Ponemon survey cloud security webcast

Ponemon Institute, LLC

Ponemon Institute

Cloud Security:Managing Firewall Risks

November 2011

Sponsored by Dome9 Security

Ponemon Institute, LLC 2

Security is the #1 concern of the cloud.


About the study682 respondents across 17 verticals. All were IT or IT security practitioners.

The study was commission by Dome9 Security, a cloud security management service provider. Dome9 provides a cloud firewall management service for automated and elastic security.

The study was performed by the Ponemon Institute. The Ponemon Institute is dedicated to independent research and education that advances responsible information and privacy management practices within business and government. It conducts high quality, empirical studies on critical issues affecting the management and security of sensitive information about people and organizations.


Key study findings

Most organizations’ cloud servers are

vulnerable

Most IT personnel don’t understand the risk

Securing access to and generating reports for cloud servers is a big

problem


How do you rate your cloud security management today?

Excellent

Good

Fair

Poor

No Comment

0% 5% 10% 15% 20% 25% 30%

9%

18%

27%

25%

21%

Column1


73% believe the cloud server firewall is the first place to stop attacks and

prevent exploits.


When asked: How vulnerable are

you from unsecured

ports/firewalls?

32%

35%

9%

24%

Very VulnerableVulnerableNot VulnerableUnsure

Only 9% said they were not vulnerable


How likely is this to happen?

Already hap-

pened

Very likely to happen

Likely to happen

Not likely to happen

Will never

happen

0%

10%

20%

30%

40%

50%

12%

43%

22%18%

5%

19%

42%

9% 14% 16%

Locked out of cloud serverPorts left open & exposed to hackers


Key study findings


vulnerable



problem


Cloud server firewall management

61% said they do not have a solution deployed… when asked, ‘why?’

o 62% said solutions are not scalableo 59% said solutions cost too mucho 57% said solutions are not availableo 49% said solutions are too complexo 43% said solutions are not dependable

said IT personnel within their organization have no knowledge (or are not knowledgeable) about the potential risk of open firewall ports in their cloud environment

54%


Responsibility for Cloud Security

Partner Most ResponsibleResponsible Within Your

Org

31%

36%

33%

Customer ProviderBoth

20%

41%

17%

5%15%

2%


Cloud infrastructure is automated…

its security must be too.


Importance of Automation in Cloud Firewall Management

Unsure

Less important in the cloud environment

Equally important in both on-premises and cloud environments

More important in the cloud environment because it is elastic

0% 10% 20% 30% 40%

20%

8%

32%

40%


Key study findings


vulnerable



problem


Managing access and generating reports on cloud

server access

Cannot manage access or generate reports efficiently

Manage access through the cloud provider’s tools, but cannot generate reports

Manage access and generate reports directly from each cloud server, manually

36%

29%

14%


How would you know If your

cloud was hacked because of an

open port

We wouldn't

know42%

The cloud provider would in-form us

39%

Our sys-tem

would provide a warning

19%


Summary of findings• Only 9% rate their cloud security as Excellent

• 42% said they would not know if their cloud was hacked due to an open firewall port.o 39% said they thought their cloud provider would tell them.

• 54% said IT has no knowledge of the risk posed by open ports on cloud servers.o 67% said they are vulnerable, today; o 24% said they don’t know if they were vulnerable.

• 79% have difficulty or cannot manage access to their cloud servers and generating reports.

D o m e 9 S e c u r i t y L t d. – http://www.dome9.com

About the Sponsor

Overview of Dome9

Dome9 lets you…

Close all administrative ports on your servers without losing access and control.

Open any port on-demand, any time, for anyone, and from anywhere.

Send secure access invitations to third parties.

Centralize firewall management for all your servers and clouds

Available for the enterprise and hosting providers, Dome9 provides dynamic security policy control for Clouds, Virtual Private Servers (VPS), dedicated servers, and Amazon’s EC2 Security Groups, across all major operating systems and service providers.

Dome9 is a cloud firewall security management service

Dome9 Central

Dome9 offers full control over the host OS firewall from a secured web service – accessible from anywhere.

Secure Your CloudTM

Visit Dome9.com to get a copy of the Ponemon Study on Managing Firewalls in the Cloud, and get a free, 14-day

trial of Dome9 Security.

D o m e 9 S e c u r i t y L t d. – http://www.dome9.com

Thanks for your time.


Demographic information

• 863 total respondents with 682 in final sample

• All respondents were bona fide credentials in IT or IT security o Median 10 years in IT and 4.5 years in current position

• All respondents are based in the U.S., but have employees based in:o 75% Canadao 68% Europeo 41% Middle Easto 58% Asia-Pacifico 43% Latin America

2%15%

22%

19%

38%

4%

Role in Organization

Vice PresidentDirectorManagerSupervisorTechnicianStaff

58%20%

4%8%

4% 3%3%

Reports toCIO

CISO

CSO

CRO

CFO

Compliance Officer

General Counsel

• Respondents spanned 17 industries:– 18% Financial Services– 12% Public Sector– 11% Health & Pharma– 8% Services– 8% Industrial– 7% Retail– 6% Hospitality

• Organizational size:– 5% had more than 100,000 employees– 35% had more than 5,001 employees– 25% had 1,001-5,000 employees– 35% had fewer than 1,000 employees


Cloud types and providers

Types of cloud environments the organization presently uses

Major cloud service providers theorganization presently uses

0%10%20%30%40%50%60%70%

31%

68%

50%

2%

0%

10%

20%

30%

40%

50% 47%45%49%

38%

30%28%24%

Ponemon survey cloud security webcast

Technology

Transcript of Ponemon survey cloud security webcast