Better visibility and automated management of business application connectivity enables a more agile business and enhances security, says security policy management firm AlgoSec.
“Security is always walking a fine line between enabling the business and acting as a brake on agility and productivity,” said Paul Clark, UK managing director of AlgoSec.
A recent global survey of 240 IT and security staff revealed they are struggling with managing their critical business applications effectively because of the complexity involved.
More than half of respondents said they had more than 100 critical business applications in their datacentre.
“This means a heavy workload of application connectivity change requests for IT teams, to enable those applications to keep up with the evolving needs of the business,” said Clark.
Some 45% of respondents said they have to manage more than 11 requests every week, and 21% have more than 20 changes a week.
Of those, most said each request takes more than eight hours to process, while nearly a third said that each change takes more than one business day.
The survey showed that the typical time needed to deploy a new datacentre application was more than five weeks, and in some cases more than 11 weeks.
More on risk assessment
- Risk assessment for APTs
- FTSE 350 firms complete cyber risk assessment
- Cyber security: Global risk management moves beyond regulations
- How to assess risk: Business risk assessment and management for CIOs
- Outsourcing: The soft underbelly of cyber risks
- Missing pieces: CV risk calculator needs more risk factors
“The reason why these business-driven changes take so long is that the network and security requirements for just a single application may need multiple policy enforcement points and firewall rules, which in turn may be linked to several other applications,” said Clark.
This complexity, he said, means that a small connectivity change in a given application can create a ripple effect, and introduce potential vulnerabilities, or risk causing an outage.
A survey earlier in 2013 found that application-related firewall rule changes caused outages, breaches or cut network performance for 80% of respondents.
“The problem is that the complexity in applications and networks cannot easily be taken out of the equation because of the connectedness of systems, and the resulting interdependencies,” said Clark.
Therefore, he said it was no surprise that the latest survey shows that most of organisations want to be able to prioritise network vulnerabilities by business application, not by network segment or device.
According to Clark, this enables organisations to better understand and manage the real business impact and potential risks arising from any changes that are made.
The challenge, he said, is for security professionals to get the application-driven visibility they need to reduce the impact of change management while making the business more agile and secure.
Clark said one of the key reasons why managing business application changes is such a drain on IT resources is that in many cases, the IT teams have to manually discover the devices and rules affected by a potential change, and then try to understand any potential change in risk or compliance levels.
“This is time-consuming, tedious and error-prone, but automating these processes can significantly boost accuracy, reduce risk and significantly reduce the time to process changes,” he said.
Before making any changes to a payroll application, such as enabling remote access from a new branch office, Clark said it is essential to understand everything that the application needs to communicate.
He said it is also important to understand which firewalls and rule-sets are used in controlling access to the application, and how these are affected by the planned change.
“The right security management solution should help to visualise the application’s workflow, including things like its connections and the devices it relies on to help IT and application teams track down potential traffic or connectivity issues, highlight areas of risk, and the current status of compliance with policies across the organisation’s firewalls and routers,” said Clark.
“It should also automatically pinpoint the devices that may need changes, which rules need to be added or modified, and indicate how to make those changes in the most efficient and secure way,” he said.
According to Clark, a dashboard view of application workflow and its security needs can help reduce human error and minimise the possible introduction of risks and outages.
“The ability to better manage change through automation can significantly reduce the business impact of security management, making security an enabler, rather than an inhibitor,” he said.