Global survey of SafeNet: security concerns limit data center consolidation and migration to the cloud

Powerful security measures, such as encryption and key management, are requirements for companies to start with data center consolidation Only one in five companies encrypt data in virtualized environments Pernis, 12 February 2014 - Concerns about security mean that companies do not benefit from the potential benefits of data center consolidation and cloud services

Powerful security measures, such as encryption and key management, are requirements for companies to start with data center consolidation

Only one in five companies encrypt data in virtualized environments

Pernis, 12 February 2014 - Concerns about security mean that companies do not benefit from the potential benefits of data center consolidation and cloud services. This is shown by research by SafeNet, Inc., a worldwide leader in data protection. The survey was conducted among approximately six hundred security and IT managers. Almost three-quarters of IT professionals consider data center consolidation as 'important' (75 per cent in Europe, the Middle East and Africa (EMEA), 73 per cent in North America (NORAM), 63 per cent in Asia Pacific (APAC). more than half (51 percent) have no plans for consolidation (46 percent in EMEA, 49 percent in NORAM, 71 percent in APAC). Only a quarter have completed consolidation projects.

The results of the research show that the security challenges faced by companies - meeting the needs in terms of encryption and key management - limit consolidation efforts, such as moving workloads from physical devices to virtualized systems. 62 percent of respondents who consider data center consolidation as important indicate that their main concern is to lose control over encryption (68 percent in EMEA, 65 percent in NORAM, 59 percent in APAC). This indicates that strong encryption and secure management of keys are essential requirements for data center consolidation and migration to the cloud.

Only one-fifth (21 percent) of the respondents says they currently use encryption in their virtualized environments (23 percent in EMEA, 22 percent in NORAM, sixteen percent in APAC). Encryption and the management of cryptographic keys are already a technical challenge for IT professionals. In addition, these research results indicate that companies do not have the required staff to carry a consolidation project. Nearly sixty percent of respondents indicate that less than five people worldwide are involved in the management of encryption. In addition, almost a third (27.5 percent) say they have more than ten business applications that require encryption.

"Implementing new technologies - such as Big Data, mobility and cloud-based services - ensured that data center consolidation is at the top of the list of priorities for many companies. Yet it is clear that security concerns combined with a lack of resources limit the progress of such changes, "said Prakash Panjwani, Senior Vice President and General Manager of SafeNet. "Any change in infrastructure can be daunting for IT professionals. Now that data is stored in a hybrid IT landscape - such as on-premise, on mobile devices and in the cloud - security staff have to say goodbye to traditional approaches and look for new encryption technologies that support current, dynamic data center and service provider environments. "

Specifically with regard to the current security processes for the management of cryptographic keys, the research shows the following.

• Nearly three-quarters (74 percent) have at least some encryption in software (74 percent in EMEA, 76 percent in NORAM, 69 percent in APAC). That opens the door for attackers.
• Less than one in ten (8.3 percent) protects the keys only in hardware (eight percent in EMEA, seven percent in NORAM, fourteen percent in APAC).
• Just under one fifth (eighteen percent) does not know where his keys are stored (seventeen percent in EMEA, sixteen percent in NORAM, seventeen percent in APAC).
• Less than half of the respondents (45.6 percent) manage cryptographic keys centrally (41 percent in EMEA, 43 percent in NORAM, 45 percent in APAC). This sets the tone for inefficiency, double efforts, inconsistent policymaking and audit difficulties.

"Encrypted data is just as secure and available as the keys used to encrypt data. Companies must therefore be sure that they use the right key management strategies. By implementing encryption over multiple layers and a central key management strategy and using hardware for key management and storage, organizations accelerate their initiatives in the field of cloud, virtualization and consolidation. At the same time they keep control over their sensitive data, "Panjwani concludes.

More background:
• Unlock the Potential or Data Center Consolidation
• Data Center Encryption Research - Executive Summary
• White paper: Encryption, Key Management and Consolidation in Today's Data Center

About the research
SafeNet interviewed more than 580 people in over fifty countries worldwide. The respondents were security and IT managers in various industries, such as financial services, healthcare, technology, media, consumer goods and retail.

About the SafeNet data protection solutions
The SafeNet data protection solutions offer encryption over multiple layers with central key management and storage. SafeNet provides comprehensive encryption platforms that enable security professionals to protect sensitive data in data centers, virtualized data centers and private and public clouds.

SafeNet enables customers to encrypt sensitive data on each layer: storage, file, virtual instance, database and application. In addition, they manage central encryption security policies and encryption keys. In addition, SafeNet supports the use of tokens with retention of format for various data types. Thanks to this multi-layered approach, SafeNet enables organizations:

• separate the management of systems and applications from the data stored or processed within these infrastructure layers. Authorized users can therefore not see sensitive data;
• take advantage of cheaper, operational models while maintaining a security policy consistently;
• centralize encryption management in physical, virtual and public cloud environments and efficiently deliver detailed logs and compliance reports for internal and external auditors;
• use a key safe and secure cryptographic resources, both in data center and multitenant environments. In this way the company retains full ownership and control over its encryption service.

With these capabilities, organizations can use an in-depth defense strategy that ensures a high level of security of sensitive data regardless of where it is located - even if a hack of other controls has taken place.

About SafeNet, Inc.
SafeNet, Inc., founded in 1983, is one of the largest companies in the field of information security in the world. Leading organizations worldwide rely on SafeNet for the protection of their most sensitive data. The data center approach of the company focuses on the security of information throughout the entire life cycle: from the data center to the cloud. More than 25, 000 customers in commercial enterprises and government agencies rely on SafeNet to secure and access sensitive data, reduce risk, monitor compliance and protect virtual and cloud environments. Read more about SafeNet on Twitter, LinkedIn, Facebook, YouTube, and Google +.