Firewall misconfigurations happen every day. Jeff Styles, Vice President of Global Field Engineering at FireMon, points out, however, when IT infrastructure changes and speed of business increases, there’s a greater chance mistakes will happen. “Change is a killer in IT,” Styles comments. “Lack of training, lack of sleep, rate of change and policy complexity all make firewall misconfigurations more likely.”
So, when government leaders issued stay-at-home orders in 2020 due to the coronavirus pandemic, many businesses quickly transitioned to remote workforces — and the chances of misconfigurations occurring grew.
“In a matter of days, MSPs had to beef-up teleworking and VPN capacity from 10 to over 50 percent of a company, depending on the vertical and the business,” Styles says. “Companies had to expand their entire infrastructure to handle remote work, some accelerated movement to the cloud, and MSPs had to deal with a whole laundry list of policy, profile and permission changes. It was pretty explosive,” Styles comments.
The circumstances certainly created a likelihood of errors, but a firewall misconfiguration during the transition to remote work couldn’t have occurred at a worse time. Many employees weren’t accustomed to remote work — or adept in security best practices, especially considering they were working from vulnerable home networks. And hackers ramped up activity to take advantage of the situation.
Crucial Policy-Level Configurations
Styles says policy-level firewall configurations are typically a business’ first line of defense. Firewall policies allow you, on behalf of your clients, to enable access to applications that employees are permitted to use, prohibit others and block malicious traffic. Common firewall misconfigurations often result in overly permissive access.
Styles says policy-level misconfigurations can occur in a variety of ways, for example, fat-fingering an object, designating an incorrect zone when you’re onboarding a new customer, or mistakenly creating a rule that bypasses the egress filter.
Unfortunately, firewall misconfigurations can lead to three serious outcomes for your clients:
- Compliance violations: A properly configured firewall is necessary for businesses to comply with PCI standards or regulations in industries such as finance or healthcare. Noncompliance leads to fines.
- Breach avenues: A firewall misconfiguration that results in unintended access can open the door to breaches, data loss and stolen or ransomed IP.
- Unplanned outages: A misconfiguration could prevent a customer from engaging with a business, and that downtime leads to lost revenues. For example, large e-commerce businesses could lose thousands or even millions of dollars until the error is corrected.
Firewall Misconfigurations Have an Impact on Your Business, Too
Firewall misconfigurations can also have a significant impact on your business. “Businesses are trusting you to secure their data at the speed at which they’re trying to move,” he says. You don’t want to lose that trust.
“Automation is the key to handling speed and volume with the least amount of errors,” Styles says. Automation also helps you reduce human error, improve service levels and prevent friction.
“It’s also something you can monetize. You can promote the fact that you can reduce misconfigurations by a certain percent. Automation can definitely benefit MSPs who want to capitalize on it,” says Styles.
Your Clients Need More Than a Band-Aid Solution
At the close of 2019, no one could have anticipated that, just a few months later, the economy would shut down due to a pandemic or that so many people would suddenly need to work from home. But you shouldn’t consider the solutions you’re providing to make that possible as a temporary fix. You may be laying the foundation for their new model.
Weeks of remote work proved that it is possible to connect through video conferencing, access common applications and files. Moreover, remote work can be more comfortable for employees — and less expensive for businesses. In April 2020, Gartner revealed results of a CFO survey that found 74 percent intend to make at least 5 percent of positions permanently remote, and about one-fourth plan to transition 20 percent of their workforces to remote positions.
“They were so averse to it, but [the pandemic] forced everyone to embrace [remote work] and now they see the financial savings of it,” Styles says.
It may be time to double-check for firewall misconfigurations, and ensure the speed of change didn’t cause you to overlook what your clients need for secure, long-term remote operations. Maintain your clients’ trust that you’ve worked so hard to build.