Survey: IT Pros Have Low Visibility Into Public Cloud Environments

Less than 20 percent of IT professionals say their companies can properly monitor their public cloud environments for security threats and application performance, and most – seven out of 10 – say it’s harder than monitoring company data centers and private cloud.

That’s according to Keysight Technologies’ “The State of Public Cloud Monitoring” research report, which was released this week. Insights from Keysight-owned Ixia’s Application and Threat Intelligence Research Center, a network protection center that monitors security events around the world, prompted the survey of 338 information technology professionals who deploy, develop or manage public cloud applications or infrastructure.

With more and more traffic in the public cloud – 84 percent of companies surveyed increased their public cloud workloads in 2018 -- the volume of threats traffic also is increasing, said Joel Conover, senior director of industry solutions marketing at the Santa Rosa, Calif.-based Keysight.

“There’s always a certain amount of threats that we’re seeing on the internet,” Conover said. “More of it seems to be interacting with the cloud as a result of increased traffic and workloads going to the cloud. We saw an increase in the number of types of exploits that were happening as a result of either cloud misconfiguration or software vulnerabilities in the customers’ cloud workloads.”

Visibility into cloud data and application traffic was cited as the No. 1 concern for 65 percent of IT professionals in the survey conducted by Dimensional Research, but less than 20 percent said they can properly monitor their public cloud environments.

And 87 percent of those surveyed said they fear their lack of public cloud visibility is hiding security threats.

“There’s a huge disparity between the number of people who feel they have the right level of visibility in their traditional infrastructure versus what they think they have over in the cloud,” Conover said.

Eighty-six percent of survey respondents said network packets are key for monitoring network and application performance, and 93 percent stated that packet-level visibility is required for security monitoring.

But while 82 percent of respondents believe they have complete and timely access to network packets to monitor their on-premise data centers -- and 55 percent said that held true for private cloud -- only 15 percent said they had that same network packet access to monitor their public cloud environments, and 19 percent reported that access for hybrid cloud environments.

“There’s a big confidence gap,” Conover said. “All of the security tools that network professionals depend on use packets. In the cloud, they don’t have access to the packets. The packets are all running through there, but the cloud providers don’t feel it’s necessary to provide that access, because they’re providing security at a higher (infrastructure) level.”

Cloud vendors sell services that secure the applications themselves, but that security isn’t sufficient to stop a determined hacker, Conover said.

“So visibility is the answer for what happens when something does get through,” he said. “We figured this out probably a decade ago in our private infrastructure on-premises. Technology-wise we caught up in the cloud, but deployment is lagging.”

IT professionals responsible for hybrid cloud environments are concerned about their inability to fully see and react to what’s happening in their networks, especially as business-critical applications migrate to a virtualized infrastructure, according to Recep Ozdag, general manager and vice president of product management for Ixia’s solutions group.

“This lack of visibility can result in poor application performance, customer data loss and undetected security threats, all of which can have serious consequences to an organizations’ overall business success,” Ozdag said in a statement.

Forty-eight percent of survey participants reported that a lack of both public cloud and private cloud visibility delays troubleshooting application performance issues, while 40 percent said it delays troubleshooting network performance issues.

Thirty-eight percent reported an application outage, 31 percent reported an inability to monitor workload performance, and 31 percent also reported a network outage. Seventeen percent of the IT professionals cited an inability to prevent a security attack or threat, while 5 percent said they had no issues related to a lack of visibility.

Only 45 percent of IT professionals believe their public cloud vendors provide sufficient monitoring, according to the survey results.

“There’s a growing awareness you’re not going to get everything you need from the cloud vendor,” Conover said. “When this transition (to the cloud) started, the cloud vendors would promise that between their ecosystem and their infrastructure that they provide that. I’m not saying they don’t, but it’s not a one-size fits all. It’s not something that you can bundle in with basic cloud services. People are waking up to the fact they need to do something about this.”

Almost all survey respondents -- 99 percent -- said they get direct business value form comprehensive cloud visibility.

Sixty- percent of those surveyed said having cloud visibility helps their monitoring solutions identify performance degradation, and 59 percent said it enables their threat prevention solutions to identify malicious traffic by source.

Fifty-seven percent of survey participants said cloud visibility allows their security monitoring solutions to detect “indicators of compromise,” while 56 percent said it allows them to monitor traffic at every link of their network.