Softening the business impact of security management
By Paul Clark, AlgoSec.
Security is always walking a fine line between enabling the business, and acting as a brake on agility and productivity. Unfortunately for many organizations, it seems that their security infrastructure has stepped over the line and is holding them back. When we surveyed 240 infosecurity, network operations and application professionals in autumn 2013, we found they were struggling with managing their critical business applications effectively, because of the sheer complexity involved.
Over half of the survey respondents reported that they had over 100 critical business applications in their data center /centre. This means a heavy workload of application connectivity change requests for IT teams, to enable those applications to keep up with the evolving needs of the business. 45 percent of respondents said they have to manage over 11 requests every week, and 21 percent have more than 20 changes per week.
A majority of respondents (59 percent) said each request takes more than 8 hours to process, with nearly a third saying that each change takes more than one business day. And the typical time needed to deploy a new data center application was over 5 weeks, and in some cases more than 11 weeks.
The reason why these business-driven changes take so long is that the network and security requirements for just a single application may need multiple policy enforcement points and firewall rules, which in turn may be linked to several other applications. This complexity means that a small connectivity change in a given application can create a ripple effect, and introduce potential vulnerabilities, or risk causing an outage. In fact, earlier in 2013 we found that application-related firewall rule changes caused outages, breaches or cut network performance for 80 percent of respondents.
Cutting complexity, understanding risk
So how do security professionals and business personnel get the application-driven visibility they need and want, to help reduce the impact of change management on their workload, while keeping the business both more agile and more secure?
One of the key reasons why managing business application changes is such a drain on IT resources is that in many cases, the IT teams have to manually discover the devices and rules affected by a potential change, and then understand any potential change in risk or compliance levels. This is time-consuming, tedious and error-prone.
Automating these processes can significantly boost accuracy, reduce risk and significantly reduce the time to process changes, helping organisations to respond faster to business issues. Let’s look at how this can be achieved, using an example of a typical business application in a data center.
Automatic for the business
The right security management solution should help to visualise the application’s ‘workflow’ (i.e. its connections, the devices it relies upon and touches, and so on) and help IT and application teams track down potential traffic or connectivity issues, highlight areas of risk, and the current status of compliance with policies across the organization’s firewalls and routers. It should also automatically pinpoint the exact devices that may need changes, which rules need to be added or modified, and indicate how to make those changes in the most efficient and secure way. Having a dashboard view of application workflow, its security needs and so on, helps reduce human error and minimises the possible introduction of risks and outages.
This makes handling applications changes easier, faster and more predictable for IT teams, reducing the drain on IT resource and accelerating the flow of business, while ensuring that changes don’t introduce new vulnerabilities. The ability to better manage change through automation can significantly reduce the business impact of security management – making security an enabler, rather than an anchor.
•Date: 6th December 2013 • World •Type: Article • Topic: ISM