Every day, when I open LinkedIn or Twitter, I come across at least a handful of posts or articles on security automation. Some companies have taken the plunge, many are actively evaluating automation, and almost all security vendors are evangelizing it. In the network security policy management space, automating iterative and manual tasks into streamlined workflows is absolutely critical. It is simply a more efficient way of doing things. It releases pressure on expensive engineering resources, removes human error, and helps organizations reduce cost – which is why enterprise adoption of policy automation is accelerating…quickly.
There is a flip side, of course. There are a number of examples of automation going wrong because of three things – excessive automation, automating the wrong processes, and automating without being mindful of the consequences.
To automate or not to automate?
Security decisions are very contextual. For example, automation of firewall configuration updates is very straightforward but not so much the access control rules that govern who and what should have access to which network resources. Enterprise networks have evolved into these dynamic, complex monsters that need to be governed across firewalls, applications, databases, data centers, cloud, and containers to manage risk, and ensure security and continuous compliance.
Unfortunately, a lot of vendor-speak today focuses on just two broad benefits of automation – ease of doing things and cost optimization. No vendor talks about the hidden costs of poorly planned automation and the huge financial implications in terms of non-compliance and data security breaches.
FireMon’s approach to security policy automation has been one of mindfulness, ushering in a level of responsibility, intelligence, and control into the automation process. FireMon provides context around access requests to help system administrators and network engineers determine and implement change with keen foresight. Change that best enables the business without introducing new risk becomes very relevant when you are confronted with thousands of change requests daily. FireMon delivers intelligent and automated workflow that helps security administrators implement the right changes with absolute precision.
Automation and Compliance – Will the Twain Meet?
A 2018 CSO study showed that 69% of the surveyed companies saw compliance mandates driving spending and 88% of companies spent $1 million or more on GDPR compliance. Never before was the tyranny of compliance stronger and this has implications for security policy automation. Meeting compliance goals means that automation must take into account the risks associated with each of the computing platforms on the network as well as incorporate predictive analysis for every critical policy change that is being implemented.
Taking Automation Beyond Known Boundaries
As the market leader and innovator in network security policy management, we are setting the benchmark on automation, taking it beyond its current scope, to ensure that our customers automate fully mindful of compliance and security, making certain that we do not allow new risks to fall through the cracks. FireMon’s vision of automation pivots around:
- Automation of security at scale across physical, virtual, cloud firewalls, applications, and users.
- Guardrails and compliance incorporating industry best practices, compliance standards, and customer gold standards.
- Integration with tools and workflows to support change management and tracking & audit.
Our approach spells a paradigm shift in policy automation as it is aligned to the needs and painpoints of key stakeholders of enterprise security – SecOps, Governance, Risk and Compliance (GRC) and DevOps. Our standards-based workflow engine injects automation and analysis at every stage of the change process, ensuring that engineers are able to design and approve the correct change quickly.
If done well, automation makes enormous business sense and will deliver on its promises of consistency, cost optimization, ongoing visibility, assessment, and effective management of the organization’s risk security profile and proactive risk mitigation.
So let’s automate…mindfully!