New AlgoSec Study Shows Application Connectivity Management Challenges are Impacting Security and Business Agility
October 2013 by AlgoSec
AlgoSec announced the results of a global survey of 240 information security professionals, network operations and application owners. The survey was conducted to find out how security management issues affect the agility of organisations, with regard to connectivity of critical applications in data centres.
The study shows that while many organisations are planning to migrate critical business applications from physical infrastructure to private, public or hybrid clouds in the next 12 months, 66% of organisations have had unexpected application connectivity disruptions or outages during their data centre migration projects.
Maintaining security of business applications also absorbs significant resources in ongoing firewall audits. 74% of respondents said they spent more than one man-week per year on firewall audits. 18% reported that their organisation devoted at least one man-month to firewall audits per year. More streamlined processes for auditing and managing changes would free IT professionals to focus on more strategic tasks that would boost organisations’ productivity.
“Critical business applications fuel today’s data centres, but security teams lack visibility on how their activities impact the business,” said Nimmy Reichenberg, Vice President of Marketing and Business Development, AlgoSec. “As a result, provisioning connectivity for data centre applications is time-consuming, severely hampering business agility, and increasing the risk of business disruptions and security breaches caused by errors in firewall configuration. As our study shows, these challenges are magnified when migrating applications or entire data centres to the cloud.”
Key findings from the survey include:
• More data centre applications, less business agility – Over 32% of respondents reported more than 100 critical business applications in their data centre and 19% said they had more than 200 critical applications. Half of the respondents require more than 5 weeks to deploy a new data centre application, while 25% require more than 11 weeks.
• Fast application connectivity updates, processed slowly – Nearly half of organizations (45%) have to manage more than 11 business application connectivity change requests every week, and 21% must manage more than 20 changes per week. However, 59% say it takes more than 8 hours to process each application connectivity change request with 31% saying it takes more than one business day per change.
• Decommissioning data centre applications is painful and risky – When decommissioning applications in their data centres, 59% of respondents said they have to manually identify which firewall rules to change, while 15% leave the unnecessary access rules in place, creating security risks.
• Applications migrating to the cloud – Most respondents still have the majority of their business applications in physical data centres, but one in five expects to migrate more than 40% of their applications to the cloud, and over a third plan to migrate at least 20% of their applications in the next 12 months
• Prioritising network vulnerabilities by business applications is a new requirement – Organisations want the ability to prioritise network vulnerabilities by business application. Nearly half (48%) of respondents want to view risk by the business application. 31% want to view risk by network segment, and 21% by server/device.