The new report examines the impact of security management on the business.
October 30, 2013
A new study from AlgoSec, a Boston-based security policy management provider, finds that application connectivity management challenges are impacting security and business agility. The global survey of 240 information security professionals, network operations, and applications owners was conducted to determine how security management affects organizations’ agility with regards to connectivity of critical applications in the modern data center. A key finding of the resulting report, Examining the Impact of Security Management on the Business, shows that while many organizations are planning to migrate critical business applications from physical infrastructure to private, public, or hybrid clouds, more than two-thirds of organizations encounter application connectivity disruptions or outages during data center migration projects.
Other findings include:
Companies with more data center applications are less agile. Over 32 percent of respondents report more than 100 critical business applications in their data center, and 19 percent have more than 200 critical applications. Half of the respondents require more than five weeks to deploy a new data center application, while a 25 percent require more than 11 weeks.
Application connectivity updates are processed slowly. Nearly half of organizations (45 percent) have to manage more than 11 business application connectivity change requests per week, and 21 percent must manage more than 20 changes per week. However, 59 percent say it takes more than eight hours to process each application connectivity change request, with 31 percent saying it takes more than one business day per change.
In addition, when decommissioning applications in their data centers, 59 percent of respondents say they have to manually identify which firewall rules to change, while 15 percent leave the unnecessary access rules in place, creating security risks.
Another finding is that organizations now want the ability to prioritize network vulnerabilities by business application. Nearly half (48 percent) of respondents want to view risk by the business application, versus 31 percent by network segment or 21 percent by server/device.
Finally, firewall audits are requiring increased man-hours. Seventy-four percent of respondents are spending more than one man-week on firewall audits per year, and more than 46 percent are spending greater than two man- weeks per year.
To learn about all of the survey findings, download the full report free from AlgoSec.