Majority of survey respondents don't think current security tools and practices will cut it in the cloud
IT professionals are harboring some serious doubts about the security of virtualized environments, according to a study published yesterday.
The survey (PDF), conducted by security vendor Prism Microsystems, indicates that IT pros don't see virtualized environments as being inherently less secure than their traditional counterparts, but they are not confident in their current ability to monitor and manage the security of the cloud.
In the survey, 85 percent of respondents said they have virtualized at least some of their servers. Yet only 28 percent of respondents expressed confidence that their virtual environment is as secure as the rest of their IT architecture.
Nearly half (46 percent) of respondents disagreed with the statement that current security tools are sufficient to provide visibility into the virtualized environment, and almost 25 percent were unsure. When asked if threats to the virtualized environment could be mitigated using current best practices, the majority of respondents responded negatively or were unsure.
The biggest fear among the respondents (58 percent) is that the hypervisor will create a single point of entry into multiple machines. Respondents are also concerned that virtualization will create a new layer that could be attacked (56 percent), and that the sprawl of virtual machines will reduce security visibility (54 percent).
And so far, not many have gained that visibility, the study says. At the hypervisor layer, only 29 percent said they are collecting logs, 17 percent are reporting on activities and controls, 23 percent are monitoring user activity, and 18 percent are tracking access to critical data and assets.
More than half of respondents (51 percent) cited budget issues as the primary inhibitor to securing virtual environments.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.
About the Author(s)
You May Also Like
Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them
April 4, 2024Cybersecurity Strategies for Small and Med Sized Businesses
April 11, 2024Defending Against Today's Threat Landscape with MDR
April 18, 2024Securing Code in the Age of AI
April 24, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024Black Hat Asia - April 16-19 - Learn More
April 16, 2024