If the devil is in the details, data warehouses might be the IT security manager’s gateway to a fiery underworld.
The relentless accumulation of facts, increasing access by increasingly mobile and geographically scattered users, and the need for governments to improve management are putting these giant databases under enormous pressure. They must be always available, produce results instantly yet remain eternally secure.
In many organizations, the data warehouse has become the centre of the universe, importing data from disparate sources, linking it to internal and external-facing applications and connecting to employees, suppliers, regulators and customers in ever more complex and creative ways.
In the business world, the value of data warehousing has gone from knowing what has happened to knowing what is going on right now. The next stage will be controlling the future by literally creating demand for products at specific places and times.
In that environment, users are encouraged to use the warehouse creatively, mining for patterns and possibilities across every piece of information they have, something that most governments would consider extremely risky.
The security challenges of big databases are unique, and unfortunately governments sometimes cannot learn from their private sector counterparts.
Because businesses use data warehouses to identify trends first and then the consumers they want to reach, Adriaan Veldhuisen, security product manager at data warehouse company, Teradata, said, “In the government sector, the analytical processing is typically not done for trend analysis but for detecting abnormalities, fraud and terror and all that.”
As well, he said outside contractors often do not get close enough to secure government databases to transfer knowledge.
When the number of people who can touch a database goes up, so does the security risk, because users, whether malicious or ignorant, remain the single greatest IT security threat.