The landscape of cloud security is shifting. At Alert Logic, we publish an annual Cloud Security Report, and this year's trends are particularly relevant to IT professionals working to secure applications in the cloud.
For this report we examined the security threats faced by 2,200 users--organizations using both cloud-hosted and on-premise infrastructure for their environments. We set out to ascertain the likelihood of an attack happening, the persistence of those attacks and the level of security sophistication that was required to stop the attacks.
The big question on everyone's mind was, "Is the cloud as secure as dedicated, on-premise infrastructure?" Based on our findings, we do not believe that the cloud is inherently less secure than enterprise data center environments. Cloud providers give users built-in security controls and are transparent about the fact that the security of a customer's cloud is a partnership between the customer and provider.
Based on our analysis, here are five important trends in cloud security that we're noticing in 2014:
1. The Number of Attacks is Increasing
Expect the volume of attacks to continue growing, whether you're hosting your environment on-premise or in the cloud. From 2012 to 2013 vulnerability scanning attacks jumped from 27 percent to 44 percent for cloud-hosted environments, and from 28 percent to 40 percent for on-premise datacenters.
2. Cloud Environments and On-Premise Datacenters Face Some Increasingly Similar Threats
In the past, threats to cloud-hosted environments looked very different from those perpetrated against on-premise datacenters. This year's data paints a very different picture. We used to see more web application attacks in the cloud than in on-premise environments. Today, as traditional on-premise apps move to the cloud, the traditional on-premise attack types are following them there.
3. Differences Between Attack Types Persist
Our analysis shows that malware and botnet attacks continue to plague on-premise data center environments, with more than 50 percent of all customers reporting that they are affected. In contrast, these kinds of attacks only represent about 10 percent of attacks in cloud environments. We'll likely see these two numbers converge as more end-user apps and desktop virtualization infrastructure are deployed in the cloud.
4. Repeated Attacks Become the Norm
Our analysis found that when cloud and on-premise environments are attacked, they're rarely attacked just once. The wide availability of automated hacking tools is enabling hackers to launch repeated attacks, making 24x7 security monitoring all the more critical.
5. Antivirus Vendors Fail to Detect Many Attacks
For this report we deployed honeypots in public cloud infrastructures around the world in order to observe the types and frequencies of attacks. One of the most interesting findings in our Cloud Security Report was that 14 percent of the malware collected through our honeypot network remained undetected by 51 of the world's top antivirus vendors.
It's important for cloud consumers to recognize that they can't rely a single mechanism to identify threats. Defense in depth is critical. The "defense in depth" strategy that you use for your enterprise datacenter needs to also apply to your cloud infrastructure.
To learn more about cloud security best practices read the white paper, Cloud Security in an Agile World.
Read the entire Cloud Security Report at AlertLogic.com.