Many IT professionals fear they can't deal with a data breach

Nov 3, 2011 13:43 GMT  ·  By

A recent report made by Doom9 Security and Ponemon Institute shows that the IT staff of most companies considers their cloud severs as being vulnerable.

According to the study called “Cloud Security: Managing Firewall Risks,” it seems as the biggest fears lie in the lack of adequately secured cloud ports and firewalls, 67% of the respondents believing these to be crucial aspects in the protection of such systems.

“It’s common knowledge that security is the top inhibitor to wide-scale cloud adoption, but thanks to this study, for the first time we’re able to hone in on exactly why that is,” said Dave Meizlik, Dome9 VP of Marketing and Business Development.

Out of the 682 subjects more than half rated their security as being fair or poor, while 21% refused to answer. An exploit or a data breach that would involve an open port on the cloud server would probably not be identified by 42%.

Close to 80% claim that efficiently managing security in the cloud is just as important as the protection itself.

Other figures show that a high importance is placed on firewalls, more than 70% stating that this is where most attacks should be stopped, most of them admitting that automation is highly important to firewall policy management.

The numbers also show that 36% of respondents acknowledge their organization cannot manage access or efficiently generate reports, 29% being able to manage access only through the provider's tool.

“We believe this is the first study to look at the risk to cloud security because of unsecured ports and firewalls, and the results are very revealing,” revealed Dr. Larry Ponemon, founder and chairman of the Ponemon Institute.

“It is commonly accepted that organizations believe they struggle with security in the cloud, but this study gets to a root of the problem. For example, more than half of the respondents said it is very likely or likely that administrative cloud server ports left open for access expose the organization to increased hacker attacks and security exploits. Nineteen percent say these exploits have already happened.”