Ever wonder why there is a problem when you install new applications and, to be polite, there are issues? The answer as to why lies in an interesting place, as has been revealed in a recent Tufin Technologies survey.
For those unfamiliar, Tufin Technologies is a provider of Security Process Automation (SPA) solutions, which to many may seem like “plumbing,” but as with your home you know such solutions are important when they don’t work correctly. Previous Tufin surveys have shown that because application connectivity requirements drive the vast majority of firewall changes, managing application connectivity has become the number one firewall management challenge.
The latest survey, conducted in April at InfoSecurity UK, sought to delve into the issue in a more granular fashion. The headline finding of the survey tells an interesting tale. The 105 IT professionals, ranging from network administrators to CIOs, reported, “Network security teams deploy applications based on incomplete or inaccurate connectivity data, resulting in delays, downtime, and unnecessary risk and compliance exposure.”
An overview of application connectivity challenges
Below is a quick recap of some of the findings that should be of interest since they show how enterprise applications are exploding and the challenges providing connectivity represents: 33 percent reported their organization has more than 500 applications; and 74 percent said they will be deploying up to 100 new applications this year.
There is little standardization as to how organizations structure application connectivity processes. Network Operations teams work mainly with Application Owners (30 percent), but other stakeholders include app developers (26 percent), other network engineers (16 percent). In addition, there are many other stakeholders to consider including consultants, VARs, apps vendors and possibly managed service providers which account together for 29 percent.
And, when it comes to determining connectivity requirements, 72 percent report they are given a list of ports to open, but 19 percent look it up on the Internet, 13 percent look at logs, and 9 percent rely on trial and error. In other words it is easy to see why there can be problems.
Other interesting finds include:
Since as we all know time is money, having automated processes that enable smooth deployments and changes is key.
The final food for thought is when the survey asked about the impact this lack of connectivity has on security and compliance. Even as the firewall in a BYOD world has lost some of its importance for providing a high degree of enterprise protection from those with malicious intent, it is still the main and arguably the most critical part of risk management associated with online security. That said, the survey found:
"This survey highlights the fact that security engineers are having to adopt new processes on the fly - processes that require them to interact with a new set of stakeholders," said Reuven Harrison, CTO of Tufin. "As a result they are not just changing who they work with but how they work. Anyone who has experienced this kind of change knows it is not easy. That's why we are putting so much development effort into SecureApp. SecureApp provides a much needed application connectivity model on top of our network abstraction layer, enabling security teams to rise above any existing technology constraints and collaborate with other IT groups for a common goal - application delivery and business agility.”
Harrison’s point about the challenges is spot on. The complexity of IT job when it comes to security and compliance has increased exponentially in the past few years for all of the reasons we read about everyday—mobility, BYOD, the cloud, virtualization, distributed workforce, increased frequency and sophistication of cyber threats, much more stringent corporate governance and compliance, etc.
Applications connectivity, as it relates to being plumbing may not be sexy but it is essential. As the survey says, the challenges are real, and the costs of not implementing best practices can be steep.
To make 5G possible, everything will change. The 5G network will involve new antennas and chipsets, new architectures, new KPIs, new vendors, cloud di…
The digital transformation of business is generating a lot of value, through more automation, more intelligence, and ultimately more efficiency.
Last week, at the Open Source Summit, hosted by The Linux Foundation, the Open Mainframe Project gave birth to Zowe, introduced a new open source soft…
Not many of us love going to see the dentist, and one company working across unified voice, productivity and even IoT systems is out to make the exper…
Moogsoft Observe advances the capabilities of AIOps to help IT teams better manage their services and applications in the face of a massive proliferat…