Serious disconnect between security perceptions and reality

There’s a serious disconnect between security perceptions and reality among IT Enterprise security managers, according to McAfee.

The 2011 Data Center Security Survey focused on security issues and solutions among 147 enterprise data center mangers responsible for data centers of all sizes. The majority of respondents (60 percent) reported that management believes security is stronger than it actually is, while only 22 percent reported that management is aware of their company’s true security preparedness.

“It’s astounding that almost two-thirds of our respondents say that their management is in the dark about their true security status,” said Dan Olds, principal analyst at Gabriel Consulting Group. “This is something that should cause a lot of thought both in the executive suite and in the data center. Management needs to seek out the truth when it comes to IT security, and data center management needs to be frank and honest when discussing the strengths and weaknesses of their security mechanisms. Obviously, it’s far better to discuss potential security issues before they’re exposed by a breach.”

The report also found that although nearly half of the respondents feel that virtualization and private clouds pose a unique security challenge, the majority of respondents are using the same tools to secure both physical and virtualized systems.

Both private and public cloud computing architectures rely on the virtualized data center to deliver increased business agility and scale. As organizations continue to adopt virtualization and cloud computing, security technology is often replicated from physical resources, which results in various obstacles, such as inconsistent network policies and security loopholes.

Other key findings from the GCG report include:

• Nearly half of the respondents reported that they are constantly finding new security holes
• More than 40 percent of respondents feel that their organization’s security pace isn’t keeping up with threats
• Approximately 70 percent of respondents are skeptical of public cloud security
• Forty percent of respondents report that day-to-day security does not conform to the standards required by their official polices.

“The move to virtualized data center requires organizations to consider their approach to security early in the design cycle,” said Greg Brown, vice president of Network Security at McAfee. “Using network and system security solutions that are optimized for virtualized environments ensures continuity of data center operations, without interfering with performance. McAfee’s solutions provide seamless security management across conventional and virtualized data center resources.”