A recent cloud computing security study conducted by the Poneman Institute and sponsored by Dome9 reveals that 67 percent of IT professionals claim their organization is left vulnerable to hackers due to lax cloud port and firewall security. Fifty-two percent of respondents rated their organization’s overall cloud server security management as fair (27 percent) or poor (25 percent).
In addition, 54 percent of respondents to the study said their IT staff had no knowledge about the potential risks of open firewall ports in their cloud environments. These significant statistics show a major lack of security concerns among IT personnel that ultimately affect clients’ data and applications in the cloud.
Even more alarming are the 42 percent of the respondents that fear they wouldn’t know if their data or applications on their cloud were actually compromised or if a data breach occurred, involving an open port on a cloud server.
The study “Cloud Security: Managing Firewall Risks” analyzed responses from IT and IT security professionals working in the U.S. that use hosted or cloud servers (dedicated or virtual private servers). And these aren’t novice IT personnel – on average, the respondents had more than 10 years of experience and almost half worked at organizations with 5,000 employees across the globe. The majority of the respondents reported that their organizations used both public and hybrid clouds.
Transparency is also a prevailing issue. The study reports that 36 percent of respondents claim their organizations cannot manage access or generate reports efficiently, while 29 percent say they manage access through the cloud provider’s tools but can’t see any access reports.
My response and advice to cloud users, as the Senior Systems Engineer at Online Tech:
Cloud security is and will always be a hot topic. Firewall rules and public cloud management ports are the major concern. If you are educated in what the cloud provider has in place, you can better determine their existing standards for security. Ask before you buy is the best thing you can do. With Online Tech, our dedication to transparency means every client can always see what open firewall ports they have through our client portal. The firewall rules are there for the client to both view and audit.
The client can request for firewall rules to be opened or closed after viewing them through our portal, meaning anything you need to block can be blocked. Port scans can be run from the outside to help you verify this as well. It is always a good idea to do port scans and secure your cloud servers as much as possible. Online Tech also has a built-in intrusion detection system to help identify and block attacks to your cloud server. You don’t want to be guessing here, and at Online Tech, we know this is important.
When it comes to management ports, it is all secured with SSL or VPNs. All staff access is segmented and protected via strict VPN and firewall rules. The least privilege and SSAE 16 standard processes that we have in place hold us accountable when it comes to staff access. Data traffic to SANs is on a private segment and can never be accessed from the outside.
If you have cloud security concerns, ask and you shall receive. This will help you make informed decisions and assess any potential risks.