According to the recent survey that examined the “Impact of Security Management on the Business,” many organizations plan to migrate business applications to the cloud – this despite oftentimes experiencing application connectivity disruptions in the process. The financial and operational benefits for moving to the cloud are well documented, but the risk of unplanned outages is not to be taken lightly. One in five organizations expects to base more than 40 percent of their business applications in the cloud even though two-thirds have suffered unexpected outages or disruptions during data center application migrations to public, private or hybrid clouds.
Applications that are comprised of numerous servers, networking and storage components and security infrastructure are baked with so much complexity that when a new application is created or a connectivity update is made, it is often fraught with risk. Organizations are challenged with the lack of visibility of their application connectivity requirements and the underlying security policies. Before you migrate critical business applications to the cloud, here are four things to consider.
Organizations need to understand the financial impact of an unplanned outage to a critical application. If an application is down or not performing at an optimal level, what does that mean to the bottom line? At a technical level, organizations must understand that most business application connectivity needs drive firewall changes. Additionally, organizations need to make sure that they can link all firewall change requests to the appropriate application as well as understand the impact to these applications and to the network.
Often when applications or servers are decommissioned in the data center, it requires IT professionals to manually identify the firewall rules that need to be changed. If the firewall rules are left in place then many unnecessary access rules are left to create security risk. More often than not, organizations will leave those access rules in place because if removed, they are fearful that an outage may occur. While breaking the connectivity for a critical application would obviously be bad, organizations should prioritize removing the unneeded access because this creates unnecessary access that can be exploited by attackers. By leveraging firewall rules, organizations can identify network components and applications that can be removed to eliminate unneeded access successfully – without impacting the business.
IT organizations want to know what their risks are from the business perspective; however, traditional network vulnerability management systems do not offer that view. Nearly half of survey respondents want to view risk by the business application as opposed to 30 percent who want to see their exposure by network segment and 22 percent by server or device. This is important because it enables security teams to more effectively communicate with business owners and prepare and encourage them to “own the risk” with this type of visibility. And with a view of risk by application, the organization can make better risk decisions with the business in mind.
In enterprise networks and data centers today, there has been an increase in the number of business applications that have complex, multi-tier architectures, multiple components, and intricate, underlying communication patterns that drive network security policies. While individual rules support multiple applications, an individual “communication” may need to travel across numerous policy enforcement points. Hundreds or even thousands of rules can be involved and can include many potential interdependencies that are configured across tens to hundreds of devices, which support just as many business-critical applications. When there are multiple firewalls with complex rule sets, mistakes often result; therefore, organizations must simplify security management processes through automation and an application-centric approach.
These are just four security management considerations that organizations should take into account to help ensure the effective migration of critical business applications to the cloud. Remember that there are many reasons why an organization would make this move to the cloud; however, please remember the implications of poor security management and how improvements here not only help to ensure tighter security, but also a more agile data center.
Looking for more information on accounting software? Check out our side-by-side comparison of leading platforms in the Top 10 Cloud Management report. You can also browse exclusive Business-Software.com resources on cloud hosting and cloud management by visiting the cloud hosting research center.
This article was syndicated with permission from security policy management company, AlgoSec. AlgoSec enables organizations to manage security at the speed of business. The AlgoSec Suite of products automates management of complex policies across firewalls, routers, switches, secure web gateways and more. Bridging traditional gaps between security, network and application teams, the AlgoSec Suite improves business agility, increases security and ensures continuous compliance. More than 1,000 of the world’s leading organizations, including 15 of the Fortune 50, rely on AlgoSec for faster security provisioning of business applications, simplified security operations and improved protection against cyber-attacks. AlgoSec is committed to the success of every single customer, and offers the industry’s only money-back guarantee.