A fifth of IT staff have cheated on a security audit to get it passed.
A survey by Security Lifecycle Management company Tufin Technologies discovered that 63% of companies check and audit their firewalls from anything between three months to a year, with 9% never bothering to check their firewalls at all. Fifty-one per cent admitted that their firewall rules are "a mess."
The survey also found that 22% of firewall audits take anything from a few weeks to a few months, with 70% saying that their audits take a few days. However, from a security perspective with audits not being undertaken frequently and with many taking time to conduct, it can mean that many companies have firewalls that, at best, are running under par and, at worst, contain shadowed or obsolete rules that introduce unnecessary risk to the organisation.
The survey interviewed 151 IT security professionals, many of whom were from multinational organisations and government departments employing 1,000 to 5,000+ employees as part of the annual "Reality Bytes" security survey.
The results come at a time when businesses are more vulnerable to serious data security breaches due to the recession.