A recent research report from Enterprise Management Associates (EMA) entitled Data Driven Security Tools: The Value of Security Policy Orchestration and Automation to Improve Change Management and SecOps, has revealed that organizations who use Network Security Policy Management (NSPM) tools reduce their attack surface, experience fewer change related outages and improve business continuity, particularly when it comes to the cloud. The report also revealed that a shocking 40% of organizations said they have done almost nothing to establish baseline policy standards for security.
“This is a worry, particularly as more and more organizations move to the cloud,” said Tim Woods, Vice President of Product Management, FireMon. “If security policy baselines aren’t established on premise, then there is not much hope for a solid security posture as they transition infrastructure to the cloud.”
With 49% of organizations who said they had current or forthcoming cloud projects planned confessing that gaps in their understanding of business application communication flows would negatively impact their cloud migrations, the need for this standardization has never been greater.
“A lack of standardization comes with a host of problems, including troubleshooting difficulties, more likelihood of error-related outages, an increase in the time it takes for compliance and audit activities and a longer time needed for change approvals,” Woods continued.
For the report, sponsored by FireMon, EMA surveyed 200 organizations, half of which use NSPM tools and half of which did not. It found that organizations leveraging NSPM had significant advantages in both IT operations and security operations.
FireMon recently brought its intelligent automation framework to the cloud with support for AWS security groups to help deliver greater security assurances as organizations migrate to cloud. Beginning with access requests, forms can be customized to capture the complete requirements upfront to ensure the designed change achieves the intended outcome. From there, the orchestration takes over, providing checks for accuracy and compliance along the way, including a pre-change impact simulation based on fully customizable control assessments.