Is moving to virtualization and cloud computing making network security easier or harder? When some 2,100 top IT and security managers in 27 countries were asked, the response revealed a profound lack of consensus, showing how divided attitudes are within the enterprise.
The "2010 State of Enterprise Security Survey -- Global Data" report shows that about one-third believe virtualization and cloud computing make security "harder," while one-third said it was "more or less the same," and the remainder said it was "easier." The telephone survey was done by Applied Research last month on behalf of Symantec, and it covered 120 questions about technology use -- organizations remain overwhelmingly Microsoft Windows-based -- and cyber attacks on organizations.
[ InfoWorld's Roger Grimes explains how to stop data leaks in an enlightening 30-minute webcast, Data Loss Prevention, which covers the tools and techniques used by experienced security pros. ]
Contending with virtualization hangover
To explain such different perceptions about the security impact of virtualization and cloud computing, Matthew Steele, Symantec director of strategic technology, said the best way to understand these answers is to know that "if they had a real security background, they immediately got concerned. But if they care for IT operations, they were thinking about it from an IT optimization standpoint." And the middle-of-the-road responses -- it's all "more of less the same" -- tended to originate from those with budget responsibilities. "If the business is still moving, things are OK," Steele remarked.
Although endpoint virtualization is widely believed to trail server-based virtualization, 8 percent of the survey's respondents said they had implemented the former, 16 percent were in the course of implementing it, 9 percent were in a "trial stage," 26 percent had plans for it and 25 percent were in "early discussion," whereas 16 percent weren't considering it.
And on the question of whether endpoint virtualization makes it "easier or harder to do your job with regards to network security," the opinion was divided, with about a third each way thinking it's "easier," "harder" or about the same.
