More data and higher stakes are adding to the pressure to maintain bulletproof application security. With the hyper-connected nature of enterprise environments, single outages can wreak widespread havoc extending far beyond the IT department. End-user productivity takes a hit three times harder than IT productivity during an outage. Non-IT/security departments absorb more than half of DDoS attack-related costs with customer support bearing 63 percent of the burden.
At the same time, the volume of traffic has steadily increased, creating more exposure to attacks with qualified help in short supply. One in seven surveyed organizations experienced increased network traffic last year. As a result, 38 percent report delayed problem identification and one-quarter admit reduced visibility into their environments.
UDP traffic is used to support streaming and digital media as a lightweight and faster—but less secure and reliable—version of TCP. It lives on all networks as a small volume of very risky traffic. Nearly all malware logs were found in only five (out of 1,317) applications, more than half of which were custom/UDP traffic.
What Are the Threats?
According to the Open Web Application Security Project, the top culprits endangering application security are:
- Lack of patch management
- Default passwords for application access
- Unnecessarily enabled functionality
- Open remote management interfaces
- Unsafe configuration
- Unencrypted communication
- Access control and Separation of Duties (SoD)
- Unsecure trust relations
- Logging and monitoring
Mitigating Threats With Cloud
On-premises hosting has long been thought of as the safest place for critical applications. However, the 2014 Alert Logic State of Application Security report paints a different picture with cloud-hosted environments proving safer against these common application threats:
- Spring 2014 Alert Logic Cloud Security Report (industry research)
- Cloud Security in An Agile World (whitepaper)
- Security is a Partnership (whitepaper)
- Cloud Application Security (Google Hangout recording)
Need Help Meeting Application Security Goals?
Rackspace Managed Cloud can help you meet your application security goals faster and gain a competitive edge. Get instant access to the resources and expertise of a dedicated engineering team, backed by massive scale to architect, build and run secure, high-performing cloud environments for demanding applications.