Gabriel Consulting Unveils Key Findings of 2011 Data Center Security Survey
Distrust of Public Clouds Remains; Impact of Breaches Significant; Tips from the Trenches
BEAVERTON, Oregon – October 3, 2011 — Gabriel Consulting Group (GCG), an independent analyst firm, today released key findings of its 2011 Data Center Security Survey, a report focused on security issues and solutions among 147 enterprise data center managers responsible for data centers of all sizes.
When asked about the security implications of virtualization and cloud computing, respondents reported the following:
- A large majority are using the same tools to secure both physical and virtualized systems.
- Most respondents (close to 60%) think that private clouds can be kept secure.
- Public clouds are a concern; about 70% say that security issues prevent their utilization.
“It’s important to differentiate between public and private clouds when talking about IT security,” said Dan Olds, Principal Analyst at GCG. “The majority of our respondents don’t think they’ll have any problem securing their internal private clouds. But they’re highly skeptical of public clouds from a security perspective. They’re just not convinced that public clouds can provide the same level of security as they can in their own data centers.”
Customers were also asked about the security breaches they’ve experienced. The survey found:
- The majority of breaches were caused by outsiders.
- Breaches caused ‘moderate’ to ‘large’ amounts of lost productivity for 80% of data center staffs.
- About 40% reported that breach remediation efforts required 50% or more of their IT staffing and resources.
- Over 40% said that remediation efforts were completed in one week or less. But nearly as many said that their fixes took a month or longer.
“Security breaches hurt – that’s clear,” said Olds. “We found that the impact of a breach on a data center can be profound and long-lasting. Discovering, assessing, and remediating breaches sucks up a lot of data center resources over a significant period of time. Breaches also damage the reputation of the data center within the organization and the morale of the IT staff. We had respondents say that security problems were an ongoing source of stress and guilt for themselves and their co-workers.”
What did survey respondents believe would improve their data center security?
- More clearly defined security standards and policies: 44% of respondents said this would help.
- Integrate security deeply into new IT projects from the very beginning: 60% said that their organizations don’t do this adequately.
- Make security a higher priority: 70% said this would benefit their organizations.
“It’s clear that data center security isn’t perfect; a quick look at the headlines confirms this,” said Olds. “Most of the organizations have a centralized security department that sets policies and standards. This is an improvement over the days when each business unit had its own security apparatus, but it’s not as effective as it could be, according to our survey respondents. Almost two out of three say that their organization isn’t baking security into new projects, and almost three-quarters say that their organization needs to make security a higher priority. ”
GCG is also releasing findings from other sections of the 2011 Data Center Security Survey. More information and detailed results are available here. Connect with Dan Olds and GCG on Twitter, LinkedIn, and Facebook.
About Gabriel Consulting Group
Gabriel Consulting Group is a research, analysis, and consulting firm dedicated to helping clients achieve maximum return on their Information Technology investment.
Contact: Dan Olds