20pc of IT managers cheat to pass security audits


17 Jun 2009

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

A survey of IT managers and technical staff has revealed that 20pc admit to cheating on a security audit to get it passed

The survey by security lifecycle management company Tufin Technologies was conducted amongst 151 IT security professionals, many of whom were from multinational organisations and government departments, employing 1,000 to 5,000-plus employees.

The annual ‘Reality Bytes’ security survey discovered that 63pc of companies only check and audit their firewalls from anything between three months to a year, with a staggering 9pc never bothering to check their firewalls at all. Some 51pc admitted that their firewall rules are ‘a mess’.

The survey also found that 22pc of firewall audits take anything from a few weeks to a few months, with 70pc saying that their audits take a few days.

However, from a security perspective, with audits not being undertaken frequently, and with many taking time to conduct, it can mean that a lot companies have firewalls that, at best, are running under par and, at worst, contain shadowed or obsolete rules that introduce unnecessary risk to the organisation.

Tufin also found that more companies than ever before are buying IT hardware from eBay, a trend Tufin was aware of anecdotally via its customers. The Tufin survey found that almost a quarter of companies (24pc) would buy from eBay, if it meant they would save money.

In the current climate, cost savings are a huge priority to most companies. However, in the area of IT security and compliance, 52pc of companies have revealed that their organisations have not made them focus on cost cuttings at the cost of security and compliance, which are still priorities that money will be spent on. Some 48pc of survey respondents, however, reported that cost cuts have impacted their compliance efforts.

“Having a clear sense of what’s going on in the trenches is an important indicator of what and where to innovate, and we are more committed than ever to making security operations less painful,” said Ruvi Kitov, CEO, Tufin Technologies.

By John Kennedy

66

DAYS

4

HOURS

26

MINUTES

Buy your tickets now!