Organisations should refrain from employing low-skilled IT administrators who provide makeshift service to firewalls, as it makes an organisation's network vulnerable to security risks.
This is according to local IT security specialist, Securicom's operations director, Dries Morris, who says human intervention and constant monitoring is key to securing a firewall within an organisation.
Morris compares a firewall to a security gate and says over time, a firewall's effectiveness will gradually deteriorate and become compromised as the rest of the network changes around it.
“The result is that 'security gate' eventually becomes a gaping gateway to the network, opening it up to all sorts of security risks.”
In addition, Morris warns that the jack-of-all-trades IT administrator lacks the skills and time needed to give firewalls the attention it requires.
“Because the average IT administrator is not a specialist in firewalls, he isn't usually cognisant of the impact changes he makes to other parts of the network can have on the effectiveness of the firewall,” cautions Morris.
“For instance, to get some technology working somewhere else on the network, an administrator might open up ports and neglect to close them for whatever reason with the result that the firewall ends up looking like a piece of Swiss cheese.”
He recommends that companies consider outsourcing the management of the firewall to a specialist service provider.
According to Securicom, 90% of all IT security breaches originate from within a company's ranks, and 98% of these breaches are unintentional.
An IDC report, 'EMEA Manufacturing IDC Security Survey Results', found that more than 50% of surveyed respondents are unaware of the number and nature of security events their organisation encountered in the past 12 months.
IDC says the absence of appropriate policies for prevention of data loss means that employees usually have liberal access rights to information and systems in excess of their job requirements.
Share