The Impact of Complex Firewalls
The majority of enterprises today are implementing or preparing to implement some sort of cloud technology. Private and public cloud platforms offer many benefits to enterprises such as increased agility and cost-effectiveness. Unfortunately, they can also increase risks by compromising network security and increasing attack vectors, thus exposing the business to cyber threats. Security experts are being required to implement proper processes and methods to ensure that these new platforms do not expose their business to cyber risks. As a result, the cloud security market is expected to grow steadily in the coming year.
Private and public cloud technologies present a variety of network security challenges:
- Managing security across multiple environments
- Troubleshooting business application breaks
- Visibility across the different technologies and vendors
- Consistent security policy without slowing down the business
- Business continuity and network connectivity of critical applications
- Transitioning between platforms
- Compliance with policies and regulatory standards
One of the related issues that we’ve heard from analysts such as Gartner’s Greg Young is that many organisations have taken the all too familiar “adopt first, secure later” approach to the cloud. The most common scenario finds IT organisations spinning up instances to suit emerging business requirements, then deducing after the fact that additional security controls are required.
The involved work is typically acquitted slowly and piecemeal, based largely on a lack of dedicated funding. A good deal of effort goes into migration of existing network security infrastructure, and more importantly network security policies, to support cloud services.
Longtime industry analyst Jon Oltsik of Enterprise Security Group published additional research supporting these conclusions based on a survey of 150 IT security professionals about “challenges associated with enforcing security policies in public and private clouds.”
According to ESG’s survey, 32% of respondents said their organisations use multiple public/private cloud offerings and find it “difficult to coordinate security operations consistently across all areas.” Additionally, Oltsik notes that 31% of respondents believe “cloud computing exacerbates communications and collaboration problems” between operations and other IT groups.
Other key findings identify issues applying existing security policies to the cloud, troubleshooting cloud security problems and managing security controls that span both physical and cloud-based infrastructure.
The fact is, when you add it all up, a set of complex security management issues related to the evolution of networking is rapidly formalising, and organisations are struggling to address them.
THE IMPACT OF COMPLEX FIREWALLS – Is firewall complexity expensive?
High profile data breaches in major US retailers are becoming more prevalent. While there are many defensive strategies, there are some simple steps that can help prevent similar attacks? Maintaining proper segmentation of critical business assets and having effective controls in place can make all the difference.
And that starts with getting firewalls under control.
Check out this recent infographic below which sheds some light on the impact of complex firewalls. Learn:
- The top three reasons why rule bases are out of control;
- What the impact is on staffing, compliance and security; and
- How automation is helping to solve these problems.