The last few months have been a cold shower for most of us as we’ve suddenly woken up to the reality that life as we know it can be so uncertain. There are of course upsides like when your wife tells you that she doesn’t want to celebrate her birthday because of the economic crisis.
However don’t believe her. What she’s actually saying is she really wants a big party and if you fail to deliver then either you’re on the verge of bankruptcy or you don’t love her anymore. And the challenge that many of us face right now is to understand what is happening in the market, and this is about as difficult right now as trying to understand what your wife is telling you – not what she’s saying!!
Gone are the days when your success was measured by how much over budget you went on a project, or by getting noticed by focusing on projects that demanded lots of resource but ultimately ended up requiring an army of contract staff to keep it running.
Today we’re getting back to basics; in much the same way that the educational system tries to when someone discovers that a generation of kids have left primary school unable to read or write although they can wax lyrical about concepts that you only figured out when you were sixteen!
Today the Back to Basics campaign can be summed up in the three Rs – Reduce, Rationalise, Return - or at least this is what seems to be the common theme whenever I talk to any organisation.
Everyone in 2009 is reducing; reducing staff, investment, and trying to trim operational costs. At the same time risk control and business continuity has taken on more urgency.
Secondly with companies trying to reduce costs, rationalisation has become extremely important. Over the past five years many companies have added a myriad of systems to their IT infrastructure.
The financial sector is the classic scenario where the turmoil of the past twelve months has resulted in organisations having to absorb other organisations with the resulting diversification of systems and processes. Infrastructures need to be integrated, often with disparate technologies and vendors.
This in turn has led to huge problems for many auditors and security officers in trying to ensure that risk is contained and that business continuity is not impacted, and this is particularly an issue when you are dealing with firewalls from multiple vendors.
Security change management and security lifecycle management become a major area of concern and the only way to manage this effectively is to invest in security management tools that provide a unified interface for multiple vendors.
Finally ROI is very important. Investments that are made today must be able to demonstrate a measurable return on investment. Simply adding technology for the sake of technology, or starting expansive projects with no measurable return other than succeeding in process automation are simply out of the question.
Investments that are made need to focus on improved performance, extending the lifespan of existing technology, and providing a measurable improvement in the area of risk management and business continuity. Security change implementation cycles that normally took days now need to be measured in hours.
One of the key areas that many organisations are now addressing is in the area of firewall and router management. For example in a medium sized organisation with 50 to 100 firewalls it can be estimated that the cost to the organisation as a result of not having an Firewall Policy Management in place can be up to half a million dollars annually.
These costs result from change requests not being implemented correctly due to operations not fully understanding the business users’ requests or implementing changes incorrectly. The result is significant time wastage and frequently network and service downtime, often to critical applications. In addition there is a knock on effect in terms of business exposure. Managed Service Providers and Telcos are especially vulnerable to this since very often they have punitive Service Level Agreements with their clients.
So for example a firewall or router change that results in loss of service to a user needs to be firstly avoided if at all possible, and secondly rectified as quickly as possible to avoid financial and business exposure. It’s hard enough to find new clients nowadays so losing clients due to mis-configurations is absolutely unacceptable.
Other areas where companies very often “burn money” is in replacing existing equipment due to the demand to maintain performance levels. Firewalls and Routers are particularly susceptible to this since performance is directly impacted by the number of rules configured. Without effective configuration management a number of things usually occur. Firstly rules are frequently duplicated (fully shadowed) or partially duplicated (partial shadowing) simply because there is no mechanism in place to do rule usage analysis and policy analysis.
By eliminating the process of manual analysis, not only does an organisation make major savings in operational costs but more importantly it will improve the operating efficiency of their firewall and router environment, and reduce operational errors. It is often the case that a thorough analysis of a rule base will find that up to 50% of rules are either overlapping and in many cases never used.
By cleaning up the rule base not only does the organisation benefit from improved performance but just as important in today’s climate it can defer additional investment in more powerful or additional systems which only exacerbate the situation. The analogy can be compared to your average hard disk where probably 50% of the data stored on the hard disk is probably never used and is often years out of date.
Most of us will buy a new hard disk rather than simply delete data that is never used. Cleaning up your rule bases, and maintaining a “clean” rule base not only may remove the need for costly upgrades in the short term but also in the longer term.
Utilising Firewall Policy Management, or FPM as Gartner calls it, will realise major cost savings in areas such as Policy Analysis, Rule Usage Analysis, Rule Cleanup and Optimisation. It will provide improved business continuity and add years to the life of your existing infrastructure.
So my advice for the spouse’s next birthday is not to buy the new car but take the old one and give it a good service and replace the cassette player with a nice CD player. And while you’re at it give your firewalls and routers the full treatment. Bottom line if you want to keep your job demonstrate that you’re bringing ROI to your employer!
Calum M. MacLeod |is Regional Manager of Security Lifecycle Management vendor, Tufin Technologies