One in ten IT professionals cheat on firewall audit
IT professionals may not be following the Government’s lead towards transparency, according to a new survey.
A survey released today has revealed infrequent firewall audits have led to questionable actions in the private IT sector and could lead to security risks.
The research, by Tufin Technologies, showed one in 10 IT professionals admitted they or a colleague had cheated on an IT audit to make it pass muster.
A lack of time and resources were the main reasons given by those who admitted to cheating, the survey said.
Michael Hamelin, chief security architect at Tufin Technologies, said companies that conduct audits irregularly are a cause for concern because out of sync firewall rules leave networks open to exploitation.
"Without the right automation tools, managing firewalls is complicated and time consuming making it very tempting for IT professionals to cheat to get their audit passed. But in the long run it will only cause more problems," Hamelin said.
Of the 242 respondents, 25 per cent said firewall audits took a week to conduct, and 30 per cent said they audited only once every five years.
More than a third of respondents said their firewall rule bases were a mess and were susceptible to hackers, network crashes and compliance violations.
The research comes at a time where the new coalition Government is making efforts to be more open with its data, releasing the numbers on public sector spending and IT contracts.
However, the survey claimed private IT companies only invested into and pay attention to the firewalls selection process, instead of following them up and making sure they were fully optimised.
Digitally perfecting the supply chain
How new technologies are being leveraged to transform the manufacturing supply chainDownload now
Three keys to maximise application migration and modernisation success
Harness the benefits that modernised applications can offerDownload now
Your enterprise cloud solutions guide
Infrastructure designed to meet your company's IT needs for next-generation cloud applicationsDownload now
The 3 approaches of Breach and Attack Simulation technologies
A guide to the nuances of BAS, helping you stay one step ahead of cyber criminalsDownload now