The risks and challenges for the financial industry have increased exponentially over the last few years. The key challenge has been to fully leverage big data without exposing or risking sensitive information.
Not only is the financial industry subject to a multitude of regulatory compliance issues in terms of data protection, they also face production challenges such as maintaining performance, scalability, and high availability.
This webinar was given on May 1st, 2014 and talked about:
- Best practices for achieving performance, reliability and protection of sensitive data in Hadoop deployments
- Innovative capabilities to help you meet regulatory compliance and risk management requirements
- Use cases to illustrate how big data can maximize returns on your investment, while minimizing risks
- The 5 action items you should take to get started
Speakers:
Jeremy Stieglitz, VP of Product Management, Dataguise
Dale Kim, Director of Product Marketing, MapR
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Dataguise & MapR: Action Items for the Financial Industry
1. Action Items for the
Financial Industry:
Addressing fraud and privacy
issues in Hadoop
May 1, 2014
2. Our Speakers
Jeremy Stieglitz
VP Product Management
Dataguise
Dale Kim
Director, Industry Solutions
MapR Technologies
5 Action Items for the Financial Services Industry – April 2014 2
3. Executive Summary
Big Data has become priority #1 for
finance and large enterprise in 2014:
– Faster time to insights
– Increasingly touching $$$
– Real-time, Automation and On Demand
Key challenges on Big Data
– Leveraging sensitive assets
– Automating protection techniques
– Maintaining high performance
– Ensuring scalability
5 Action Items for the Financial Services Industry – April 2014 3
4. Agenda
Market overview: Hadoop in Financial Services
Solution priorities
5 action items
– Strategize – develop concrete goals
– Automate, automate, automate
– Foresee high rates of innovation
– Expand your community
– Explore the technology landscape
5 Action Items for the Financial Services Industry – April 2014 4
6. Hadoop in Financial Services
5 Action Items for the Financial Services Industry – April 2014 6
Hadoop addresses:
• Scale
• Infrastructure costs
• Anomaly detection
• Data archiving for
compliance
• Aggregated risk
• Data protection
• Etc.
Risk
Market Uncertainty
Regulations
Costs
Fraud
Security Attacks
Big Data
7. Business Challenge: Data Growth
100% growth and 80% unstructured data by 2015
…finding and classifying sensitive data will get
harder
7
Exabytes
5 Action Items for the Financial Services Industry – April 2014
8. Compliance Universe
5 Action Items for the Financial Services Industry – April 2014
• Sarbanes-Oxley
• Frank-Dodd
• PCI-DSS
• HIPAA
• State Data Breach Laws (CA SB 1386)
• Data Privacy (International)
• EU Data Protection Directive
• Singapore Personal Data Protection Act
• Canadian Personal Information Protection
and Electronic Documents Act (PIPEDA)
• Germany’s Federal Data Protection Act
(BDSG)
• Great Britain Data Protection Act
• Data Privacy (USA)
• Ohio 1347.15
• California SB 1386
• Massachusetts Data Privacy Law
• Financial
• Basel III
• Gramm-Leach-Bliley Act (GLBA)
• J-SOX
• Technology Risk Management
Guidelines
• Health/Pharmaceutical
• NAIC Model Audit Rule (MAR)
• 21 CFR Part 11 (FDA)
• Energy
• North American Electric Reliability
Corp (NERC)
• Federal Energy Regulatory
Commission Regulations (FERC)
• Service Providers
• Statement on Auditing Standards
(SAS 70)
• Education
• Family Educational Rights and Privacy
Act (FERPA)
• Federal Information Security Management
Act (FISMA)
63 countries, 1200+ laws
9. 5 Action Items for the Financial Services Industry – April 2014 9
9
Solution
Priorities
11. Solution Priorities
Scale
Plan for growth,
beyond your simple
projections:
• Longer time
windows of data
• New data sources
• New use cases
5 Action Items for the Financial Services Industry – April 2014
12. Solution Priorities
Reliability Plan ahead with all
the right people --
devops, sys admins,
application
developers, etc.
