Last week, we posted some change control horror stories witnessed first-hand by AlgoSec guest blogger and infosecurity practitioner Matthew Pascucci in his 10+ years in the industry. While these horror stories are some worst case examples of what can go bad if you have a poor change management process (or if you disregard the process entirely), the point of these stories is that they were all preventable. Sound change management is something IT can control and it can serve two significant purposes: improving how the business can respond to changing requirements and preventing unnecessary misconfiguration risks.
In addition to automation, there are several “steps” that should be part of your change process that can make an effective and efficient firewall change management process a reality. Last week we posted a video highlighting AlgoSec FireFlow’s “Initial Planning” capability which improves operations by automatically identifying all devices impacted by a proposed change and also checking to make sure the needed firewall rules don’t already exist.
In this blog I’d like to briefly examine another important step to the change workflow that focuses on risk. Sometimes, changes are made without analyzing and fully thinking through the consequences. Which applications and connections may break because of the change? What new vulnerabilities will pop up in the security policy due to the change? The challenge is that performing this sort of assessment on every change is hard and can be time-consuming, hence why some have an unwritten policy of “if it ain’t broke, don’t fix it”. The trap here is that a hidden risk gives threats an easier opportunity to strike.
AlgoSec FireFlow can automate the step of analyzing each change for risk BEFORE it is implemented. This is an extremely important step in the change process because otherwise you do not have the necessary visibility to know if a change will create risk. And it’s better to understand the impact BEFORE you make the change and if necessary replan or reject the change.
Enjoy this two minute demo of the risk-check capability.
Receive notifications of new posts by email.