor algorithms to mine the data.

11 - Monitor Strange BehaviorMonitor Strange Behavior

Track data poisoning attacks to prevent monitoring systems from being misled, crashing, misbehaving or providing misinterpreted data.


Must Read