A firewall is industry-standard protection for Small Business. Often the first line of defense against outside threats, a firewall forms a barrier between the full scope of the Internet and your customer’s private internal network.
Firewalls, however, are a specific product built to perform a specific task, and they don’t provide complete cybersecurity. So how can you expand your cybersecurity program beyond a firewall to provide comprehensive protection?
A firewall protects against unauthorized access by scanning traffic and controlling what information can pass through the network. Since firewalls work by filtering traffic based on source and type, they won’t catch threats that come from a “legitimate" origin, such as:
Social engineering, including phishing attacks
Malicious websites disguised by an SSL certificate
Human error and the insider threat
Phishing emails, for example, often make it through a firewall, as email is considered normal traffic. This is especially unsettling given that 90% of data breaches and incidents include a phishing component.
Think of a firewall like the walls of your house: they protect against unwanted intrusion, but if you leave the back door unlocked for a delivery, or the windows open for some fresh air, you’ve introduced a security hazard. Training employees and setting business policies minimizes the risk of a not-so-friendly intrusion.
Some firewalls feature Unified Threat Management (UTM) that offers more advanced protection, but not without cost: UTM systems are often expensive and cumbersome, requiring extensive setup and maintenance by cybersecurity providers and potential downtime for customers. And, yes, they still come with some of the same obstacles as traditional firewalls—sometimes we can’t help but leave the back door open for the kids, the cleaners, or maybe a contractor.
While most firewalls allow regular web browsing, they block other inbound traffic through an intrinsic “deny” policy. But there are many business reasons why you may need to allow access into a network:
Compatibility with older or “legacy” software systems
Hosting internal assets, i.e. a web server or custom application
Communicating with an Internet of Things (IoT) device, i.e. security cameras or systems
Remote access to internal resources, i.e. remote desktop
Opening a port, or poking a hole in the firewall, for any of these items exposes the network to potential risk. IoT devices are a great example of a common, yet potentially risky, accommodation in the firewall. Attackers can use any vulnerability in an IoT device to infiltrate the whole network.
There are several steps you can take to ensure your customer’s firewall is strong:
Only open ports that are 100% business critical
Follow a rigorous update schedule for any devices on the network, including IoT devices
Perform regular firewall audits to ensure that policies and firmware are up-to-date
Require an SSL VPN to access internal resources
And in addition to a firewall, it’s important to consider a holistic set of preventative measures for your customer’s cybersecurity:
Build a foundation of cybersecurity plans, policies, and procedures
Educate and test to develop a culture of cyber-defenders
Consider additional technology to provide advanced protection
Incorporate an ongoing program and routine of evaluation
Don’t fire your firewall – it’s an important component of cybersecurity. Just be sure you’re using it as part of, not in place of, a strong cybersecurity program.
Stay Safe,
Your Friends @ Defendify