Voltage Security: Secure Sensitive Data in Hadoop

Voltage Security: Secure Sensitive Data in Hadoop

At a Glance

Voltage Security® is the leading expert in data-centric encryption and tokenization technologies, providing complete protection for personal identity information, health information, primary account numbers and other kinds of sensitive data that must be protected.

The Challenge: Securing Hadoop Data

Hadoop is designed to enable very rapid time-to-insight, decision support, and operational efficiencies. But as with any enterprise data architecture deployment, you face many security and regulatory compliance challenges, especially when automatically replicating data across multiple nodes, handling multiple types of data concentrated in a Hadoop enterprise data hub (or “data lake”), or enabling access by many different users with varying analytic needs. Sometimes the security options are not implemented in an optimal way. The most commonly cited reason for the lack of a proper security implementation is that the administration interferes with—and slows down—business due to its complex, cumbersome, and intrusive nature.

An End to End Solution is Needed

Voltage and MapR to the Rescue
MapR provides the easy-to-configure data security capabilities you expect in an enterprise system. Authentication and authorization are just the start. Together with Voltage SecureData Suite for Hadoop, privacy of sensitive information is preserved end-to-end across an enterprise’s IT infrastructure—from the moment of capture through business analysis applications and to the back-end data store.

With Voltage SecureData FPE and SST on the MapR Distribution including Hadoop, protection is applied at the data field and sub-field level, preserving characteristics of the original data, including numbers, symbols, letters and numeric relationships such as date and salary ranges, and maintaining referential integrity across distributed data sets so joined data tables continue to operate properly.

Security from the Source

Data-Centric Approach to Security
Voltage Security is a certified technology partner with MapR Technologies. Voltage SecureData encryption/tokenization protection can be applied at the source before it gets into Hadoop, or can be evoked during an ETL transfer to a landing zone, or from the process transferring the data into Hadoop. Once the secure data is in Hadoop, it can be used in its de-identified state for additional processing and analysis without further interaction with the Voltage System. Or the analytic programs running in Hadoop can access the clear text by utilizing the Voltage high-speed decryption/de-tokenization interfaces with the appropriate level of authentication and authorization. If processed data needs to be exported to downstream analytics in the clear—such as into a data warehouse for traditional BI analysis—there are multiple options for re-identifying the data, either as it exits Hadoop using Hadoop tools, or as it enters the downstream systems on those platforms. The customers can apply Voltage Security on MapR in a number of ways:

  1. Apply data protection at source applications
  2. Apply data protection during import into Hadoop (ETL process, Sqoop)
  3. Apply data protection within Hadoop (e.g., via MapReduce)
  4. Using de-identified data within Hadoop (e.g. Hive)
  5. Using and exporting re-identified data from Hadoop (e.g. Hive)
  6. Exporting data and re-identifying outside Hadoop (ETL process)
  7. Using storage-level encryption within Hadoop

MapR and Voltage bring a unique, proven, data-centric approach to the protection of sensitive data in Hadoop, which is essential to establish a robust, secure Hadoop deployment.

About Voltage Security

Voltage Security®, Inc. is the world leader in data-centric encryption and tokenization. Voltage provides trusted data security that scales to deliver cost-effective PCI compliance, scope reduction and secure analytics. Voltage solutions are used by leading enterprises worldwide, reducing risk and protecting brand while enabling business. Today Voltage has over 1,000 enterprise customers and protects sensitive data at the world’s largest banks, financial institutions and payment processors.

Voltage Security Product Snapshot

Voltage SecureData™ Suite for Hadoop is a comprehensive data protection framework that secures data as it is captured, processed and stored across a variety of devices, operating systems, databases, and applications.

Voltage Security Benefits

  • The ability to protect data as close to its source as possible.
  • • Support for encryption, tokenization and data masking protection techniques.
  • Data usable for many applications in its de-identified state.
  • The ability to securely re-identify data when required—only by authorized users and applications.
  • Protection techniques backed by security proofs and standards.
  • High performance, high scalability, well-matched with Hadoop speeds.
  • Broad platform and application support—inside and outside Hadoop.

About MapR

MapR delivers on the promise of Hadoop with a proven, enterprise-grade platform that supports a broad set of mission-critical and real-time production uses. MapR brings unprecedented dependability, ease-of-use and world-record speed to Hadoop, NoSQL, database and streaming applications in one unified distribution for Hadoop. MapR is used by more than 500 customers across financial services, government, healthcare, manufacturing, media, retail and telecommunications as well as by leading Global 2000 and Web 2.0 companies. Investors include Google Capital, Lightspeed Venture Partners, Mayfield Fund, NEA, Qualcomm Ventures and Redpoint Ventures.

MapR Benefits

  • Operational Efficiency One
    unified big data platform for Hadoop, NoSQL, database, and streaming applications.
  • Proven Production Readiness
    Get enterprise-grade reliability with MapR, including built-in high availability and disaster recovery capabilities, proven to meet stringent service-level agreements. With powerful, easy-to-use security controls, ensure your data is only visible to authorized users.
  • Consistent High Performance
    Do more work with less hardware for lower TCO versus other distributions.