Part 1
Sony Corporation has invested in their security policies and procedures. In the last few years, they have set up an Information and Security and Privacy Organization that handles all aspects of global standards and policies. Sony Corporation security aspects include approved modes of operation, identification and authentication policies, access and control policies and physical security policies. The policies provide guidance for the employee (Hash et al, 2005). Sony also has a policy that provides guidance on mitigation of attacks. As an organization, Sony has put in place security standards and policies that cover almost all areas. However, from an information security standpoint, the policies and procedures are strong if implemented. For example, recent hacks have exposed laxity such as password files that were labeled as such and were not encrypted. In another instance, a hack to the file server happened when an employee left himself logged into the system from a café.
Part 2
One of the security concerns of big data is protecting the user’s privacy (Geer, 2013).When big data is collected, it usually has a lot of Personal Identifiable Information which is a concern if it lands in the wrong hands. Maintaining anonymity in big data is a challenge that cannot be ignored and organizations have the responsibility to maintain a balance between data utility and privacy. The solutions to the problem include removing unique identifiers, sending information in encrypted forms where possible. Another security concern is in establishing data and information ownership. Big data access control is an issue especially with software such as Hadoop which does not have authentication by default. The solution would be to have firewalls or application layer implementations that restrict access.
References
Hash, J., Bartol, N., Rollins, H., Robinson, W., Abeles, J. & Steve, B.(2005). Integrating IT Security into the Capital Planning and Investment Control Process. National Institute of Standards and Technology.
Geer, D. (2013) Big Data Security, Privacy Concerns Remain Unanswered. CSO Online. Retrieved from http://www.csoonline.com/