Five reasons your network security policies aren't working

Andrew Lintell of Tufin explains the problem with many network security policies

This is a contributed piece by Andrew Lintell, regional VP of northern EMEA at Tufin

The deluge of high-profile data breaches over the last couple of years has prompted business leaders to spend a lot of time thinking about cyber security.

Nobody wants to be the victim of a cyberattack, so organisations in all industries have turned to the latest technologies to protect their confidential data and (hopefully) ensure that they don’t end up as front page news for all the wrong reasons.

But no amount of shiny new software will help if protocols aren’t appropriately managed to maintain security and ensure regulatory standards are met. That’s where network security policies come in, to serve as a set of rules or guidelines to protect the network from individuals with malicious intent, and essentially ensure the right people have the right access to the right information.

In today’s fast-paced world of security, network security policies are essential to ensuring that employees, no matter their seniority or position, are aware of the latest cyber threats and, perhaps more importantly, prevent any potential breaches before it’s too late.

However, there are several common pitfalls that businesses can fall foul of. Here are five of the most prominent that could be impacting your business’s cyber security efforts.

  1.  Lack of visibility

Arguably one of the biggest mistakes a company can make when configuring network security policies is to attempt to put policies in place without first gaining full visibility of the network.

Today’s enterprise networks are vast and complex, and organisations often struggle to gain full visibility. This hinders the ability to put strong policies in place. This is also the case when making necessary changes to those policies across the entire network. For example, if one policy is changed it might have the knock-on effect of reducing security somewhere else. By incorporating a centralised solution that looks across the whole technology architecture, staff can manage all corporate policies through a single console and see the potential implications of policy changes before they are made.

To put it another way, you can’t manage what you can’t measure – so start with visibility.

  1. Businesses are left in the dark

This one may sound obvious, but having network security policies in place is self-defeating if they inhibit the business they were intended to help protect in the first place.

Businesses are sensitive to the fact that they need to comply with measures to protect critical assets, but if that prevents them from using the applications essential to getting the job done, they will find ways around these policies.  The solution is to provide visibility into how application connectivity is maintained in coordination with underlying network security policies.  This approach ensures that the business and security teams are always in sync and aligned to the end goal.

From a management point of view, businesses need to have visibility into their application connections in order to understand the effect that could accompany any network policy changes and their impact.

  1. Slow on the update

Today’s cyberattacks are becoming more sophisticated than ever before and new variations of both known and unknown threats are being discovered at an alarming rate.

For example, 18 million new malware samples were discovered in Q3 2016 alone – equal to 200,000 per day – and ransomware attacks on businesses reportedly increased three-fold between January and September 2016.

This means organisations must keep their network policies up to date by carrying out regular patches and system analysis, which requires a centralised management system that looks across the whole IT environment.

Hackers are constantly on the lookout for vulnerabilities, meaning no company - irrespective of size or industry focus - can afford to leave holes unplugged.

  1. Loss of agility  

Striking the right balance between security and convenience is not an easy task, but key to ensuring policies are adhered to. Any procedures that significantly hinder an organisation’s agility or an employee’s ability to do his or her job will likely result in them being overlooked or ignored.

The other danger is that staff will find a workaround, which can potentially have serious security and compliance implications. This is when ‘shadow IT’ comes into play, where employees use  applications at work without the company’s knowledge or control - according to one poll, 78% of IT pros said their end users have set up unapproved cloud services – each of which can represent a potential unmanaged risk.

It is therefore essential that organisations have tools in place that allow them to easily adhere to and manage security policies. Anything that forces people to drastically change the way they work, or results in an organisation’s lack of agility, is counterproductive. Increased security interwoven with business agility is the ultimate goal.

  1. Lack of automation

As complexity in virtually all areas of network security and compliance has increased, automation has grown to become a central component. There are now simply too many change requests to increasingly diverse networks for security teams to keep track of manually, leading to human error and increasing the exposure of the business. The role of automation is now not only a possibility but an essential tool for keeping pace with this degree of change and complexity.

Finally, automation also has a key role to play in network security policy management and continuous compliance. Policy-driven automation ensures that an organisation is compliant with internal and industry guidelines at any given point in time.  However, it also means that the control plane can be adjusted at policy level and then implemented immediately across the network, further lifting the security level when required through adjustment, and delivered as a business-as-usual task. By connecting security to operations in this way, companies can vastly improve their resistance to constantly evolving threats. This is a critical point in making a tight security posture a reality all the time, rather than “better” for a moment in time.

IT personnel are often stretched to the limit. Network security operations can turn to policy-based automation to reduce complexity, increase visibility, and free up resources to focus on more complex tasks to improve operational efficiencies that directly impact the bottom line of the 21st century-ready business.