Firewalls have always been an essential weapon in the fight against cyber crime. But as businesses are forced into a new state of operation, with all but key personnel working remotely, the need to ensure a robust and reliable firewall has never been greater.
Why you need a firewall
Firewalls are an integral component of any company’s security system. But over recent weeks, as companies have been forced to adopt remote working practices across the board, firewalls have gained importance as the gatekeepers that distinguish business traffic from nefarious requests for access.
A firewall is vital in enabling a company to monitor and protect access to the data in its network. With a robust firewall in place, you are able to prevent unauthorised access to your computers and network, safeguarding against viruses and malware, as well as preventing targeted data breaches and thefts.
As a business, with many of your teams now working from home, you’re going to want your firewall to not only keep unwanted traffic out of your network, but to monitor the connections of the devices in your network and control what they are able to send externally. With the best will in the world, your teams aren’t necessarily going to know whether their devices are adequately protected. And without the correct security tools in place, any technically savvy person with an internet connection is going to be able to dig through every computer in your network, giving them the ability to deposit or remove files, with potentially catastrophic consequences for your business.
Why you should review your firewall
With more and more of your teams working from home, the robustness of your network security could make or break your business in what is already a tricky time for many companies. Like everything else on your network, your firewall is ultimately just another computer running software – it has an operating system with millions of lines of code, and like all the other software on your network, it’s going to require patching to keep it running optimally.
Reviewing your firewall regularly is crucial if it is to provide your network, and all the data within it, with the protection it needs.
Hackers these days are specifically targeting businesses that are less prepared for an attack. Companies have been forced to act quickly in the recent shift to off-premises, home-based working, and cyber criminals are capitalising on this, exploiting vulnerabilities that have arisen through a lack of preparedness. Many IT managers out there will be playing catch-up with their security systems. But even those who have robust systems in place cannot afford to ignore the increased activity among hacking groups. So whether you’ve got an on-premise, hosted virtual or hosted dedicated firewall, now is the time to make sure it’s protecting you in all the right ways.
Ways to improve your firewall
One of the most important things you can do in terms of ensuring the security of your network is to make sure all your network users understand the protocols and the reasons they exist. It’s much more likely your users will abide by the measures in place if they understand why they exist in the first place. So explain it to them, and make it as easy as possible for them to gain the access they need, when they need it.
Here are some other steps you can take:
1. Perform a vulnerability assessment. There are plenty of free, open-source tools you can use to perform a scan of your network that will highlight any vulnerabilities. A good vulnerability assessment will show up issues with your firewall’s configuration, as well as issues with unpatched software, any default passwords in use, hardware and software identification exposures that leave you vulnerable, and any unnecessary admin access to network devices.
2. Audit your network. Wireless connections are vital at the minute – in fact, you’re not going to be able to do business without them. But it’s important to have an overall view of all the wireless access points across your network, and to eliminate any rogue or ‘dead’ ones. Position an access point outside your perimeter firewalls and allow users to VPN through it, if you can.
3. Segregate your network. Any breach of your network will be all the more catastrophic if, once access has been gained, there is unrestricted access within it. It therefore makes sense to look at your network as ‘units’ and to secure each unit individually. Figure out how your network is used and by whom, then compartmentalise it and protect it with virtual perimeters so that if a hacker gains access through a marketing employee’s laptop, they aren’t able to tamper with the HR corner of the network.
4. Shut off unused services. A large corporate network might have four or five servers actively engaged in delivering email services, but perhaps as many as 80 servers listening in on the SMTP port. The more servers you have listed for each service, the more opportunities hackers have to gain access. Audit your network to see what is actually being used for what it says it’s being used for, and shut down any unnecessary services. If you’ve got a server running as a Windows file server but it’s never been used for that, shut down the file-sharing protocols.
5. Build perimeters for partner networks. You’re never going to be able to control the security policies, practices and protocols of your partners, but they pose an internal security problem for you nonetheless. Creating a DMZ or perimeter network for each of your partners will allow you to maintain some element of control over what they are able to access.
6. Protect your firewall admin. One of the most common misconfigurations for a company firewall is allowing access to the firewall’s admin interface via the internet, leaving it vulnerable to intrusion. Ideally, access to the firewall’s admin should only be via its internal interface. Best practice for remote admin access is to use a VPN.
We’ll protect you
M247 offers a range of managed firewall solutions for businesses of all sizes. All our firewalls, whether hosted, virtual, dedicated or on-site, are based on tried-and-tested hardware and come preconfigured and fully managed. Each of our firewalls offers you the security of complete Unified Threat Management, and includes virus scanning, anti-spam, web filtering and intrusion prevention as standard. We can also support with further security measures such as Disaster Recovery (DRaaS) to provide a full circle of protective solutions, get in touch today to discuss your needs, and we’ll tailor a solution to keep you safe and secure.