Big Data is defined as a large amount of data that is unmanageable using internet-based platforms or traditional software. The Medical industry can be considered Big Data. In 2005, Big Data was about 130 exabytes (EB). (EB is a unit of information equal to one quintillion bytes or one billion gigabytes. WOW!) In 2017, this expanded to about 16,000 EB with a projection this year of 40,000 EB. Data is a precious commodity. As data increases in bytes, it becomes a more valuable asset for cybercriminals.
Shockingly, data privacy statutory law is still being developed at the federal level. Right now, it is the responsibility of the individual states to create and enact data privacy laws. An example is the California Consumer Privacy Act (CCPA), which is very similar to the European General Data Protection Regulation (GDPR). Both laws are designed to regulate how businesses around the world handle and utilize their resident’s personal information. Note: Even if you live in another state, if you have data with a California company, you fall under the CCPA.
Your data is valuable, and it should be protected. Data breaches happen almost daily, exposing users’ Personal Identification Information (PII), which could include e-mail addresses, passwords, and credit card information. Experian recently published statistics showing that 31% of breach victims later had their identity stolen. According to State of Breach 2020, at least 8 billion records have been exposed through data breaches in 2019.
Here is a great resource to see if you have been breached: Use Have I Been Pwned to verify if your account/email has been compromised.
Before the CCPA and GDPR were enacted, organizations had little motivation to be “compliant.” Today, data protection laws enforce data protection compliance.
To tackle the complex nature of today’s online networks in protecting data, a data-centric security strategy is required. Here are two key big data security principles:
-
Protect the data from the start. This may seem obvious, but it is often overlooked. If the data is protected from the onset, there is less risk of a data leak.
-
Data should not be unencrypted/unprotected unless absolutely necessary. There are services that offer data encryption even during use. One we recommend is Enveil. It prevents the decryption of data at any time, making it less vulnerable to an attack.
Federal legislation needs to catch up with state legislation and enforce compliance laws in protecting individual data. Do not leave it to others to protect your client data. Organizations must refine data-centric security strategies to ensure data is encrypted at the lowest level.