Vodafone: "Big Data is a big problem for us"

Vodafone has admitted to struggling to secure Big Data on millions of devices, describing the issue as a "massive problem" for the firm.

The company illustrated the size of the challenge for a telecom firm during a Big Data discussion at HP Discover this week, saying it must protect 400 million customer records and 12 million emails each year.

Security product manager for Vodafone New Zealand, Gerhard Nagele, added that Vodafone must examine 500 million "events" each week.

He said: "It is a massive problem for us, for our internal data, but also for our customers' data.

"Security is something people kind of don't want to know about until something happens. We have a responsibility to protect that sort of data, it's extremely difficult."

His comments come days after Sony Pictures suffered a cyber breach that saw personal details released on tens of thousands of employees.

These details included salary information, while security experts claimed employees' healthcare details and social security numbers were also being traded on torrent sites.

Nagele pointed to the protection of data in transit and at rest on mobile devices as a major issue, adding "we're having trouble on that".

He said: "The other thing we are really struggling to secure is all these mobile devices that are out there, all the data that travels, the data that is in transit if you like, how do we protect that, and all the data that's in all of these mobile devices?

"We are really having trouble getting our heads around it."

The company had 411 million customers as of January this year worldwide, and Nagele warned there is a tension between making Vodafone services easy to use for customers and making them secure.

He said: "If you make it really, really secure it's going to be really, really difficult for the customers, so you've got to make sure it's a nice and easy user experience but [ensure that it] still gives you the highest set of security.

"How close do you want to get and how much ease of use for the end user do you want to get? You've got to keep all that in mind as well."

Alan Nance, VP of technology transformation at Philips, said during the discussion that security can become proactive, rather than reactive, when it comes to Big Data, by using predictive analytics to check for unusual patterns in it.

"Security is usually a reactive thing, something has happened and we're trying to find out what happened, has it happened before, what do we need to shut down, what do we need to fix," he said.

"You work on a proactive basis, and ... eventually catch it before it happens. That will be one of the big things in security, being proactive."

Gartner predicts by 2016, 80 per cent of organisations will have failed to develop a security policy that encompasses all their data.

The analyst firm said Big Data security needs a data-centric approach, before urging CISOs to implement policies that address all company data, rather than pockets of it.

"Businesses have traditionally managed data within structured and unstructured silos, driven by inherent requirements to deploy relational database management systems, file storage systems and unstructured file shares," said Brian Lowans, principal research analyst.

"However, the advent of big data and cloud storage environments is transforming the way in which data is stored, accessed and processed, and CISOs need to develop a data-centric security approach. Unfortunately this is not common practice today, and its planning is critical to avoid uncoordinated data security policies and management."