Network Security Policy Management Enhances Change Processes, Business Continuity, Cloud Migrations & Disaster Recovery, Shows EMA Survey
February 2018 by AlgoSec
A new survey from industry analyst firm Enterprise Management Associates (EMA) has revealed significant benefits from using network security policy management (NSPM) solutions. These include more consistent security policies, which led to fewer attack surfaces, shorter change approval and implementation processes, fewer change-related outages and more successful business continuity and disaster recovery testing.
In contrast, organizations that did not use NSPM solutions had significant issues with poorly-implemented and non-standardized security policies, and failed cloud migrations for critical business applications. The summary survey report can be downloaded from AlgoSec’s website here.
“In the race to continue forward, many organizations seem to forget that security policies must be driven by business processes, and not restrict or inhibit them. To this end, network security policies should be considered, created, and tested in the context of how they will impact the business process they are meant to protect,” said David Monahan, Managing Research Director, Security and Risk Management at Enterprise Management Associates, Inc. “Leveraging NSPM solutions will increase security, decrease attack surface and the corresponding risk, and accelerate the ability to process changes more quickly and accurately. They allow staff to focus more on high-value business tasks such as architecture, application and policy design, and other areas where skilled personnel provide the most value.”
Key highlights from the report include:
Problem-free change processes: NSPM solutions drastically reduced the number of problems organizations faced during security policy change processes, with 81% of respondents reporting that more than 90% of their change windows were problem-free. However, respondents that relied on manual processes to manage their security policies experienced an average of 50% more incidents, such as outages or device misconfigurations, caused by security device configuration errors.
Security policy change processes down to 1 day: NSPM solutions reduced the time it took to process a security policy change to just one day, down from 12 days if done manually. 43% of organizations who did not use NSPM solutions spent 5 – 10 hours per firewall, per quarter manually inspecting their security policies. Only 9% of organizations using NSPM solutions spent this amount of time inspecting their security policies due to optimized change management processes.
NSPM prevents application outages: 64% of respondents said that using NSPM prevented application outages caused by device misconfigurations, while 37% said it helped reduce outage investigation time. In contrast, 34% of those relying on manual processes reported that security device misconfigurations were the primary cause of outages.
NSPM improves security posture: 57% of respondents stated that NSPM solutions reduced the frequency of security incidents, and 41% stated that NSPM solutions reduced the time it took to investigate security incidents. A further 26% said that NSPM solutions helped prevent ransomware from spreading, while 23% of respondents stated that using an NSPM solution for post-change verification enabled them to identify improperly executed or unauthorized changes.
In contrast, organizations not using NSPM solutions reported between 46% - 59% more occurrences of incidents stemming from incorrectly implemented changes (depending on the volume of changes at the organization). Additionally, 58% said the inability to maintain standardized policies was a ‘significant to very significant’ factor in security or operations incidents.
“In this era of digital transformation, globalization, and relentless cyber-attacks, security must become a strategic, business enabler that protects business processes and powers the agile enterprise. The report from EMA makes it clear that in order to achieve this, organizations need an NSPM solution that delivers complete end-to-end visibility and automated security policy management across all network environments, to drive business agility, security and compliance in the age of cloud,” commented Joanne Godfrey, AlgoSec’s Director of Marketing Communications. “AlgoSec’s Security Policy Management solution not only delivers these capabilities, but is also the only solution that aligns network security policy management with business processes and objectives.”
Conducted in Autumn 2017, Enterprise Management Associates surveyed over 200 IT managers and security professionals at medium to large organizations across a range of industries in North America to gauge their feedback on NSPM tools. A free copy of the information-packed summary report is available from AlgoSec’s website, and the full report is available from Enterprise Management Associates here.