Ponemon Institute, LLC
Ponemon Institute
Cloud Security:Managing Firewall Risks
November 2011
Sponsored by Dome9 Security
Ponemon Institute, LLC 3
About the study682 respondents across 17 verticals. All were IT or IT security practitioners.
The study was commission by Dome9 Security, a cloud security management service provider. Dome9 provides a cloud firewall management service for automated and elastic security.
The study was performed by the Ponemon Institute. The Ponemon Institute is dedicated to independent research and education that advances responsible information and privacy management practices within business and government. It conducts high quality, empirical studies on critical issues affecting the management and security of sensitive information about people and organizations.
Ponemon Institute, LLC
Key study findings
Most organizations’ cloud servers are
vulnerable
Most IT personnel don’t understand the risk
Securing access to and generating reports for cloud servers is a big
problem
Ponemon Institute, LLC
How do you rate your cloud security management today?
Excellent
Good
Fair
Poor
No Comment
0% 5% 10% 15% 20% 25% 30%
9%
18%
27%
25%
21%
Column1
Ponemon Institute, LLC 6
73% believe the cloud server firewall is the first place to stop attacks and
prevent exploits.
Ponemon Institute, LLC
When asked: How vulnerable are
you from unsecured
ports/firewalls?
32%
35%
9%
24%
Very VulnerableVulnerableNot VulnerableUnsure
Only 9% said they were not vulnerable
Ponemon Institute, LLC
How likely is this to happen?
Already hap-
pened
Very likely to happen
Likely to happen
Not likely to happen
Will never
happen
0%
10%
20%
30%
40%
50%
12%
43%
22%18%
5%
19%
42%
9% 14% 16%
Locked out of cloud serverPorts left open & exposed to hackers
Ponemon Institute, LLC
Key study findings
Most organizations’ cloud servers are
vulnerable
Most IT personnel don’t understand the risk
Securing access to and generating reports for cloud servers is a big
problem
Ponemon Institute, LLC
Cloud server firewall management
61% said they do not have a solution deployed… when asked, ‘why?’
o 62% said solutions are not scalableo 59% said solutions cost too mucho 57% said solutions are not availableo 49% said solutions are too complexo 43% said solutions are not dependable
said IT personnel within their organization have no knowledge (or are not knowledgeable) about the potential risk of open firewall ports in their cloud environment
54%
Ponemon Institute, LLC
Responsibility for Cloud Security
Partner Most ResponsibleResponsible Within Your
Org
31%
36%
33%
Customer ProviderBoth
20%
41%
17%
5%15%
2%
Ponemon Institute, LLC
Importance of Automation in Cloud Firewall Management
Unsure
Less important in the cloud environment
Equally important in both on-premises and cloud environments
More important in the cloud environment because it is elastic
0% 10% 20% 30% 40%
20%
8%
32%
40%
Ponemon Institute, LLC
Key study findings
Most organizations’ cloud servers are
vulnerable
Most IT personnel don’t understand the risk
Securing access to and generating reports for cloud servers is a big
problem
Ponemon Institute, LLC
Managing access and generating reports on cloud
server access
Cannot manage access or generate reports efficiently
Manage access through the cloud provider’s tools, but cannot generate reports
Manage access and generate reports directly from each cloud server, manually
36%
29%
14%
Ponemon Institute, LLC
How would you know If your
cloud was hacked because of an
open port
We wouldn't
know42%
The cloud provider would in-form us
39%
Our sys-tem
would provide a warning
19%
Ponemon Institute, LLC
Summary of findings• Only 9% rate their cloud security as Excellent
• 42% said they would not know if their cloud was hacked due to an open firewall port.o 39% said they thought their cloud provider would tell them.
• 54% said IT has no knowledge of the risk posed by open ports on cloud servers.o 67% said they are vulnerable, today; o 24% said they don’t know if they were vulnerable.
• 79% have difficulty or cannot manage access to their cloud servers and generating reports.
Overview of Dome9
Dome9 lets you…
Close all administrative ports on your servers without losing access and control.
Open any port on-demand, any time, for anyone, and from anywhere.
Send secure access invitations to third parties.
Centralize firewall management for all your servers and clouds
Available for the enterprise and hosting providers, Dome9 provides dynamic security policy control for Clouds, Virtual Private Servers (VPS), dedicated servers, and Amazon’s EC2 Security Groups, across all major operating systems and service providers.
Dome9 is a cloud firewall security management service
Dome9 Central
Dome9 offers full control over the host OS firewall from a secured web service – accessible from anywhere.
Secure Your CloudTM
Visit Dome9.com to get a copy of the Ponemon Study on Managing Firewalls in the Cloud, and get a free, 14-day
trial of Dome9 Security.
Ponemon Institute, LLC
Demographic information
• 863 total respondents with 682 in final sample
• All respondents were bona fide credentials in IT or IT security o Median 10 years in IT and 4.5 years in current position
• All respondents are based in the U.S., but have employees based in:o 75% Canadao 68% Europeo 41% Middle Easto 58% Asia-Pacifico 43% Latin America
2%15%
22%
19%
38%
4%
Role in Organization
Vice PresidentDirectorManagerSupervisorTechnicianStaff
58%20%
4%8%
4% 3%3%
Reports toCIO
CISO
CSO
CRO
CFO
Compliance Officer
General Counsel
• Respondents spanned 17 industries:– 18% Financial Services– 12% Public Sector– 11% Health & Pharma– 8% Services– 8% Industrial– 7% Retail– 6% Hospitality
• Organizational size:– 5% had more than 100,000 employees– 35% had more than 5,001 employees– 25% had 1,001-5,000 employees– 35% had fewer than 1,000 employees
Top Related