5 Action Items for the Financial Services Industry – April 2014
13. Hadoop Security Framework
Perimeter
Guarding access to the
cluster itself
Technical Concepts:
Authentication
Network isolation
Data
Protecting data in the
cluster from
unauthorized visibility
Technical Concepts:
Encryption, Tokenization,
Data masking
The 4 approaches to address security within Hadoop (Perimeter,
Data, Access, Visibility)
MapR provides true multi-tenant Hadoop, along with authentication/
authorization controls
Dataguise discovers & protects at the data layer and provides visibility
for audit reporting and data lineage
Perimeter
Guarding access to the
cluster itself
Technical Concepts:
Authentication
Network isolation
Access
Defining what users
and applications can do
with data
Technical Concepts:
Permissions
Authorization
Visibility
Reporting on where
data came from and
how it’s being used
Technical Concepts:
Auditing
Lineage
5 Action Items for the Financial Services Industry – April 2014
14. 5 Actions You Should Take
5 Action Items for the Financial Services Industry – April 2014 14
15. #1: Strategize – Develop Concrete Goals
Are you prepared for production?
– Expect stringent SLAs
– Plan for performance, scale, reliability,
and data security
Additional use cases?
– Do not limit your possibilities
– Hadoop deployments typically handle
multiple business problems
The ‘Aha’ vs. ‘Gotcha’ moment
5 Action Items for the Financial Services Industry – April 2014 15
16. #2: Automate, Automate, Automate
– Keep up with data growth
– Simplify critical tasks
– Reduce the risk of error with manual effort
Your Data will grow 6000% in six years. Your headcount will grow 1.5x
5 Action Items for the Financial Services Industry – April 2014
17. Payment Risk Management
at Major Credit Card Brand
Multiple business apps: fraud
detection, risk analytics, cross sell
High degree of automation
“Silver”, “Gold” and “Platinum”
Hadoop domains with increasing
lockdown of customer data
17
“Our analytics business
draws on the
purchasing data of its
90 million credit card
holders across 127
countries.”
5 Action Items for the Financial Services Industry – April 2014
18. Hadoop
Payment Risk Management
at Major Credit Card Brand
Customer uses SFTP and
NFS to load data into
Hadoop. All data loaded
in the clear.
Dataguise masking runs as
MapReduce JAR (automatically, with
no programming required).
HDFS “Gold” Cluster
Any incremental updates to HDFS are
automatically protected. Credit card
firm uses access control to determine
access to private data
Dataguise masking
guarantees consistency
between sensitive
elements, ensuring credit
card group can run same
statistical distribution and
analytics without
exposure risk
u v
w
Omniture FilesCredit Card
Transactions (txt)
NFS copy
SFTP
HDFS Cluster “Silver”
x
Source Data
5 Action Items for the Financial Services Industry – April 2014
19. #3: Foresee High Rates of Innovation
Hadoop benefits from many new innovations:
{Falcon, Kite, Storm, Mesos, Drill, Impala, Spark,
Shark, etc.}
Design non-blocking technical choices
(especially in areas of high velocity).
– Many files formats you can use (txt, Snappy, Avro,
SequenceFile, RC, ORC, etc.)
– Make sure your security assumptions aren’t tied to
specific formats
5 Action Items for the Financial Services Industry – April 2014 19
20. #4: Expand Your Community
Security is a “common good,” share ideas with:
– Different divisions at your firm
– Professionals in your network
– Competitors
Who else are Hadoop/security experts?
– E-commerce
– Telecommunications
– Web 2.0
– Government
5 Action Items for the Financial Services Industry – April 2014
21. Security analytics and fraud
detection
Build statistical models to detect
fraud, and mine data to evaluate
suspicious activities
Huge volumes of collected data to
identify fraud patterns required
massive scalability
Fraud Detection and Security Analytics
at Zions Bank
“We initially got into
centralizing all of our data
from an information
security perspective. We
then saw that we could
use this same environment
to help with fraud
detection.”
5 Action Items for the Financial Services Industry – April 2014
22. #5: Explore the Technology Landscape
• Deciding on the right technology is hard
• Undoing a bad decision is harder
• Talk to vendors, analysts, community
• Attend meet-ups, conferences
• Validate advice you get with proof points
5 Action Items for the Financial Services Industry – April 2014
23. MapR Distribution for Hadoop
BIG
DATA
BEST PRODUCT BUSINESS
IMPACT
Hadoop
Top Ranked
Production
Success
5 Action Items for the Financial Services Industry – April 2014
24. Dataguise: Market Leader in
Big Data Protective Intelligence (BDPI)
Only solution with Hadoop data
discovery
Best in class– data protection with
simplicity, scalability, and
automation
Business friendly to operators and
business analysts
24
5 Action Items for the Financial Services Industry – April 2014
25. Thank You
Jeremy Stieglitz
VP Product Management
jeremy@dataguise.com
Dale Kim
Director, Industry Solutions
dalekim@mapr.com
5 Action Items for the Financial Services Industry – April 2014 25