Policy Misconfigurations leave the door open for bad actors and hackers

“When Eric Mishayev, our CEO, and I, both 20-year security Architects, founded Albarius, it came out of a professional necessity to stop facing the same network security policy misconfigurations over and over again” says Albarius’s CTO & Co-founder, Denis Malinovtsev.

Even today, when our platform surveys most of our new customers’ security policies, we still encounter many misconfigurations that repeat themselves, leaving entire organizations susceptible to bad actors.

6 common misconfigurations in network security policies:

Denis outlines the most common misconfigurations in network security policies setup and management he keeps encountering:

1. Redundant and inefficient rules – setting up rules that cover the same IP ranges and/or ports, overloading the rule base, leading to wasted system resources and difficulties in ongoing management and optimization.

2. Lacking documentation of rules and change management – missing/outdated info on the logic behind rules and tracking the changes they went through, presents professionals from being able to fully understand their policies scope and design the most enhances security possible.

3. Obsolete and outdated rules - lack of continuous monitoring, optimization and rules updates in accordance with the org’s challenges and needs, leads to outdated and inefficient policies, resulting in more potential breaches and threats infiltration.

4. Overly permissive configuration – creating broad and generic rules (often with fields containing “any”) and/or segments, might help traffic flow and day to day operations, but allow unauthorized access to sensitive resources and overall leaves the organization supremely vulnerable and unsecure.

5. Unsecured rules setup – more often than not, rules are being set up using alarmingly unsecured ports such as HTTP, Telnet, FTP, making these rules (and the entire policy for that matter) susceptible to essentially any and all threats.

6. Inconsistent rule management – Working in a multi environments with multi vendors, missing consistency generates an enormous conflicts between environments and/or firewalls, consuming much time and efforts to align and leaving systems unprotected to outside threats.

Automated network security policy management eliminates misconfigurations and keeps bad actors at bay

Denis suggests that with network policies today reaching tens of thousands of rules, it is clear, that managing it manually is extremely risky and time consuming.

“Automations in network security policies are a must these days to prevent misconfigurations and keep your policies both secure and efficient, not disrupting your production environments whatsoever”

Denis insists that having an automated platform review your policies and recommend the relevant optimization 24/7 to eliminate breaches and gaps is not a luxury but a necessity for the modern security engineer.

In Conclusion

Security policies misconfigurations are very common and often repeat themselves from one org. to another. Albarius’s CTO, Denis Malinovtsev highlighted the most well-known misconfigurations and the dangers behind them. The solution to these misconfigurations and their potential damages, is an automated platform that analyzes the org’s policies 24/7, identifies and remedies all security gaps.