Infrastructure operator for the Swiss Stock Exchange to discuss how to maintain business agility without compromising network security alongside Tufin
SIX, the infrastructure provider for Switzerland’s financial market and Tufin Technologies have emphasized the need for companies to significantly improve network change and application delivery, with a view to striking a better balance between maintaining security and enhancing business agility. Both companies were speaking out ahead of a joint presentation on the need for fast service delivery without comprising network security and compliance at InfoSec 2014.
Fritz Steinmann, Director and Head Network and Security Engineer at SIX said: ‘It’s crucial that business owners understand that network changes are taking far too long and this compromises the business security and decreases agility. The change process must be sped up, but the only effective way to manage hundreds or thousands of network changes on a continuous basis is through network automation. Far too many organizations are failing to continuously and proactively assess network rules and policies before a change is made and as a result are opening up their businesses to serious security risk.’
SIX currently support hundreds of business-critical applications for over 150 banks and were able to implement network changes up to 5 times faster with Tufin. Steinmann added: ‘For financial services businesses which operate in the world’s most heavily regulated sector this situation is clearly not sustainable. The growth of network-enabled applications, not to mention compliance needs, only add to the pressure on IT resources to dramatically address the risk of service outages and security problems. Clearly, to manage IT and network security with the level of rigor necessary, a new approach is needed – and most financial organizations do recognize this.’
Ruvi Kitov, CEO, Tufin said: ‘Increasing network complexity and the growing threats from both inside and outside the company means traditional, manual approaches to IT security are no longer effective. The forward thinking firms, such as SIX, are already automating their security controls using security policy orchestration to segment their network as well as centrally manage global security policies. This allows them to lower risk, improve efficiency, meet compliance and ultimately enhance their business agility.’
Rapid Service Delivery Presentation:
Steinmann will be partnering with Mark Wellins, vice president of solutions at Tufin Technologies, the market-leading provider of IT security policy orchestration solutions for a presentation at Infosecurity Europe 2014.
The session will look at how the increase in application-related change requests for network access and increasing network complexity is placing pressure on network and security managers generally. It will also outline how SIX was able to deploy and decommission applications more rapidly whilst maintaining security of their ever-changing IT network to:
- Implement network changes faster through automation
- Add security and compliance into the change process, effectively assessing risks in real time
- Gain more control and visibility over network security changes for audit and remediation purposes
- Alert on unnecessary access requests which could expose the network to risk
- Solve the challenges of slow manual application deployment and improve business agility by greatly reducing the percentage of re-implementing changes due to mistakes
You can find a full description of the session here
Tufin Orchestration Suite at InfoSec:
At Infosecurity Europe Tufin will be also demonstrating version R14-1 of the Tufin Orchestration Suite™ which enables businesses to manage network configuration changes securely, accurately and efficiently. Version R14-1 extends Tufin’s analytic and orchestration capabilities deeper and wider across the network. In addition to ingraining more security automation into network change processes, R14-1 also enhances network topology simulation to enable accurate change automation and also delivers capabilities for reducing connectivity-related downtime and collaboration with other IT stakeholders.
A key update is Unified Security Policy. An innovative approach to centrally managing security policies, it allows Tufin customers to map out and manage their desired network security architecture. In-depth information about zone-to-zone traffic and policy restrictions improves change management. Centralized alerting on all policy violations by level of criticality with instant drill-down analysis for rapid remediation provides more in-depth and actionable network monitoring.
Reuven Harrison, CTO, Tufin Technologies predicts that this software update will open the door to significant security improvements in business networks. He commented: ‘A well segmented network remains the most effective way of isolating sensitive assets like credit card data from other less sensitive assets to minimize the lateral movement of cyber attackers within the network. But it is the poor management of this network segmentation and failure to continually enforce security policies that prevents many businesses from maintaining the desired network segmentation and optimum network security.’
He continued: ‘Our recent R14-1 software update offers exactly this required balance of network segmentation, combined with controlled automation. Allowing the business to keep network security changes in line with the corporate security policy, yet also have them be implemented fast enough to not hold the business back.’
Visit Tufin at InfoSec 2014 at stand H45 during 29 April to 1 May or join Tufin in the Information Security Exchange Theatre on 1 May 13:00 - 14:00.