Everything you ever wanted to know about security policy management, and much more.
As its Halloween I thought I would share an e-commerce horror story—where one bad decision was able to bring a large organization to its knees— and provide some of my insights on how this could have been avoided.
I had the invaluable opportunity to work on a project for an e-commerce service provider – a company that handles most of the transactions of its type across the U.S. One day, some members of the firewall team made a few untested and out-of-band changes to their core security policy. Suddenly network communication between the e-commerce application and the Internet was blocked, and the entire revenue-generating portion of the business was offline for a few hours. Ouch!
So, how and why did this happen? Looking back I believe there were seven underlying business process reasons that led to the outage:
In reality, it didn’t take mere minutes for this outage to occur. It was an accumulation of bad choices across the enterprise over the months, and likely years, leading up to the actual outage.
So make sure that you and the people on your team see the bigger picture, consider the long-term impact of your choices, have reasonable processes in place, and most importantly – think before you act.
Happy Halloween!
Receive notifications of new posts by email.