Alert Logic State of Cloud Security Report Replaces FUD with Facts
Data driven analysis of threats from real customer environments dispels longstanding myths
HOUSTON – February 27, 2012 – Alert Logic (www.alertlogic.com), the leading provider of Security-as-a-Service solutions for the cloud, today released its first State of Cloud Security Report, a semi-annual quantitative analysis comparing real world security incidents observed in hosted and cloud environments with those observed in traditional on-premise environments. Counter to the conventional wisdom that infrastructure in service provider managed cloud environments is inherently less secure, the analysis found these environments tend to face a lower level of risk than on-premise environments.
The Alert Logic State of Cloud Security Report, Spring 2012 examined 12 months of security data collected from more than 1,500 customers yielding over 62,000 verified security incidents. The security incidents captured during the study period were automatically evaluated through Alert Logic’s expert system and reviewed by Alert Logic’s certified security analysts to ensure accurate detection.
The State of Cloud Security Report found the following:
- The notion that cloud and service provider managed environments are less secure than traditional on-premise deployments is not supported by the facts. Service provider environments are less likely to see threats, encounter a lower frequency of each type of threat and experience a smaller range of threats per impacted environment, compared to traditional in-house managed IT environments.
- Service providers appear to bring security benefits to their customers indirectly through their implementation of IT infrastructure management best practices in areas such as configuration and patch management, reducing misconfiguration security incidents by as much as 92 percent.
- Web application attacks are among the leading source of threats in both types of environments (experienced by 65 percent of service provider customers and 71 percent of on-premise environments). Other common attacks tend to be relatively unsophisticated attacks such as brute force and vulnerability scans.
- On-premise environments are attacked from many different directions. Out of seven categories of threats analyzed, on-premise customers experienced and average of 3.0 types of attacks, with a small percentage experiencing all seven types. Service provider customers averaged threats in 2.1 categories with none experiencing more than five types of attack.
“While security can never be taken for granted, decisions around where and how to deploy IT infrastructure should be based on fact not fear,” said Marty McGuffin, VP of Operations at Alert Logic. “Our research suggests that a well managed service provider can not only match the level of security found inside an enterprise’s four walls, but actually exceed it.”
A free download of the 2012 State of Cloud Security Report – Spring 2012 is available at www.alertlogic.com/csr.
Additional Resources Available: Blog @alertlogic on Twitter LinkedIn
About Alert Logic Alert Logic, the leader in security and compliance solutions for the cloud, provides Security-as-a-Service for on-premises, cloud, and hybrid infrastructures, delivering deep security insight and continuous protection for customers at a lower cost than traditional security solutions. Fully managed by a team of experts, the Alert Logic Security-as-a-Service solution provides network, system and web application protection immediately, wherever your IT infrastructure resides. Alert Logic partners with the leading cloud platforms and hosting providers to protect over 3,300 organizations worldwide. Built for cloud scale, the Alert Logic patented platform stores petabytes of data, analyses over 400 million events and identifies over 50,000 security incidents each month, which are managed by its 24×7 Security Operations Center. Alert Logic, founded in 2002, is headquartered in Houston, Texas, with offices in Seattle, Dallas, Cardiff, Belfast and London. For more information, please visit www.alertlogic.com.