Global Survey Reveals Security as Obstacle to Data Center Consolidation and Cloud Migration

By Peter Bernstein February 11, 2014

For several years, it has become almost an industry mantra that security concerns have inhibited the acceleration of data center consolidation and the move to the cloud. These “concerns,” are largely without warrant given that virtualized and cloud-based solutions are in many ways safer than traditional approaches to the risk management of digital assets. 

Baltimore, MD-based leading data security solutions provider SafeNet took a look at where security and IT executives are in implementing best practices to secure their digital assets, with a focus on the critical areas of encryption and key management.  The findings, released today, should give everyone pause. They confirm that while there is interest in data center consolidation, the lack of including proper security safeguards in virtualized and cloud environments planning is likely slowing down data center consolidation and cloud migration.

Encryption + key management = enhanced security

The above equation in the sub-head may seem simplistic but the facts are that in an increasingly risky world, the old saying that “It is better to be safe than sorry” has never been more appropriate. What this translates into for security professionals is that encryption has now become something rapidly shifting from luxury to necessity, and that being mindful of who has the keys and how they handle that responsibility is paramount.

 In lay terms, this is the equivalent of putting locks on the doors but making it easy for anyone to either have a key, have easy access to one (it is under the mat) or copy one.

SafeNet surveyed approximately 580 security and IT executives globally to get a snapshot of where things currently stand on these two important subjects.  The infographic below provides some fast facts from the study

The pullouts are obvious:

  • Only one-fifth of survey respondents are currently encrypting data in virtualized environments.
  • Three-quarters of respondents store encryption keys in software, essentially leaving the house keys under the mat.
  • 58.2 percent of participants indicated that globally they have less than five people involved with encryption management.
  • 74 percent of IT and security professionals are looking for solutions that support compliance and security. Of those, 59 percent are struggling with auditing their current data center estates.

“The adoption of new technologies—such as big data, mobility, and cloud-based services—has pushed data center consolidation to the top of the priority list for many businesses. Yet it is clear that security concerns combined with a lack of resources are hampering the progress of such transformations,” stated Prakash Panjwani, senior vice president and general manager, SafeNet.

“Any shift in infrastructure can be daunting for IT professionals, however with data now stored across a hybrid IT landscape—including on-premises, on mobile devices, and in the cloud—security teams need to move away from traditional approaches and adopt new encryption technologies that support today’s dynamic data center and service provider environments,” Mr. Panjwani continued.

Looking specifically at current security processes for managing cryptographic keys, the research was both illuminating and a call to action.  The survey revealed (with accompanying geographic breakdowns not included here) that:

  • 74 percent have at least some encryption keys in software— leaving the door open to attackers.
  • 8.3 percent secure keys solely in hardware.
  • 18 percent didn’t know where their keys were stored.
  • 45.6 percent manage cryptographic keys centrally—setting the stage for inefficiency, overlapping efforts, inconsistent policy enforcement, and difficulty in auditing.

Panjwani  amplified the observations about leaving the keys under the mat highlighting that the survey results reinforce the point that: “Encrypted data is only as secure and available as the keys used to encrypt it, so businesses need to ensure they are getting their key management strategies right. By deploying a multi-layer encryption and centralized key management strategy, and leveraging hardware for key management and storage, organizations can accelerate their cloud, virtualization, and consolidation initiatives while also retaining control over their sensitive data.”  

It is difficult to pinpoint what is most concerning about the survey results highlighted above; it may be a tie between the rather loose handling of keys when encryption is in use and the lack of skilled people to handle key management. But, as noted, this should serve as a call to action for security and IT executives to review and make changes to their current encryption and key management strategy. 




Edited by Cassandra Tucker
SHARE THIS ARTICLE
Related Articles

Microsoft Research Project Allows for Inexpensive 3D Scanning from a Smartphone

By: Christopher Mohr    8/27/2015

It is now possible to perform 3D scanning from a smartphone, without additional hardware or an Internet connection, thanks to a new Microsoft Research…

Read More

Amazon's Scaled Back Consumer Device Efforts, Dash Button, and More

By: Paula Bernier    8/27/2015

Word is that Amazon is scaling way back on its consumer devices efforts, having let go of dozens of Lab126 engineers who worked on its Fire phone, acc…

Read More

The 4K War is Brewing, but Don't Expect a Crowned Winner

By: Special Guest    8/27/2015

The hype around 4K Ultra HD video is growing and we're seeing it gain traction in real ways. From the NFL Network and CBS using 4K cameras to capture …

Read More

Wallet Wars Part 2: Thanks to EMV, the Force is with Mobile Wallets

By: Special Guest    8/26/2015

In December 2015, when "Star Wars: The Force Awakens" hits movie theatres across the U.S., a very different type of force will 'awaken' the mobile wal…

Read More

Major Automakers Forge Alliance to Combat Cyberattackers

By: Joe Rizzo    8/25/2015

If you take a few minutes to think about what hackers go after, you'll realize that it is anything that has an Internet connection. Thanks to the Inte…

Read More