RSA: Why Big Data Presents Big Security Problems

 
 
By Sean Michael Kerner  |  Posted 2013-02-26
 
 
 

SAN FRANCISCO — Quite aware that the advent of more and more big data workloads has caused new vulnerabilities in enterprise security, RSA on Feb. 25 released a new version of its Authentication Manager platform to provide new big data intelligence in user authentication.

The world's largest IT security company made the announcement on the first day of its RSA Security Conference 2013 here at Moscone Center.

General Manager Manoj Nair said that user authentication is not simply an organizational security problem anymore; it's a big data problem that requires additional background intelligence.

"Identity can no longer be determined by a single factor or even multiple factors," Nair said. "Identity needs to be made from a rich profile with nearly every dimension you can learn about a user, their history and behaviors, and contrast that with behavior of their peer group."

Intelligence That Enables Secure Tokens

RSA Authentication Manager is the intelligence that enables the pervasive SecureID tokens for which RSA is famous. Authentication Manager also provides the management console for administrators. In version 8, the console is being expanded to provide a degree of self-service, so that users can manage their own authentication profiles.

Authentication Manager 8 pulls in big data from RSA's intelligence that is used by financial institutions today.

"There are 40 million active users of secureID and with Authentication Manager 8, we can tailor it for an enterprise," Nair said. "We're combining all the passive data input to determine the identity of the user."

Detailing Big Data Vulnerabilities

Earlier at the product launch, RSA Executive Chairman Art Coviello said he and the company have to be realistic about big data. In a preview of the keynote address he delivered Feb. 26, Coviello detailed to members of the press where he sees the threats and the opportunities that big data presents.

The challenge in modern IT is that—thanks to the cloud and virtualization—the attack surface has expanded, and so has the risk. Coviello stressed that big data is not just about collecting lots of data; it's about extracting value from that data.

The value that can be extracted from big data isn't limited to the good guys, either.

"We have all have the ability to access large data stores because of cloud, but we're not the only ones that can access these data stores," Coviello warned. "Our adversaries will, as well."

Coviello added that "our attack surface and risk will be magnified in the coming years as a result."

Nation-State Attacks Increasing

The issue of nation-state attacks is not a new one, Coviello said.

"We haven't just discovered that nation states are attacking us; it has been going on for years," Coviello said. "What's more disturbing to me is that we're moving beyond intrusion attacks to disruptive attacks."

Going a step further, Coviello warned that it also appears that the attacks are coming from a nation-state that sponsors terror (he didn't publicly name the state). The disruption could potentially affect critical infrastructure, he said.

Coviello also sounded the alarm on IPv6 as a potential enabler for a destructive attack.

"With IPv6, when everything is connected, attackers won't need manual intervention to launch a destructive attack, because you'll have so many devices that are digital enabled," Coviello said.

Coviello's aim is not to overhype the problem.

"The world is not coming to an end," he said. "I just want people to recognize that this is the trend line, the trajectory we're on."

eWEEK Editor of Features and Analysis Chris Preimesberger contributed to this report.

Rocket Fuel