NSCI Increases HPC Privacy & Security Stakes
As the National Strategic Computer Initiative broadens interest in high performance computing, it is imperative that advocates and adopters recognize increased visibility likely will raise the cybersecurity stakes, cautioned Altair's chief technology officer.
After all, as high performance computing becomes more accessible to more business departments and more users, it grows exponentially more attractive – and potentially easier – for hackers to attack or employees to accidentally breach systems, said Bill Nitzberg in an interview with EnterpriseTech. Big data is fueling enterprises' early general-purpose HPC implementations, and access to this trove of sensitive information is an attractive lure that HPC vendors, existing and new, must protect, he said.
Of course, HPC vendors have long protected highly sensitive data: Their systems are practically standard across the alphabet soup of defense agencies. But an expanded market translates into new opportunities for vendors – and cyber criminals, said Nitzberg.
"As we make supercomputers more super, if you will, … [we'll find] broader adoption means more people are using high performance computing. The more people using it, the more important it is to get out the security message," he said. "We're going to make the targets for intrusion bigger and more attractive to hackers. People are going to go after these systems even more. One focus of NCSI is merging traditional HPC with big compute with the new kind of HPC – people taking all data coming in and merging it into a broader HPC. Where the big compute had its main problem as intrusion, big data elevates an entirely new set of security issues to a broader level – and that's privacy."
Almost a year before NSCI, security and data sharing complexity were the biggest impediments for those overseeing multi-site HPC systems, according to 75 percent of those polled, the DataDirect Networks 2014 user survey found. The issue became even more problematic for those with more than 6 petabytes of storage, 78 percent of respondents said.
For its part, Altair took some of the security technologies used in its national security products and integrated them in smaller HPC systems, Nitzberg said. These multi-level security capabilities safeguard enterprise customers such as Airbus Group, which on Sept. 29 said it had signed a contract for all Altair's software portfolio.
"If Target had fully implemented some multi-level security then maybe their credit cards would not have been in the same compartment as buying patterns. We're putting these multi-level security capabilities in the PBS. It was initially for the security organizations of the US government, but there's a huge opportunity for this to get rolled out to the corporate world," said Nitzberg.
Working with partners such as Lockheed Martin and Red Hat, Altair looks to make MLS more affordable and attractive to enterprises, he said. A major element also involves educating organizations about the ongoing need to protect HPC systems and educate users, Nitzberg noted.
"The enterprises we talk to are obviously interested in security and protecting privacy and all the usual things that go along with that. I don't think they're aware of this crossover," he said. "That's one thing the HPC community needs to do: broaden awareness about national security-type tools that are becoming available that can help you with your security posture. I don't think we're feeling pull from these guys yet, because they don't know about it."
NSCI will help with these efforts, said Nitzberg. As they become aware of HPC capabilities, enterprises also will learn about security and privacy issues and options, he said. Startups may enter the market or existing privacy and security developers could create solutions for HPC systems.
It's not the first time
Just as hackers once virtually ignored Apple's Macintosh computers and operating system until consumers and enterprises began adopting systems in bulk, expanded use of supercomputers undoubtedly will heighten hackers' interest in these systems. And just as vendors responded with technologies and training to safeguard Apple's product lines, the HPC community no doubt will build on its existing solutions to meet an expanding market.