"Critical business applications fuel today's data centers, but security teams lack visibility on how security activities impact the business," said Nimmy Reichenberg, Vice President of Marketing and Business Development, AlgoSec. "As a result, provisioning connectivity for data center applications is time-consuming, severely hampering business agility and increasing the risk of business disruptions and security breaches caused by errors in firewall configuration... and as our study shows, these challenges are magnified when migrating applications or entire data centers to the cloud."
Key findings from "Examining the Impact of Security Management on the Business" include:
· More data center applications, less business agility– Over 32% of respondents reported more than 100 critical business applications in their data center and 19% said they had more than 200 critical applications. Half of the respondents require more than 5 weeks to deploy a new data center application, while a 25% require more than 11 weeks.
· Fast and furious application connectivity updates, but processed slowly - Nearly half of organizations (45 percent) have to manage more than 11 business application connectivity change requests every week, and 21% must manage more than 20 changes per week. However, 59% say it takes more than 8 hours to process each application connectivity change request with 31% saying it takes more than one business day per change.
· Decommissioning data center applications is painful... and risky – When decommissioning applications in their data centers, 59% of respondents said they have to manually identify which firewall rules to change, while 15% leave the unnecessary access rules in place, creating security risks.
· Prioritizing network vulnerabilities by business applications is a new requirement– Organizations want the ability to prioritize network vulnerabilities by business application. Nearly half (48 percent) of respondents want to view risk by the business application versus 31% by network segment or 21% by server/device.
· Firewall audits require increased man-hours – Seventy-four percent of respondents said they spend more than 1 man-week on firewall audits per year and over 46% spend more than 2 man-weeks per year taking resources and time away from more strategic and valuable efforts of the business.