Ensuring compliance through network automation [Q&A]
Cyber threats are on the rise across every industry and business size, highlighting the importance of maintaining network compliance for organizations and especially for IT and security teams.
But that's easier said than done, with many industry-specific compliance regulations like the Health Insurance Portability and Accountability Act (HIPAA) or the Payment Card Industry Data Security Standard (PCI) each with their own set of standards and processes.
Craig McDonald, VP of product management at BackBox, believes there is a better approach for organizations when working to maintain network compliance. We recently talked to him to learn more.
BN: Why is security compliance so important for organizations across any vertical?
CM: As threats increase and attack surfaces expand, governments and industrial bodies are implementing laws and regulations to protect organizations, their partners and customers. Today, it is critical to enforce security, compliance and performance standards across an organization's IT infrastructure. This is critical, not just to avoid potential fines if found to be out of compliance during an audit, but also to avoid performance issues and mitigate cyber security threats that can cause catastrophic network failures.
BN: Why is it so difficult to ensure security compliance for today's organizations?
CM: When dealing with regulatory compliance mandates like HIPAA or PCI, it can become difficult to manually collect the information needed to confirm compliance when working with a network made up of thousands of devices.
For instance, finance organizations attempting to remain in compliance with PCI must show that all devices in the network have strong passwords. And when working with hundreds or even thousands of devices, this can become very time-consuming. Similarly, organizations face this when leveraging the CIS Cisco IOS Benchmark, a set of globally recognized and consensus-driven best practices to help security practitioners implement and manage their cybersecurity defenses. This checklist has over 100 areas that are recommended for organizations such as remediation recommendations, which would be very time intensive to implement across an organization.
BN: What has made networks specifically difficult to secure and in turn ensure compliance?
CM: Compliance has been increasingly challenging for network managers as network complexity increases and talent shortages continue. The COVID-19 pandemic has brought an increase in remote work environments as well as distributed work environments across cloud and hybrid environments. These challenges are compounded by the struggle to find and retain top talent, making it difficult for network operations teams to handle endless manual tasks with less labor and keep up with network best practices.
Organizations require a detailed view of the status and configurations of their network devices to demonstrate regulatory compliance. This ongoing challenge highlights the need for tools that can identify any configurations that are out of compliance and remediate them automatically to alleviate stress on network teams while providing detailed reporting to prove what actions were taken to fix the problem and document the resulting status.
BN: Why is network automation the key in preventing organizations from falling out of compliance?
CM: Network automation is becoming a core solution across many industry sectors as a key driver of digital transformation and scaling of the enterprise. From connectivity and monitoring, to load balancing, data center provisioning and beyond, a growing number of network functions are being automated every day to create more powerful and efficient enterprise operations.
Network automation tools can audit device configurations in real-time to ensure that they adhere to compliance standards, industry best practices as they relate to security policy endorsement, and firewall rule maintenance. One way to leverage this technology is to orchestrate a compliance check where the automation platform searches your configurations for misconfigurations that would drive an organization out of compliance, recommends remediations and gives the option to automatically make those changes in real-time or at a determined schedule.
By automating scans of the entire network to ensure the correct device configurations and parameters are in place, network automation can prevent companies from falling out of compliance and facing resulting fines incurred through a failed audit, or even worse, a security breach.
BN: Why is remediation a critical part of automating compliance?
CM: Organizations should leverage tools that not only identify issues within a network, but one that also automatically makes the required changes for remediation. Instead of only providing a simple pass/fail report on network device configurations, organizations should look for solutions that offer customizable, detailed reporting and automated remediation capabilities that allow network engineers to better understand where and how vulnerabilities are introduced in their environment. Organizations can then create their own templates and automatically enforce network compliance with their own best practices, as well as respond quickly to Common Vulnerabilities and Exposures (CVE) announcements to ensure the network is protected against the latest threats.