No excuse, say data experts

BUSAN - Keeping information safe with big data solutions and strict adherence to security procedures are fundamental to prepare for the “hyperconnected generation” and the Internet of Things (IoT), according to software executives.

Leaders of IT companies such as Cisco, IBM and SAP that deal with data analysis and security gathered yesterday for the Big Data World Convention 2014, which was held on the third day of the International Telecommunications Union (ITU) Plenipotentiary Conference in Busan.

They discussed how to handle and protect the massive collection of personal data via IoT technology. Referring to the massive leaks at Korean financial institutions earlier this year, the experts said companies should start by setting up firm security rules and abide by them.

“Nowadays, there is no excuse,” said Markku Lepisto of Amazon Web Services. “Companies have to have security measures leveraging services. When you get data, encrypt it piece by piece with security keys. These small practices definitely improve your overall security. It [security] is absolutely possible.”

Speakers also said companies that hold information should have a big data management system with highly specified access points, where individual security managers get access to limited amounts of data.

“Access points for security workers need to be separate from people who do encryption and manage the system,” said Ashwin Kamaraju, vice president of product development at Vormetric, a U.S.-based data and cloud security company. “People who have direct access to data shouldn’t have access to encryption keys and security policies.”

The experts also emphasized that both public and private data-handling companies should have a more open stance on sharing data, under strict adherence to security rules.

Unlike in the past, when the largest source of big data used to analyze consumer habits was social media posts, the experts said an “open stance” will be especially significant in the future when sources of big data will exponentially expand to nearly everything in our daily lives, thanks to the IoT.

“Here in Korea, there are some [data] security challenges,” said Dominic Scott, managing director of Cisco Asia-Pacific. “Issues can be overcome by participating in an open system in the world’s security community and working together to figure out an answer, instead of maintaining protectionism.”

But he said the government needs to first try to draw a clear line between what needs to be protected and what doesn’t by actively communicating with people.

He cited Australia, where government officials took a leadership role by implementing a law that allows each citizen to choose what information to provide when accessing public services.

However, Scott pointed out that a society-wide consensus needs to be established first in order to find a good balance, because allowing information to be a part of big data will be a prerequisite for enjoying the convenience of IoT.

“The more linked together, the more convenience, but the less privacy,” said Scott. “I really think these two, convenience and privacy, are trade-offs.”

Lee Klarich, senior vice president of product management at Palo Alto Networks, a U.S.-based network security company, said data holders, managers and security companies should work like a community, because it is vital for all involved parties to stay up-to-date about possible cyberattacks and threats.

“If you want to ensure privacy, it’s important to understand that some openness helps you enjoy different benefits of IoT technologies,” he said. “My view is to establish the correct balance between openness and maintaining privacy.”

BY KIM JI-YOON [jiyoon.kim@joongang.co.kr]