5 data security questions smart city planners need to ask
Big data and analytics are taking center stage in many smart city projects all over the world. A smart city, after all, is about using information and communication technology to better manage a city’s assets and infrastructure. It is also about leveraging technology to improve the quality of life for citizens, such as improving individual mobility, enhancing connectivity, or improving the environment.
However, many government or public sector organizations that are building smart cities of tomorrow are still not able to fully take advantage of their data today. This can be due to a number of reasons, such as limitations of their existing IT infrastructure or constraints from working within a traditionally designed government setup where information is stored in silos.
Public sector organizations like these need an enterprise data hub (EDH) solution that can help them manage and operationalize big data across departments and within agencies, supporting both current and future needs. An improved data management architecture, like an EDH built with and powered by Apache Hadoop, will be able to help lead governments in a direction where big data can be securely shared, processed, and analyzed.
When implementing an EDH, public sector organizations have a couple of key concerns. First, they need to comply with stringent regulatory mandates, and second, they need to ensure data security.
The open source Hadoop platform makes perfect sense for public sector organizations considering an EDH because it is flexible, scalable and secure.
The following are five most important questions that public sector organizations need to ask before implementing an EDH with Hadoop. These essential questions can help agencies take stock of their readiness and build out enterprise data solutions.
1) How do I prepare a secure foundation for Hadoop?
Government agencies — including the defense, financial and healthcare sectors — are seeing a critical advantage in analyzing and using data, especially when it comes to accessing large, historical data sets. Public sector IT leaders may have concerns about Hadoop because it is an open source software solution. That is, Hadoop is freely available and developers are free to study, change and distribute the software framework. The spirit behind open source means that Hadoop is developed in a collaborative, public manner. This also means that Hadoop embraces innovation, which can sometime translate into updated and new components that are released every month, if not every day. Nevertheless, while the technology may evolve and change quickly, many of the tried and true security rules and best practices for hardening the system foundations can control these changes to maintain effective security and governance. Even more important is that this can be done without hampering innovation. To ensure that data security is observed, public sector organizations that adopt Hadoop need to apply well known security measures to the underlying infrastructure and systems. For example:- Turning off services that are not required
- Restricting access to users
- Limiting super-user permissions
- Locking down network ports and protocols
- Enabling audit, logging and monitoring
- Applying all the latest OS security patches
- Using centralized corporate authentication
- Enabling encryption in-transit