Avishai Wool, CTO and founder of AlgoSec, sheds light on the complexity of network management and explains how companies can safely cope with the difficult transition with the help of automation. […]
It is not surprising that the number of mergers and acquisitions completed decreased significantly at the beginning of the corona crisis, as many companies were busy with other projects, some of which served to preserve their existence – especially the switch to remote work. As the situation has calmed down somewhat, many experts predict an increase in business activities and believe that the number of mergers and acquisitions will increase. In fact, they already experienced a sudden upswing at the end of 2020 and ended the year with a decline of only 3 percent compared to 2019.
But taking over companies requires more than writing a check. There are hundreds of big and small issues to consider, from infrastructure to staffing, that determine the success or failure of a merger. Not to be forgotten here is the merging of the IT networks, which can be built and equipped in completely different ways. So what do companies need to do to ensure a safe and successful transition?
When two worlds collide
Many entrepreneurs associate mergers or acquisitions with strong feelings: often the joy of the new opportunities and expansion is mixed with the fear of big business and structural changes that require a lot of management.
For this reason, these processes should be considered as the collision of two planets that have their own complicated ecosystems. Two companies that operate complex IT infrastructures with hundreds or thousands of applications collide. In most cases, these perform replicated functions, which means that some applications must be used in parallel, while others should be decommissioned and removed to avoid duplication. It’s not easy to put something like that together.
Thousands of firewall policies must be deleted, supplemented, changed and updated in this context to take into account new connections, applications, servers, users, security solutions, containers and clouds – but these must not break security gaps or lead to failures. From the point of view of the IT departments, a merger or acquisition is a highly complicated process, which, if not properly planned and implemented, can have a bad long-term impact on operations and business.
Transferring and merging infrastructures
Before a company can even begin to integrate, it is necessary to create a comprehensive inventory of all the applications that both companies use. An auto-discovery tool can help here, which independently collects information and connections of each application located on the network and adds them to a list. This allows the main company to create a digital map of the data streams of the network in order to have connectivity clearly in mind – cornerstones of the merger.
Next, IT security comes into play. A vulnerability analysis should be carried out in both company networks to identify all business-critical applications that are or could be at risk. This assessment gives the main company the opportunity to evaluate all applications and devices in terms of risk and necessity and assign a priority. In this way, the employees of the SecOps department can concentrate their efforts on individual areas that store important customer data, for example.
In this way, it is possible to create an organized view of the corporate environments. As a result, all critical business applications can be identified and assigned, vulnerabilities are identified, the risk and necessity of certain applications are evaluated and measures can be prioritised.
The importance of automation
The steps described above give the entrepreneurs involved in a takeover or merger an accurate picture of the IT topology, but this is only half the battle. In addition, the security policies must be updated to exclude obstacles in the network.
The help of automation is crucial, because a frighteningly large number of incidents are due to misconfigurations of firewalls. This often results from an attempt to manually change policies in a large, complex network environment. This danger is even greater in mergers and acquisitions, as the two merged companies are likely to use different firewall configurations, and often traditional firewalls are mixed with next-generation firewalls or firewalls from different manufacturers. It is impossible to untangle this ball manually without errors. A console to automate network management is therefore essential to make changes to firewall policies quickly and securely and to minimize the risk of misconfigurations. Since such a console also works centrally and uses the above-mentioned overview map as a basis, changes can also be enforced throughout the system, across all types of IT environments. In this way, errors are automatically determined by it, obstacles are detected and changes are suggested. In addition, a console for the automatic management of the network ensures compliance with the compliance regulations and takes care of the documentation for auditing, which should be complete. Changes are fully logged for this purpose. These capabilities are also the key to a much easier introduction of micro-segmentation of the network than would be possible by hand. This is separated into different, isolated zones, at the boundaries of which the firewalls take a sharp look at the data traffic – which locks attackers or malware into such a zone and therefore works very well, especially against ransomware, because it cannot move freely through the network.
Achieving zero-touch automation here is a difficult process, but after some time, those responsible can let their automation solution work independently and benefit greatly from it, because time is freed up for large projects.
Automation of network management
As we see, a merger or acquisition entails a number of IT challenges. Nevertheless, these can be mastered, especially with the help of a well-thought-out automation of network management. The decisive factor in such processes is always that the business applications continue to be operated safely during the transition. If all applications and connections are known beforehand, this goal can be achieved much more easily than without such an overview. At the same time, the increasing automation of policy management, compliance and auditing ensures that the often thinlyseeded professionals can take care of large matters while avoiding misconfigurations. So the monster called complexity loses its horror. In the end, this type of automation even clears the way for simple micro-segmentation of the network.
*Prof. Avishai Wool is CTO and Founder of AlgoSec.