Managing changes in firewall rules is a necessary evil for security professionals. Many, however, don’t believe they have the time or resources to undertake the complicated and time-consuming steps necessary to make sure their corporate firewalls are up-to-date and secure. In reality, security professionals sometimes resort to cheating, shortcutting, or the old bubble-gum and duct-tape approach -- wasting both time and money in the long run for a few dollars and minutes saved now. Most audit cheaters cited lack of time, many also said that they felt the audit’s requirements were irrelevant to the business or they feared that the network security team would seem incompetent. And while the overworked network security staff struggles to keep up, attackers are poised to find a way in through any cracks. A recent survey of network security professionals conducted by Tufin Technologies shows just how big those cracks are, and the areas where security professionals are struggling.
of
Only 7% of network security pros take the time to automate their firewall audit processes.
Approximately 40% of security professionals spend a month or more on firewall audits annually.
85% of security professionals say that at least half of their firewall rule changes are poorly designed and must be modified.
67% of security pros feel that poor change management processes greatly increase the chance of a breach.
86% plan on rolling out next-generation firewalls over the next year.
23% of security professionals have never audited their firewalls.
Worse yet, 22% of security pros have falsified their audits or outright cheated, claiming they didn't have enough time to do them.
11% of security professionals don’t have a clue how much time it would take to audit their firewalls.
Just under 85% of security pros don’t know when firewall rules need to be decommissioned or recertified. 43% of that group manages the process manually.
47% of security pros attempt to find redundant rules manually. 20% don’t check at all.
Why security pros cheat on audits:Lack of timeFeeling the audit's requirements are irrelevant to the businessFear the network security team would seem incompetent
More than 25% of professionals said that it usually takes hours to days to design a firewall rule change.
85% of need to fix poorly designed firewall configurations.
66% are afraid that their change management process might expose their company to a breach.
56% of those who worry about a change-management-related breach are concerned about their lack of formal processes to handle firewall rule changes.
Intel Technology Provider Program
Intel Technology Provider Program (ITP) helps resellers better understand Intel products which power the technology they sell, and enables value-add services such as remote manageability or anti-theft tracking. Learn More
WindowsForDevices.com
WindowsForDevices.com is the comprehensive news site covering Windows embedded technologies. Visitors get news, technical white papers, opinion columns and extensive directories covering the products and companies in the marketplace. Click Here
10 Key Ingredients That Have Made Apple So Successful
10 Reasons RIM`s New CEO Won`t Fix the Company
Eight IT Jobs Skills That Win Six-Figure Salaries
Social Media Best Practices to Land that Dream Job
Channel Executives On The Move: 2012
Why SOPA Is Such A Big Issue
See All Slideshows
