Research Finds Most Cloud Servers Not Adequately Secured

(Ping! Zine Web Hosting Magazine) – Many IT professionals are not taking the necessary steps to effectively secure their cloud servers, according to a survey released today by CloudPassage, the leading cloud server security provider. The new research revealed nearly 20 percent of respondents do not secure their cloud servers, while 21.3 percent use a manual process prone to errors. Another 31.2 percent reported they rely on their cloud infrastructure provider to protect their servers.

“With more companies leveraging the public cloud, security is the make-or-break issue for widespread adoption,” said Carson Sweet, CEO of CloudPassage. “In the cloud, companies share responsibility for securing their servers with the providers. They can not afford to be exposed, but legacy security tools don’t work in the cloud and manual server security management can’t scale.”

Nearly 40 percent of companies that do not presently have servers hosted in the public cloud said they intend to have one or more within the next 12 months. However, security continues to be one of the largest barriers to public cloud adoption, and the types of concerns vary greatly. CloudPassage found the top security concern is the lack of perimeter defenses and/or network control, an issue that was cited by nearly half of respondents. The multi-tenancy of cloud infrastructure ranked second (39 percent), followed by provider access to guest servers (24 percent), achieving compliance with PCI or other standards (26 percent) and enterprise security tools that don’t work in the cloud (22 percent).

Although cloud security concerns are shared across the enterprise, the survey found IT managers are primarily (63 percent) responsible for raising these issues within their organization. Interestingly, Chief Security Officers and executive management tied for a distant second, with each named by 27 percent of survey participants.

Overwhelmingly, the research promised growth in the coming year for public cloud providers. In response to a question about how many of their servers are hosted with public cloud providers today compared to how many they expect to be hosted in the cloud one year from now, respondents across the board expected an increase.

“IT organizations are quickly learning that legacy enterprise security tools cannot be shoehorned to fit the dynamic nature of cloud hosting,” added Sweet. “We’re already seeing a big trend in companies opting for purpose-built cloud security solutions to ensure cloud server survivability in a variety of environments.”

CloudPassage conducted the state of cloud security survey in December 2011. The pool of 164 respondents is comprised of IT professionals working in the United States. The majority of respondents have between one and 500 Linux or Windows servers running in their data center, public or private cloud environments.

For more information, visit

About CloudPassage

CloudPassage is the leading cloud server security provider, and creator of Halo™, the industry’s first and only security and compliance platform, purpose-built for elastic cloud environments. Halo supports cloud server bursting, cloning, and migration and operates across public, private, and hybrid cloud environments.  Industry leading companies like Foursquare, StrongMail and ExoIS trust Halo to seamlessly manage their server security configuration, host-based firewalls, intrusion detection, and server account auditing from one system.  Headquartered in San Francisco, Calif., CloudPassage is backed by Benchmark Capital.  Gartner, Inc. named CloudPassage one of four “Cool Vendors in Cloud Security Services, 2011.”  For more information, please visit: