Everything you ever wanted to know about security policy management, and much more.
Change is the one constant in network operations and security. Business applications are always in a near constant state of flux – regularly being updated or migrated – which in turn means constant additions and updates to security policies and firewall rules. As a result, security policies become bloated. The problem is made even worse as old or obsolete policies and rules are rarely deleted, even after a business application or server has been decommissioned. Yet, security policies that are not required for any business purpose can create open doors for unwanted guests – cyber criminals.
The end result is often a cluttered and unnecessarily extended network security policy, which weakens your security posture, impacts firewall performance and impedes regulatory audits and compliance. As I explained in a recent article for Information Age this is ‘Hotel California’ syndrome – policies and rules may checkout, but they never leave. No wonder, then, that uncoordinated policy management was identified by analyst Gartner as one of the most common network security ‘worst practices’ earlier in 20151.
Tackling this issue is a challenge for network operations, security, and application owners alike. The people who built the business applications, developed the security policies around them, and therefore know why these rules are in place, may no longer be with your company. Documentation and records may be sketchy at best, with manual, non-scalable processes including spreadsheets or simplistic databases being used to handle this increasingly complex task.
Simplifying the policy puzzle
So how can you start to clean up your existing security policies and rules, to get rid of those that are old and obsolete, and track those which are most critical and relevant to your business? Here are my suggestions for starting to clean up your ‘guest list’ of rulesets and policies, and evicting those that have outstayed their welcome.
By checking-out and evicting obsolete firewall rules and policies, you not only simplify ongoing security management, as well as auditing and compliance, you also greatly improve your security posture and resilience against cyberattacks. To take a deeper dive into this security ‘worst practice’ among others, read our whitepaper on Mitigating Gartner’s Network Security Worst Practices. With the right tools and processes, you can transform sprawling, messy ‘Hotel California’ rulesets into slick, 5 Star security policies that enable you to securely manage your business.
1 Gartner, “Avoid these “Dirty Dozen” Network Security Worst Practices,” January 2015
Receive notifications of new posts by email.