Everything you ever wanted to know about security policy management, and much more.
Men Are from Mars, Women Are from Venus by John Gray was one of the best-selling nonfiction books of the 1990s. It asserts that men and women essentially come from different ‘planets’, and need to seek out greater understanding of each other’s wants, needs and ways of thinking in order to cooperate better in relationships. In addition to providing great advice for romantic partners, I think it can also offer some important lessons for the world of corporate IT.
One of the book’s key sentences is: ‘If I seek to fulfil my own needs at the expense of my partner, we are sure to experience unhappiness, resentment and conflict.’ This could easily refer to the relationship between the security team and the application delivery team – they are key business partners and they need to work together for the organization to run smoothly. Yet their relationship is all too often characterized by a lack of communication and cooperation. To solve this problem, we need to carefully examine what each side of the partnership wants from the other – and then, how to fulfil those needs.
So, what does security want from application delivery?
Broadly, there are three main things that security teams want from application delivery teams:
What does application delivery want from security?
On the other hand, there are three key things the application delivery team wants from the security team:
How are we doing now?
Unfortunately, as in any relationship, neither side always gets exactly what it wants. One of the security team’s most common complaints about the application delivery team’s requests combines lack of clarity with unrealistic expectations: ‘You don’t know what ports you need open and for which IPs, but you need it by yesterday?’
And things aren’t any better for the application delivery team. On their side, the most commonly heard complaints relate to repeated availability problems: ‘The new firewall policy is blocking my application – for the third time this week!’
Statistics to support these complaints range from Gartner’s discovery that 99% of firewall breaches are the result of misconfigurations, rather than flaws, to our own survey results, whereby we discovered that eight out of 10 organizations suffered an outage from a misconfigured firewall rule.
Aligning the stars
It’s vital that organizations work to bring security and application delivery closer together – but how can this be achieved?
Security policy management supports all these requirements, delivering a single version of the truth coupled with intelligent automation that is so crucial if security and application delivery are to work together effectively. There’s really no reason for the two teams not to live together in perfect harmony.
Take a look at the full infographic below:
Receive notifications of new posts by email.