Solving the Really Big Tech Problems with IoT –Data Security and PrivacyHPE Security – Data Security

March 16, 2017

2

IoT Everywhere - Promising New Value

Manufacturing

Insurance

Telecom

Transportation

Energy / UtilitiesBanks / Financial

Retail

Healthcare

Government

Threat Vectors in the IoT space

3

Collector Control

PMTS

Config

Logging/monitoring

Back-end infrastructure

4

Data Privacy Regulations – High Bar, Worldwide Impact– What is The EU General Data Protection Regulation (GDPR)?

• GDPR replaces EU’s previous Data Protection Directive

• Data Protection Directive created to regulate control of

Personally Identifiable Information (PII)

• GDPR will harmonize data protection laws across 28 EU

member states

• Clearer rules for data transfer across borders

• Better control over individual’s data and its use

• Comes into force May 25, 2018

GDPR and Encryption

– GDPR calls out encryption as an approach to mitigate risks associated with the processing of sensitive data.

– Encryption and pseudonymisation are appropriate safeguards for sensitive data – with specific criteria listed

– HPE SecureData with Hyper FPE meets these criteria – i.e., encryption does not break existing business process, data can be securely decrypted as needed, and if data is encrypted then breach notification is not required

– Designation of a Data Protection Officer (DPO) will be mandatory for companies with over 250 employees based in EU, or processing data of over 5000 people per year

– Responsible for ensuring GDPR compliance and conducting GDPR audits

– What it means

– Organizations must review their entire security posture to understand the processes and controls needed to protect the privacy of EU citizens

5

2016 Saw First IoT Breaches

6

Obstacles to IoT Initiatives

DBTA – 78% of buyer-side respondents indicate lack of data security will impact their IoT progress

Forrester – 67% of security decision-makers rated privacy violations as a high level of concern

7

Security concerns now rank No.1 barrier to IoT success

– Top initiatives are around creating smart connected products that allow data from customers to be received by the enterprise (72%)

– Top barrier to IoT success is Security (35%)

– IoT has its own P&L today or will by the end of 2018 (55%)

8Gartner Survey of 2,539 Respondents in Six Countries

Encryption is an area poised for wider adoption: 2nd highest ROI against cyber crime

Why do enterprises care about encryption?

Format-Preserving Encryption (FPE)

10

– Supports data of any format: name, address, dates, numbers, etc.

– Preserves referential integrity

– Only applications that need the original value need change

– Used for production protection and data masking

– NIST-standard using FF1 AES Encryption

AES - CBC

AES - FPE 253- 67-2356

8juYE%Uks&dDFa2345^WFLERG

First Name: Uywjlqo Last Name: Muwruwwbp

SSN: 253- 67-2356

DOB: 18-06-1972

Ija&3k24kQotugDF2390^32 0OWioNu2(*872weW

Oiuqwriuweuwr%oIUOw1@

First Name: Gunther

Last Name: Robertson

SSN: 934-72-2356

DOB: 20-07-1966Tax ID

934-72-2356

Introducing “Data-centric” security

11

Traditional IT

Infrastructure Security

Disk encryption

Database encryption

SSL/TLS/firewalls

Authentication

Management

Threats to

Data

Malware,

Insiders

SQL injection,

Malware

Traffic

Interceptors

Malware,

Insiders

Credential

Compromise

Security

Gaps

HPE SecureData

Data-centric Security

SSL/TLS/firewalls

Da

ta s

ec

uri

ty c

ov

era

ge

En

d-t

o-e

nd

Pro

tecti

on

Data

Ecosystem

Storage

File systems

Databases

Data and applications

Security gap

Security gap

Security gap

Security gap

Middleware

60 Data Sources,600 Billion

records per day

250 Nodes

LDAP

Sensitive

structured

sources

Hadoop Cluster

Sqoop

Flume

Storm

Hive

UDFs

Map Reduce

Staging Area

HPE SecureData

File Processor

Teradata EDW

UDFs

Data

Virtualization

layer

Tableau

Analytics &

Data Science

HPE SecureData

Key Servers & WS

API’s

Leading Telecoms Provider – Big Data Primary Data Flow

Data

Cleansing

22

Big Data Ingestion

–Hadoop tools, Sqoop, Flume, etc.

–ETL, Informatica

–Apache™ NiFi™

–Hortonworks DataFlow (HDF)

13

Leading car manufacturer – Big Data primary data flow

14

Sensitive

structured data

Hadoop Edge

Nodes

HPE SecureData

Hadoop Tools

Hadoop Cluster Data Warehouse

Sensitive

structured

sources

Cognos

Analytics &

Data Science

HPE SecureData

Key Servers &

WS API’s

~2 Billion real time transactions/day

Other real-time data feeds – customer

data from dealerships,

manufacturers

Sqoop

Hive

UDFs

Map Reduces

“Landing

zone”

“Integration

Controls”

Flume real

time ingest

Existing data sets and 3rd party data, e.g.. accident data

UDFs

IBM DataStage

Securing the Big Data Space

15

Public

data Sqoop

Hive

UDFs

Map

Reduce

“Landing

zone”

TD

E

SQL

Spark

Sensor

Data

Power

user re-

identifies

data

BI tools

work on

protected

data

Business

processes

use

protected

data

Laptop

log files

Server

log files

Any data

Source

Storm

Kafka

Data Center & Cloud IT

Sensor

Data

THE EDGE

Edge IT

+ HPE SecureData

Teradata EDW, Vertica

Flume

Thank youhpe.com/software/datasecuritywww.voltage.com

16