Join us for the FREE Cyber Defense Forum | Live Online on October 9


Subscribe to SANS Newsletters

Join the SANS Community to receive the latest curated cyber security news, vulnerabilities and mitigations, training opportunities, and our webcast schedule.

Data Center Security Still Not Top Priority: SANS Survey Results Revealed

Organizations Still Rely on Legacy Systems;
Automation Is Key to Timely Remediation

  • Bethesda, MD
  • October 20, 2014

Data center security teams must secure their assets on legacy, cloud, and virtual systems, according to the SANS 2014 Data Center Security Survey. In it, 77% of respondent organizations are using hypervisors in their data center architectures, 27% still also include mainframe computers, and 14% still include Windows Server 2000.

"The survey highlights the large number of data center operations still relying on legacy technologies, including mainframe computers, AS/400, SCO, and Windows 2000," says senior SANS Analyst, Jake Williams, who authored the survey results paper that will be released during the associated webcast. "Organizations still using these technologies should recognize that, although they are not alone, they must take steps to manage their current needs and plan for changes in their systems."

Automation of detection and response capabilities is one step organizations can take to secure their systems, regardless of what technologies they use. Adds Williams, "The SANS Data Center Security Survey defines the need for automation, but simultaneously identifies that full automation is easier said than done."

Data center managers are focused on automating availability and load balance, with 92% reporting that they wholly or partially automated these systems. Only 65% have partially or fully automated compliance monitoring.

"Automation for uptime monitoring [availability and balance] appears relatively easy to accomplish, while automating compliance monitoring appears more difficult (based on the percentage of respondents who have done so)," continues Williams.

Full results will be shared during an October 29 webcast at 1 PM EDT, sponsored by IBM and McAfee/Intel Security, and hosted by SANS. Register to attend the complimentary webcast at

Those who register for the webcast will also receive access to the published results paper developed by SANS Analyst and data center security expert, Jake Williams.

Tweet this:
Data Center Risk - Learn how organizations are managing it. Free webcast 10/29, 1 pm ET #datacentersecurity

An Update on Securing and Defending the #DataCenter - Webcast on 10/29, 1 pm ET #datacentersecurity

10/29 - Get update on technologies in use & the frequency of #datacenter security incidents #infosec

SANS Media Contact

About SANS Institute

The SANS Institute was established in 1989 as a cooperative research and education organization. Today, SANS is the most trusted and, by far, the largest provider of cyber security training and certification to professionals in government and commercial institutions worldwide. Renowned SANS instructors teach more than 60 courses at In-Person and Live Online cyber security training events, and more than 50 courses are available anytime, anywhere with our OnDemand platform. GIAC, an affiliate of the SANS Institute, validates practitioner skills through more than 35 hands-on, technical certifications in cyber security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers a master’s degree, graduate certificates, and an undergraduate certificate in cyber security. SANS Security Awareness, a division of SANS, provides organizations with a complete and comprehensive security awareness solution, enabling them to easily and effectively manage their ‘human’ cybersecurity risk. SANS also delivers a wide variety of free resources to the InfoSec community including consensus projects, research reports, webcasts, podcasts, and newsletters; it also operates the Internet's early warning system – the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to support and educate the global information security community. (