Don't Let These 12 Worst Network Security Practices Become a Baker's Dozen - Part 1

Managing network security for enterprises today is a challenge. With over a billion records breached in 2014[1] and approximately 25% of these breaches categorized as “accidental losses,” security professionals may need to reconsider some of their strategies and take a closer look at their network security practices.

The recent report from Gartner Research “Avoid These 'Dirty Dozen' Network Security Worst Practices” sheds some light on this subject, highlighting commonly observed network security practices that “reduce network availability, increase expenditure or risk, and alienate end users.”[2] Here are the 12 worst practices that have emerged from over 3,000 of Gartner's client interactions this past year:

  • Shiny new object syndrome
  • Culture of no
  • Insufficient focus on users and business requirements
  • Defense with inadequate depth
  • Organizational misalignment
  • Suboptimal branch architecture
  • Security blind spots
  • Uncoordinated policy management
  • Noncompetitive vendor selections
  • Hazardous network segmentation
  • Inadequate end-user education
  • Inadequate security event management

In this blog series, we will examine these worst practices and discuss how security professionals can address them using the Tufin Orchestration Suite.


[1] Breach Level Index. “Breach Level Index Annual Report 2014.” https://breachlevelindex.com/pdf/Breach-Level-Index-Annual-Report-2014.pdf.

[2] Andrew Lerner and Jeremy D'Hoinne. 2015. “Avoid these 'Dirty Dozen' Network Security Worst Practices,” January 8. Gartner Research. https://www.gartner.com/doc/2958617/avoid-dirty-dozen-network-security.