The Big Data Anaytics conference held at Enderun Colleges just finished last November 15. I was part of the panel on Top Challenges on Big Data Security and Privacy. It was a breakout session where people get to ask questions in an academic-business setting. More on that in a while.
The conference started when Colin Christie opened the event with images about the size of the datacenters operating in Northern America. The cloud is not as much up in the heavens, but more on the ground, centralized, freezing just to cool our thirst for data and humming with the thousand lights of hundreds of server racks. Is this the future for PH?
Then comes the keynote of Isaac Reyes. He established how to start the analytics journey within the audiences’ organizations. He paints a picture of what a data scientist is like, and how it’s both a ‘special snowflake’ and a ‘big investment’. Hiring a data scientist is like putting all your eggs in one basket, and being a special snowflake, he or she might get attracted to other opportunities rather quickly. He outlines the alternative – how data science teams of a modeler, a statistician, a programmer, a visualizer and a communicator can fit for the Philippine setting. With training and experience, one of them might just become a data scientist. Great advice really.
Then Jemm Cellan comes in speaking about Marketing Analytics and answering the question, how can one improve the online shopping experience through data. With a single slide, he closed the gap between the technical and managerial, and listed all facets of a good analytics project or portfolio, that is, from entire strategies to business inputs, from tools to big brains and from insights to action.
Panel sessions were next, and they all focused on three things: 1.) Most industries are disrupted, and it’s either adopt with the wave or get crushed by another player 2.) The government is preparing to digitize all information, and thus can bring about more transparency and data-driven decision-making 3.) How to concretely address the knowledge gap of analytics and sparking academe and industry to come together and recognize the discipline and the professionals.
Fast forward to our breakout session. We’ve nearly filled our room with a quarter of all conference attendees. We started with an overview slide deck where we explained the threat landscape, actors and how being on the cloud also spells new challenges for security. We outlined some alarming trends, and also showed some basic ways to protect data. It comes down to four things: 1.) Network security means hiring information security people, 2.) Privacy means getting confidentiality done right 3.) Data management which is foundational for any data science done in a company. This means answering who is accountable to the data, what are the properties of the data (and therefore knowing what is sensitive), when and where the data is created and modified (data lineage). Lastly, 4.) integrity and reactive security means setting tools to audit real-time data and prepare for any data breaches.
It’s back to basics really. More than ever, we have to get AAAA – authorization, authentication, accounting and audit right. That means we get our Kerberos, our HTTPS and TLS, our disk encryption, multi-factor authentication, our role-based data (Apache Sentry) access, our security administration (Apache Ranger), our data governance solution (Apache Atlas) and our data stewardship (chief information officer) right. We may get the forget that our shiny features, scalability and financial horizons will get eclipsed by any breach of trust or data leaks, which may threaten to collapse the entire company’s digital portfolio. It’s time we get security and privacy as primary concerns in this age.