Verizon Report: Cloud, Virtualization More Secure Than On-Prem
Late last week, Verizon issued its Verizon 2012 Data Breach Investigations Report, highlighting IT security issues. And while the telecom’s own summary of the report highlights the rise of hacktivism – 58 percent of data breaches in 2011 were attributable to hackers out to advance political or social agendas, the report says – there’s some good news for cloud believers like yours truly: Only around 26 percent of all data breaches involved externally hosted assets.
Verizon acknowledges in the report that there’s a problem in defining “the cloud,” but generally uses the term to mean any IT asset that’s hosted and managed by a third party. That’s as good a working description as any. But what’s really interesting here is the fact that those external data breaches, by and large, were the result of mismanaging controls such as access management- not any cloud-specific technology. In other words, cloud data breaches were largely due to improper maintenance of an access control list or an employee leaving a device somewhere they shouldn’t have.
“Do we see breaches that compromise assets in an environment that is not managed by the victim? Yes; absolutely. Do we see successful attacks against the hypervisor in the wild? No; not really. We’ve said it before, and we’ll say it again here: it’s really more about giving control of your assets and data (and not controlling the associated risk) than any technology specific to the cloud,” reads the report in small part.
Services Angle
First off, there’s a slight conflict of interest on Verizon’s part here: It owns infrastructure-as-a-service provider Terremark, so obviously this report wouldn’t talk trash about the cloud.
But I want to single out the report’s mention of attacks against the hypervisor, or lack thereof. Earlier in March, IBM highlighted how optimizing your data center by way of virtualized servers could make a facility far more efficient. But while correlation isn’t causation, this report suggests that it could be more secure as well.
And, as Wikibon analyst Bert Latamore pointed out in a recent study, “given the number of SMBs that go out of business each year after a fire in their office destroys the only up-to-date copy of their core business data, and the number of large enterprises that are years behind on installing security patches on their software, you should not just presume that your data is more secure at home.”
In other words, what this report really says is that it’s not the cloud that’s less secure, it’s that customers don’t know how to secure the cloud.
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
