Data Centre Managers Have ‘False Sense Of Security’

Senior corporate executives are largely unaware of how secure their data centres are, according to a recent McAfee report.

Only 22 percent of data centre managers surveyed in a report felt senior management is aware of the company’s security preparedness, according to a data centre study from McAfee released on 3 October. There is a “serious disconnect” between what managers think about the security measures in place and what is actually implemented, the survey found.

Management in the dark

“It is astounding that almost two-thirds of our respondents say that their management is in the dark about their true security status,” said Dan Olds, principal analyst at Gabriel Consulting Group, who conducted the study on behalf of McAfee.

Management “needs to seek out the truth”, and data centre managers need to be “frank and honest” when discussing strengths and weaknesses of their security mechanisms, Olds said, noting that it is better to discuss potential issues before a security breach. The survey shows that management is “ripe to be blindsided” in the event of a security breach, according to Olds.

The results of the study are strikingly similar to the conclusions reached by PwC in its annual Global Information Security Survey, released mid-September. In the PwC report, 43 percent of those surveyed believe their organisations qualify as “leaders” in how they’d implemented security. In actuality, less than 5 percent of the organisations actually qualify as “leaders”.

Most of the executives in the study have a “false sense of security”, said Mark Lobel, a principal in the advisory services division of PwC.

Management often views data centre security as an expense item that doesn’t provide a financial return, said Gabriel Consulting’s Olds. “Security is only an issue to management where there is a problem – otherwise, it’s still a ‘why are we spending all this money’ question in budget meetings,” a respondent told Olds.

In the McAfee study, more than 40 percent of survey participants feel their organisation is not keeping up with the latest threats. Even more disconcerting, 40 percent said that their organisation’s day-to-day security does not meet the standards set by official policies that are in place. Nearly half of the information managers said they are “constantly” finding security holes within the data centre.

Organisations with centralised security did not fare better than others, the study found. Just centralising security responsibilities and authority isn’t enough, according to Olds. A “real effort” to implement strong “defense in depth” security to defend against inside and outside threats, but flexible enough to allow users to do their jobs is required, Olds said.

The report also found that organisations used as many as seven security vendors to secure the data centre. More vendors introduce complexity as the products all have different tools and consoles, but still need to be configured to work together. Olds said he expects enterprises to reduce the number of vendors they work with over time, as they invest in more integrated products that solve multiple problems.

There were other red flags in the report. Despite the fact that half of the respondents in the study believe that virtualisation and private cloud require unique security measures, most respondents reported using the same tools to secure both physical and virtual infrastructure. Approximately 70 percent of respondents were sceptical of public cloud security, the survey found.

The 2011 Data Centre Security Survey focused on security issues faced by 147 enterprise data managers.

Fahmida Y Rashid eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved.

Recent Posts

Apple, Google Mobile Ecosystems Should Be Investigated, CMA Told

CMA receives 'provisional recommendation' from independent inquiry that Apple,Google mobile ecosystem needs investigation

1 min ago

Australia Rejects Elon Musk Claim About Social Media Ban For Under-16s

Government minister flatly rejects Elon Musk's “unsurprising” allegation that Australian government seeks control of Internet…

3 hours ago

Northvolt Files For Bankruptcy Protection In US

Northvolt files for Chapter 11 bankruptcy protection in the United States, and CEO and co-founder…

5 hours ago

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

20 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

22 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

24 hours ago