In our final post on the security policy management maturity model (if you’ve missed the others in our series, please check out Part 1- Initial, Part 2- Emerging and Part 3- Advanced), we look at the best-in-class or “Visionary” organization. An organization at this level takes a different approach to looking at its security infrastructure. Instead of looking at devices from strictly a firewall/security perspective, visionary organizations are making decisions from the perspective of critical business applications in the data center. All key stakeholders across security, network operations and application teams have visibility of the business requirements and the security implications and are aligned through streamlined and automated business processes. Characteristics of an organization taking an application-centric approach include:
- Faster security provisioning of data center applications: Organizations at this level can quickly and securely provision connectivity for business applications to ensure maximum service delivery and availability. By automatically translating application connectivity requirements into the necessary firewall rules, triggering the appropriate change requests and embedding rich analysis capabilities, organizations can simplify and accelerate policy changes and enable security to keep up with the “speed of business”.
- Full understanding of application connectivity needs: “Visionary” organizations have a dynamic alternative to documenting and maintaining application connectivity requirements in spreadsheets. Linking the application connectivity needs to the security policy, the associated rules and the impacted devices is a key component of an application-centric approach to managing the security policy.
- Application, security and operations teams are aligned:“Visionary” organizations have implemented an application-centric approach to security policy management that accommodates each constituency and provides the means for them to “speak the same language”.
- Secure decommissioning of applications, removing rules no longer in use: With an application-centric approach, organizations can accurately identify and remove access rules for decommissioned applications, without impacting the accessibility of other applications. This improves security without impacting availability and performance.
- Elimination of application outages due to firewall misconfigurations: As new applications are added – or the connectivity requirements for existing ones are modified – “Visionary” organizations can calculate the underlying firewall rules/changes that are needed and initiate the corresponding change process. Since application outages are often a result of poor firewall rule changes, being able to identify the impact to an organization’s applications of proposed changes to the network, such as server migrations or new routing and segmentation schemes is significant.
- The business can “own the risk”: Organizations at this level can integrate with existing vulnerability scanners and map vulnerabilities with their related data center applications, including their servers and complex connectivity requirements. Aggregating vulnerability information into an application-centric view enables all risks associated with a line of business to be displayed and prioritized accordingly. Now the business can be accountable and “own the risk”.
The impact that IT and security can have on the business is undeniable. Ensuring that all key stakeholders are involved as appropriate in key decisions can improve performance and availability of business-critical applications, close security gaps, and dramatically increase responsiveness to changing business requirements. The end game is a more secure, more agile business, with a real security policy management ROI attached. For more information on the security policy management maturity model, watch our on-demand webcast or download the whitepaper.
Subscribe to Blog
Receive notifications of new posts by email.