Preventing Security Misconfigurations: Change Management and Compliance

Preventing Security Misconfigurations: Change Management and Compliance

It’s an enormous and unending daily challenge to make sure changes to firewall policies are not just executed quickly and efficiently, but that they don’t decrease the security of your network. If not executed perfectly, changes – such as those made for an internal client requesting access – can lead to slowdowns, outages, or even open up the potential for hackers to exploit these mistakes in the form of breaches.

It’s already an arduous task to manage changes and additions to things such as firewall rules, network and service objects, users and even keeping up on basic configuration settings – plus honestly, right now, how do you keep up with the latest compliance standards that your network security team just rolled out, when you know that all rules don’t even have the right comments in them? Or worse, these changes you’re about to put in could allow a hacker to exploit a new vulnerability that just appeared this week. There’s just too much to try to manage in your team’s head.

Even with a well-established change management policy, this is such a sure recipe for mistakes that their occurrence is not just understandable, it’s virtually inevitable.

Unfortunately, mistakes put your network and your assets at risk. Through the next several years, Gartner says that misconfiguration errors will be responsible for 99 per cent of all firewall security breaches.

In short, these inevitable misconfigurations and rule errors can have serious consequences for your business. That leads to an important question: Does your network security software help you identify rule or configuration changes that do not meet your compliance standards, and thereby allow you to remediate them promptly, before they can cause harm?

For example, does your network security policy management solution allow you to quickly and easily:

  • Create search queries to identify existing rules (or network or service objects) that are affected by a pending policy or configuration change – and export the resulting list to share with team members for remediation?
  • Convert the search terms into a control for use in ongoing security assessments in multiple categories (allowed services, device properties and status, service risk analysis and more), allow you to apply the assessment or control to specific elements or devices within your network, and even write remediation instructions in the event of a failure?
  • Ensure that any failed controls are automatically flagged in customised reporting – in real time – with device and other relevant details, prioritised by severity?
  • Visually review compliance across your entire enterprise with a matrix of sources and destinations – data centres, cloud zones, external and internal connections and more – to see at a glance which destinations are accessible from which sources, whether each possible routing meets compliance policies, or is even governed by one?

These kinds of security-friendly capabilities are critical in helping you prevent misconfigurations and rule errors from creeping into your network, remaining undetected and unremediated, and introducing potentially serious security risks.

Check out this demo to see how effective use of network security software capabilities can streamline compliance reviews and improve your security posture.

The important take-away is to understand how a security solution can help your team more effectively reduce security misconfigurations and better protect your enterprise. And you may learn some tricks you can apply to your current security solution to help your team work more effectively and efficiently.

by FireMon

Copyright Lyonsdown Limited 2021

Top Articles

RockYou2021 data leak: 8.4 billion passwords compromised

A report shows that 100GB of data which includes 8.4 billion passwords have been recently leaked on the internet, people are being encouraged to secure their accounts.

Hackers Breach Electronic Arts & Steal Game Code

Electronic Arts, one of the world's biggest video game publishers including games such as FIFA, Madden, Sims and Medal of Honor, are the latest company to be hacked.

JBS Foods paid £7.7m in ransom to REvil ransomware gang

JBS Foods, the world’s largest processor of beef and poultry products, has admitted to paying a ransom of $11 million to cyber criminals, a week after it announced that operations…

Related Articles

[s2Member-Login login_redirect=”” /]