Most IT professionals need better visibility across their on-premise data centers and public clouds. That's according to a new survey conducted by AlgoSec.
The Boston-based network security policy management software provider's survey, titled "Security Policy Management in Hybrid Cloud Environments," detailed the security challenges that companies typically face when they deploy or plan to deploy their business applications on public infrastructure-as-a-service (IaaS) platforms.
Survey results included:
- 79 percent of respondents agreed or strongly agreed that they need better visibility across on-premise data centers and public clouds.
- 66 percent agreed or strongly agreed that it is difficult to extend the corporate network security policy to the public cloud.
- 33 percent said they use commercial network firewalls to protect access to their data in the cloud, 25 percent use provider controls such as Amazon Security Groups and 10 percent use host-based firewalls.
- One-third of companies that are planning to deploy business applications in the cloud within the next 12 to 24 months said they do not know which tools they will use to manage their network security policies in the cloud.
- Data security is the most complex function to migrate to the public cloud, followed by network security.
"Many companies are in the process of moving some of their business applications to a public IaaS platform to take advantage of the agility and cost savings that the cloud provides. But they also are not getting rid of their on-premise data centers anytime soon; therefore, they need a way to extend their existing security policy across both environments in order to ensure a continuous and consistent level of security," Nimmy Reichenberg, AlgoSec's vice president of marketing and strategy, told Talkin' Cloud. "For this, you need visibility -- you can't secure what you can't see."
The AlgoSec survey was conducted in August and included responses from 363 application owners, chief information officers (CIOs), data center architects and information security and network operations professionals worldwide.
How can companies bolster their network security in the cloud?
Reichenberg pointed out there are three basic methods to secure network access on public clouds:
- Commercial firewalls
- Cloud-provided controls
- Host-based firewalls
Every business is different, Reichenberg added, and IT professionals should learn about network security controls to find the best solution for their respective companies.
"There is no right answer when it comes to selecting network security controls for your IaaS platform, and our survey underscores the fact that the network security controls landscape in the cloud is highly fragmented," Reichenberg said. "Make sure you carefully evaluate the options and choose the security controls that best suit your business needs and will work with a security policy management platform that provides visibility across the entire hybrid environment."