2013 Server Security: Malware, VMs & Compliance

Posted 11.6.13 by

According to the 2013 Bit9 Server Security Survey Report, 55 percent of IT and security professionals’ top server security concerns include targeted attacks and data breaches on their servers. Another 26 percent report they have been hit by advanced malware, up from 2011 when only 17 percent reported the same. When it comes to which kind of servers pose the highest risk, 52 percent said web servers, with file servers and email servers trailing behind at 12 and 11 percent, respectively.

Servers with Highest Risk by Type

Servers with Highest Risk by Type; Source: Bit9

When it came to server security solutions, 98 percent were running antivirus, and 48 percent were had file integrity monitoring deployed. Another security software that can help protect web servers, voted to be at highest risk, is a web application firewall. Sitting behind your virtual or dedicated firewall, a WAF can protect web servers and databases from malicious online attacks by scanning incoming traffic to web servers for any malicious attacks that may affect the web application server. A WAF uses dynamic profiling to learn what kind of traffic and users are normal, and what could potentially be malicious traffic.

Web Application Firewall

When it came to managing virtual servers, 59 percent of security professionals also viewed operational VM management, access control, and auditing as their top concerns. If outsourcing your virtual servers, a private cloud solution may give you the option of direct access to your own VM operations management console, ensuring you have complete control of your server environment.

Only 17 percent of respondents were concerned with meeting and maintaining compliance requirements, which may just be a reflection of the sample size and type of industries the respondents represented. While compliance is not security, many requirements under data regulatory standards do their part to ensure security on different levels. Encryption is a best practice among those that need to meet HIPAA, PCI DSS, SOX and other compliance standards.

Related Articles:
Avoiding a High Profile Breach with Preventative IT
The Adobe hack originally reported earlier this month turns out to have affected 38 million total users, including financial and personal account data. Adobe claims the 2.9 initially reported had their credit cardholder data compromised, while the additional millions had … Continue reading →

Demand for Cloud Security Increases as DDoS Attacks Increase 54% in Q2
Cloud-based security revenue is forecasted to reach $9.2 billion by 2017, at a CAGR (compound annual growth rate) of 10.8 percent. In addition, the managed security market is projected to grow 45 percent. According to FierceTelecom.com, the significant growth can … Continue reading →

2013 Cost of Data Breaches Increases by 78 Percent
According to the 2013 Cost of a Cybercrime Study conducted by the Ponemon Institute and Hewlett-Packard, the cost of cybercrime has increased 78 percent since the first study was conducted four years ago. The cost to enterprises to pay to … Continue reading →

2013 Bit9 Server Security Survey Report (PDF)

About Otava

Otava provides the secure, compliant hybrid cloud solutions demanded by service providers, channel partners and enterprise clients in compliance-sensitive industries. By actively aggregating best-of-breed cloud companies and investing in people, tools, and processes, Otava’s global footprint continues to expand. The company provides its customers in highly regulated disciplines with a clear path to transformation through its effective solutions and broad portfolio of hybrid cloud, data protection, disaster recovery, security and colocation services, all championed by an exceptional support team. Learn more at www.otava.com.

Get in touch with an Otava Rep today – just provide us with a bit of information below to get started and we’ll reach out to you shortly!