Survey shows that network security policy management assists business continuity and disaster recovery
- Published: Wednesday, 14 February 2018 08:19
A new survey from industry analyst firm Enterprise Management Associates (EMA) has revealed significant benefits from using network security policy management (NSPM) solutions. These include more consistent security policies which led to fewer attack surfaces, shorter change approval and implementation processes, fewer change-related outages and more successful business continuity and disaster recovery testing.
In contrast, organizations that did not use NSPM solutions had significant issues with poorly-implemented and non-standardized security policies, and failed cloud migrations for critical business applications.
“In the race to continue forward, many organizations seem to forget that security policies must be driven by business processes, and not restrict or inhibit them. To this end, network security policies should be considered, created, and tested in the context of how they will impact the business process they are meant to protect,” said David Monahan, Managing Research Director, Security and Risk Management at Enterprise Management Associates, Inc. “Leveraging NSPM solutions will increase security, decrease attack surface and the corresponding risk, and accelerate the ability to process changes more quickly and accurately. They allow staff to focus more on high-value business tasks such as architecture, application and policy design, and other areas where skilled personnel provide the most value.”
Key highlights from the report include:
Problem-free change processes: NSPM solutions drastically reduced the number of problems organizations faced during security policy change processes, with 81 percent of respondents reporting that more than 90 percent of their change windows were problem-free. However, respondents that relied on manual processes to manage their security policies experienced an average of 50 percent more incidents, such as outages or device misconfigurations, caused by security device configuration errors.
Security policy change processes down to one day: NSPM solutions reduced the time it took to process a security policy change to just one day, down from 12 days if done manually. 43 percent of organizations who did not use NSPM solutions spent 5 – 10 hours per firewall, per quarter manually inspecting their security policies. Only 9% of organizations using NSPM solutions spent this amount of time inspecting their security policies due to optimized change management processes.
NSPM prevents application outages: 64 percent of respondents said that using NSPM prevented application outages caused by device misconfigurations, while 37 percent said it helped reduce outage investigation time. In contrast, 34 percent of those relying on manual processes reported that security device misconfigurations were the primary cause of outages.
NSPM improves security posture: 57 percent of respondents stated that NSPM solutions reduced the frequency of security incidents, and 41 percent stated that NSPM solutions reduced the time it took to investigate security incidents. A further 26 percent said that NSPM solutions helped prevent ransomware from spreading, while 23 percent of respondents stated that using an NSPM solution for post-change verification enabled them to identify improperly executed or unauthorized changes.
In contrast, organizations not using NSPM solutions reported between 46 percent - 59 percent more occurrences of incidents stemming from incorrectly implemented changes (depending on the volume of changes at the organization). Additionally, 58 percent said the inability to maintain standardized policies was a ‘significant to very significant’ factor in security or operations incidents.
Conducted in Autumn 2017, Enterprise Management Associates surveyed over 200 IT managers and security professionals at medium to large organizations across a range of industries in North America to gauge their feedback on NSPM tools.