- Most companies fail in high severity compliance checks, reports
- Many fail at critical levels, endangering them
- Early firewalls could lead to arrest times and cyber attacks
Firewalls are a must of business cybersecurity and, alongside multi-factory authentication (MFA) and solutions for the protection of termination points-essential in each technological safety battery.
However, how many companies manage a poorly configured erroneous firewall which is embarrassing instead of helping?
A new Firemon report revealed that 60% of corporate firewalls fail high severity compliance checks “immediately after evaluation”, with another third (34%) “stranded in the short term at critical levels”.
How to stay safe?
For researchers, this is a sign of deeper governance problems that could cause audit failures, operational downtime or increased exposure to threats.
The problems are not contained in a single environment – on site, cloud and hybrid, all suffer from the same misfortunes – configuration errors, obsolete rules and swollen policies, resulting in a reduction in performance, risk of conformity, and more.
Firemon noted that 95% of the objects of application and 82% of service objects have zero use, which means that they are not unnecessary general costs and widen only the attack surface.
A third (30%) of firewall rules is also completely unused, 62.6% lacking owner or documentation, leading to audit gaps and operational dead angles.
Finally, more than 10% of the rules are redundant or in the shade, reducing performance and hiding dangerous configuration errors.
“The complexity of the firewall is not only a configuration problem, it is a threat to resilience and confidence,” said Jody Brazil, CEO and Founder of Firemon. “The security teams are buried under policies they cannot explain, map the commercial objectives or manage on a large scale.
