Automating the ‘new normal’ – how customers are managing their work-from-home strategies using AlgoSec
Exploring real customer experiences as they move to home working and how AlgoSec’s solutions have helped them make the transition.
As 2020 continues to unfold, it has become clear that organisations have been affected by the new work-from-home situation in many different ways, presenting IT and security teams with new challenges in managing this ‘new normal’.
Over the past few months, we’ve received helpful feedback from our customers globally about the challenges they’ve faced, and how to address them. Here, we’ve pulled together the six main issues that our customers have mentioned, and how the customer network security management helped them overcome them.
1. 10x more network changes? No problem
Our customers have told us that they have seen a dramatic increase in the number of network change requests and changes brought about by the shift to working remotely. In many cases, applications have been moved to new venues to make them accessible to employees working from home. Moves to the cloud and hybrid data centres have significantly increased, and the ways that employees access these applications has, as a result, also brought about changes to the firewalls, switch/routers and necessary transition to the cloud.
One of our customers in the US, for example, saw the number of requests shift dramatically from 300 changes per week to roughly 300 changes per day. This huge increase has put a tremendous strain on their staff and thus allowed them to truly put AlgoSec’s FireFlow automation to the test to safely keep up with the large increase in change requests. They recently stated they would not have been able to keep pace with this demand without the AlgoSec platform.
2. Granting access without surrendering control
The rapid increase in network changes has resulted in overtime work by limited staff, which has necessitated the move to new access policies and associated security. For the sake of turnaround time, these access policies are often not well-researched or designed within the normal security policies.
This has led to what have, in many cases, become too-permissive policies that will need to be tightened, as well as a multitude of redundant rules that were not able to be researched properly. The net effect is a threat landscape that is much more open than what existed prior to COVID-19.
AlgoSec customers who are required to make changes to access policies have been able to do so rapidly using algorithmic recommendations provided in seconds by FireFlow.
Meanwhile, customers using Firewall Analyzer have reported being able to easily see if sufficient rules already exist by using Traffic Simulations and, if not, which blockages need to be addressed. If new rules have already been put in place, Firewall Analyzer can review them quickly to see how they may have affected compliance, security risk and potential shadowing of rules. Firewall Analyzer’s ability to make optimisation recommendations takes a huge workload off limited staff, while addressing what needs to be changed quickly, with appropriate oversight to bring it back into a safe environment.
3. Never straying far from the audit trail
Sudden changes and shifts in policy, access and placement of servers and apps has also put a significant strain on many of our customers’ ability to capture audit trails of all the new changes made in order to prepare effectively for upcoming reviews in the future.
Users that have AlgoSec FireFlow have been able to capture an audit trail of all the changes made (when, what and by whom) that will be critical down the road in preparing for audits and reviewing policies and changes to be sure they are within established guidelines.
4. No need to neglect compliance processes
From customer feedback, it has become clear that compliance processes have been neglected with the rapid influx of new rules and access demand created by the remote working initiative. These new gaps in compliance will need to be addressed to return to a safe and secure environment that once again adheres to the corporate standards established prior to COVID-19.
Firewall Analyzer has given AlgoSec customers the ability to examine devices, groups of devices, or the entire enterprise to immediately report on the new compliance rating, as well as their organisation’s own custom baseline compliance if desired, to see what impact the massive changes have brought about in this regard.
5. Keeping on top of your apps
The addition of rules and policies to address working from home strategies is also creating a challenge in trying to associate new rules and changes to their corresponding applications for future reference, to enable future pending changes and decommissioning to take place. This will create the need for contextual awareness of which rules are associated with which policies.
Many, if not most, of the changes made for working from home were done to address our customers’ need to access applications from a new locale. AlgoSec’s AppViz automatically associates the newly created rules with the applications they are tied to, which brings significant context and awareness to the number of changes made. This, in turn, will assist organisations in policy maintenance and clean-up in the future.
6. Meeting those long-term IT goals
Many organisations have had to redeploy staff to quickly establish the new rules and policies needed to establish the WFH environment. This is causing organisations to fall behind in terms of meeting their IT objectives and milestones due to limited staffing, oftentimes suspending or even postponing important long-term initiatives.
AlgoSec’s comprehensive solution allows for rapid deployment and transition to the cloud with automation. It also enables the capture and rapid review of changes made, to ensure changes are staying within guidelines, while establishing the priority for clean-up and optimisation efforts.
Our customers have reported that this ability to quickly review changes, compliance, risk and optimisation is allowing their IT personnel to focus on their priorities, keep up with new policies and changes, and also address mistakes that may have been made during the rush to remote working. This has allowed our customers’ staff to stay on track and prioritise the compliance and security processes that were established prior to COVID-19.
The leading provider of business-driven network security management solutions, AlgoSec helps the world’s largest organizations align security with their mission-critical business processes. With AlgoSec, users can discover, map and migrate business application connectivity, proactively analyze risk from the business perspective, tie cyber-attacks to business processes and intelligently automate network security changes with zero touch – across their cloud, SDN and on-premise networks. Over 1,800 enterprises, including 20 of the Fortune 50, have utilized AlgoSec’s solutions to make their organizations more agile, more secure and more compliant – all the time. Since 2005, AlgoSec has shown its commitment to customer satisfaction with the industry’s only money-back guarantee.
Private Protocol is a data security distributor offering solutions and strategies that covers Mobile device and Data Security, Secure Data Collaboration, Secure Messaging, SharePoint/O365 Security and Compliance, AWS Security, Data Classification and Data Discovery, File Share Security and Compliance, Software Defined Perimeter – Zero Trust Security, Total Fraud Protection and Cloud Security. Private Protocol also offer Cloud Risk Assessments so companies can understand the impact cloud is having on their business and highlight any risks that may be associated. Private Protocol have a distributed partner channel covering Africa and Indian Ocean Islands.
Website - www.privateprotocol.com