Some 40 percent of businesses surveyed in a recent research report about data driven security tools said they have done almost nothing to establish baseline standards for network security policy within their operations.
The report, "Data Driven Security Tools: The Value of Security Policy Orchestration and Automation to Improve Change Management and SecOps," from research firm Enterprise Management Associates (EMA), found that 50 percent of the organizations which participated in the survey are still using manual firewall policy inspection to determine if their firewalls are configured correctly. Only 29 percent of the respondents said they had established consistent firewall security policy baselines and standardized policies, according to the report. Another 40 percent said they had done almost nothing to establish policy standards.
The study, which included responses from 202 randomly-selected companies in North America, asked security and network administrators for their views on a range of security policies, tools and procedures within their operations. About 100 of the responding companies use Network Security Policy Management (NSPM) tools, while the remaining 102 respondents do not use such tools. The 21-page report, which was sponsored by security management vendor, FireMon, compared and analyzed the security change management procedures between the two groups. The respondents worked at companies with more than 1,000 employees.
David Monahan, the author of the EMA report, told ITPro Today that he was surprised by these figures but said they made sense because such "security facades" are a common problem.
"Organizations have a mental image that they are doing well but the numbers don't add up," he said. "Ninety-eight percent of the organizations doing manual inspection think they have moderate to high visibility in how applications communicate within their infrastructure. Ninety-seven percent said they have high to moderate visibility into how requested changes may negatively impact running applications."
But at the same time, some 58 percent of the organizations using manual policy inspection said their "inability to maintain standardized policies was a significant to very significant factor in security or operations incidents, including accidental blocking of applications," said Monahan. Another 34 percent said that security device misconfigurations were the primary cause of outages, he said.
Another problem area for the respondents involved cloud migration of business applications, according to Monahan.
"Seventy-one percent of participants said they currently have or had a project in the last 12 months to migrate a business-critical application into the cloud," yet 49 percent said their "migration was negatively affected by their lack of understanding about how the application communication flows operated," said Monahan. "Of the organizations that were negatively affected, only 14 percent were using a third-party tool like NSPM," which can reduce staff workloads and improve system security.
By incorporating such tools, organizations can automate and streamline essential a network security policy and systems to allow routine work to be done behind the scenes, the study reports.
"Advantages included more consistent security policies, which led to fewer attack surfaces, shorter change approval and implementation processes, fewer change-related outages, more successful business continuity and disaster recovery testing, and more," according to the report.