One in ten IT professionals cheat on firewall audit
IT professionals may not be following the Government’s lead towards transparency, according to a new survey.
A survey released today has revealed infrequent firewall audits have led to questionable actions in the private IT sector and could lead to security risks.
The research, by Tufin Technologies, showed one in 10 IT professionals admitted they or a colleague had cheated on an IT audit to make it pass muster.
A lack of time and resources were the main reasons given by those who admitted to cheating, the survey said.
Michael Hamelin, chief security architect at Tufin Technologies, said companies that conduct audits irregularly are a cause for concern because out of sync firewall rules leave networks open to exploitation.
"Without the right automation tools, managing firewalls is complicated and time consuming making it very tempting for IT professionals to cheat to get their audit passed. But in the long run it will only cause more problems," Hamelin said.
Of the 242 respondents, 25 per cent said firewall audits took a week to conduct, and 30 per cent said they audited only once every five years.
More than a third of respondents said their firewall rule bases were a mess and were susceptible to hackers, network crashes and compliance violations.
The research comes at a time where the new coalition Government is making efforts to be more open with its data, releasing the numbers on public sector spending and IT contracts.
However, the survey claimed private IT companies only invested into and pay attention to the firewalls selection process, instead of following them up and making sure they were fully optimised.
How to scale your organisation in the cloud
How to overcome common scaling challenges and choose the right scalable cloud serviceDownload now
The people factor: A critical ingredient for intelligent communications
How to improve communication within your businessDownload now
Future of video conferencing
Optimising video conferencing features to achieve business goalsDownload now
Improving cyber security for remote working
13 recommendations for security from any locationDownload now