Sunday, May 16, 2021

Firewall Vendors Look to Automate Policy Changes

For IT staff in global enterprises, adding a new employee is far more
involved than finding a desk and a chair for the new hire.

Typically, it means huddling over spreadsheets, muttering to themselves
as they figure out what changes to make to access rights and policies while
taking into account a labyrinthine array of legal, departmental and
compliance rules.

Multiply that scene by thousands of users, spread over different
countries, and you have the massive, frequently chaotic process that takes
place practically every week in major companies.

In response, firewall vendors are looking to help IT fight back using
policy management automation solutions, designed to simplify the task of
managing policies — and minimizing the risk of human error.

AlgoSec this week unveiled FireFlow, which automates policy change
management and integrates with existing processes — such as the e-mail and
Web-based forms typically used by department heads to request adding or
removing a user’s access.

News of AlgoSec’s new release, which is due to ship next quarter, comes a
few weeks after rival Tufin Technologies announced version 4.2 of its
flagship SecureTrack product. Tufin also announced SecureChange Workflow, an
offering targeted specifically at security policies.

A routine process fraught with challenges

Each solution takes aim at the mundane but necessary task of managing
user accounts — a chore growing more time-consuming and prone to problems
thanks to global offices, mounting regulatory policies and increasingly
outdated processes.

Typically, enterprise groups use e-mail and Web- or paper-based forms, to
request changes, which are then recorded and carried out by corporate IT.

“The process was basically manual — you send an e-mail saying ‘Please
add this user to whatever’ and it was a slow, disjointed process,” AlgoSec’s
vice president of marketing, Aimee Rhodes, told InternetNews.com.

Burton Group senior analyst Pete Lindstrom agreed. “It’s common to put in
e-mail requests or log changes in an Access database or a spreadsheet,” he
told InternetNews.com.

But a manual process becomes a major chore when large companies’ IT
staffs have to weigh thousands of policy rules governing which employees can
access certain resources.

“It’s not uncommon for folks to have 40,000 to 50,000 rules across
hundreds of firewalls in today’s large environments, and having a dedicated
application to manage them is gold,” Lindstrom said.

When coupled with a sprawling, international staff, this process of
tracking user rights and privileges often proves even more taxing.

“We have lots of customers in the financial sector that are globally
based, and they’re making two to three changes to policies a week,” Rhodes
said.

In addition to having to manage the sheer volume of requests, the problem
is often exacerbated by regulatory and other legal concerns facing large
companies.

This article was first published on InternetNews.com.

Similar articles

Latest Articles

How IBM has Changed...

Think is IBM’s big annual conference, and again this year, it was digital. I’m noticing a sharp quality difference in shows like this where...

Database-Tuning Platform Launches and...

PITTSBURGH — A team out of Carnegie Mellon University is launching its automatic database-tuning product today with the help of $2.5 million in funding.   OtterTune,...

Top 10 Professional Services...

Professional services automation (PSA) software aims to offer service-based companies most of the software they will need to run their businesses in one package....

What is Data Aggregation?

Data aggregation is the process where raw data is gathered and presented in a summarized format for statistical analysis. The data may be gathered...