Introducing FireMon Policy Analyzer Learn More

Why Security Misconfiguration Are Higher During Covid-19

There are good reasons your IT security team may be looking a bit sleep-deprived. In addition to the stress of the COVID-19 pandemic everyone is facing, they’re also facing heightened risks to network firewall security as new external assets (websites, web portals, mobile apps and more) are provisioned to enable customers and an expanding remote workforce.

First, enterprise networks have changed dramatically – and with dramatic speed. The pandemic has led organizations to urge their employees to work from home. For many businesses, that’s turned the normal pattern of network connections upside down. Instead of most employees logging in securely from a wired office, most of them are logging in remotely. Up to half the workforce is now working from home.

IT teams have had to work overtime to accommodate this rapid revolution in network configuration. A survey of our customers revealed that enterprise infrastructure change is up an astounding 300%.

The pace and scope of these changes adds immeasurably to the challenges of keeping the network secure from inadvertent errors – especially given the complex hybrid networks that are the norm today. The pandemic has only added to that complexity by vastly expanding the need to access cloud services. Microsoft has reported an almost unbelievable 775% increase is usage of cloud services due to the pandemic.

Finally, in the face of these rapid configuration changes – and in part because of them – security threats are increasing. Bad guys thrive on chaos, and the pandemic has created an opportunity they find irresistible. An FBI official reported that cybercrime reports had quadrupled by mid-April compared to the months before the pandemic.

Moreover, the increase in malicious activity isn’t limited to just one or two types of attacks. Threats of all kinds are up:

  • The length of DDoS attacks and other disruption risks targeting enterprise networks is up.
  • Bad bot traffic is up, along with all the threats that exploit bot networks.
  • Phishing attacks are up, and Google has detected a huge increase in active phishing sites.
  • Credit card skimming attacks are up, matching the increase in online shopping.

We’ve created a compelling infographic that captures the specific and relevant risk data facing every networked business during this pandemic. It’s a powerful summary of the challenges your IT security team is working to overcome every day. Check it out.

Of course, threats are just threats unless they are somehow able to penetrate your network firewall security – which brings us to the biggest challenge facing IT teams.

With so much change to network and cloud security group configurations in such a short time, mistakes resulting from manual change processes are inevitable. Misconfiguration errors are responsible for a staggering percentage of security breaches. Gartner reports that 99% of all firewall breaches through the next several years will be caused by misconfigurations – not flaws.

What’s the answer? In the short term, an unsustainable approach of checking and rechecking configurations with every change, paying particular attention to the most common misconfigurations that result in data breaches.

The real solution, however, is applying a disciplined and repeatable practice by automating the process of configuration change. By minimizing manual efforts and the inevitable errors they bring, IT teams can significantly reduce instances of misconfigurations that inadvertently expose vulnerabilities, leaving data exposed, your company lifeblood.

 

About the Author

You May Also Like

Asset Visibility: A Critical Component of Security Hygiene

As the world becomes increasingly digitized, cybercrime has become one of the most significant threats that organizations face. Environments are expanding at a rapid pace and cybercriminals are always looking for new ways to exploit vulnerabilities in computer systems and networks, making security hygiene a high priority for preventing attacks.

Read More >

FireMon Cloud Defense Introduces Free Enterprise-Scale CSPM

FireMon is incredibly excited to introduce the industry’s first completely free unlimited CSPM for any size cloud deployments. A curated subset of features from our Cloud Defense platform designed to help cloud customers identify and manage baseline security and compliance risks. At FireMon we believe all organizations and individuals deserve

Read More >

Get 9X Better

See how to get:

90% Efficiency Gain by automating firewall support operations

90%+ Faster time to globally block malicious actors to a new line

90% Reduction in FTE hours to implement firewalls

Schedule a Demo