Tag Archives: firewalls

News

Tech Insight – Tech Insight: What Are Firewalls?

In this article, we take a brief look at what a firewall is, what types there are, and the benefits and drawbacks of firewalls.

Firewall

A firewall is a network security system that can monitor and control incoming and outgoing network traffic based on predetermined security rules.  Based on these rules, it decides whether to allow or block specific traffic and as such, provides a valuable, controllable security barrier between inside network devices and potential threats from outside (the Internet).

Hardware firewalls protect the machines on a network and software firewalls protect the individual machines that they are installed upon.

How Do Firewalls Work and What Types Are There?

Firewalls use their set of configurable rules to decide which traffic is allowed through and which traffic must be blocked. The firewall is generally able to do this by scanning packets of data (e.g. for known malicious code or attack vectors which are regarded as threats according to the rules). The main ways in which firewalls work include:

– Packet filtering.  This involves using certain identified threats as filters for incoming data. The small ‘packets’ (from packet switching) that make up data being sent digitally across the Internet are scanned and are either allowed to enter the network or are blocked depending on whether they are within or outside of the configured firewall rules.

– Proxy service/proxy server firewalls. These firewalls are intermediary (application level) servers that separate end-user clients from the destinations that they browse. They create a mirror version of the computer behind the firewall but prevent direct connections between the customer device and incoming data packets. As well as being used as firewalls, proxy servers also work as web filters, provide shared network connections, and cache data to speed up common requests. Proxy service firewalls are very secure.

– Stateful inspection/dynamic packet filtering. Often found on non-commercial and business networks, a stateful firewall (using stateful inspection) works by individually tracking sessions of network connections traversing it (i.e. it monitors the full ‘state ‘of active network connections). This method of firewall filtering therefore relies upon looking at the whole context of the traffic and data packets trying to access the network, rather than just looking at discrete traffic and data packets in isolation.

Benefits and Disadvantages

The benefits of having firewalls in place include:

– Protecting business continuity and protecting the business from threats that could cause damage, disruption, and lead to fines (data protection), loss of customers, reputational damage and more.  For example, firewalls monitor traffic, filter out malware and trojans and, prevent hacking attempts, and maintain privacy as well as security.

Although firewalls are generally for the good of the business, some of the disadvantages include some firewall rules being so strict that they can restrict the legitimate work of employees, thereby affecting productivity, firewall maintenance for large organisations can be complex (unless handled by the MSP), some firewall costs can be high, and some malware attacks (e.g. through phishing) can get past firewalls.

What Does This Mean For Your Business?

Firewalls are a long-established (and now a relatively standard) element of cyber-defences that still provide a vital protective function. The fact that they can be applied to different parts of the IT system and infrastructure and can be configured with different rules and different levels as required and left to operate on their own gives them flexibility but at the same time, they provide businesses with a level of confidence that networks are being monitored automatically. Firewalls, however, are just one (important) tool in the overall defence of business networks and devices.  Today’s cybercriminals are finding ever-more inventive ways to breach defences and exploit human errors and social engineering opportunities, so businesses need to employ a large number of different security (and privacy) tools and strategies to ensure that they are protected day-to-day.

News

Top tips for working from home security

The coronavirus pandemic has changed the working landscape for everyone. Many people are working from home having set up makeshift offices in their dining room.

Working from home

But working from home has its risks. In a Government daily briefing, Foreign Secretary Dominic Raab, highlighted the rise in cyber hackers looking to exploit vulnerabilities in an attempt to steal valuable information.

“Whilst the vast majority of people have come together to defeat coronavirus, there will always be some who seek to exploit a crisis for their own criminal and hostile ends,” he said. “We know that cyber criminals, and other malicious groups are targeting individuals, businesses and other organisations by deploying Covid-19 related scams and phishing emails.

“We are working with the targets of those attacks, with the potential targets and with others to make sure that they are aware of the cyber threat, and that they can take the steps necessary to protect themselves or, at the very least, mitigate the harm that could be brought against them.”

Here are SMY IT Service’s top tips for minimising the threat of a cyber-attack.

1. Secure your Wi-Fi network

When you set up your home Wi-Fi network or receive your free router, did you change the default name and password for the admin console? If it still has the original details, your network is highly vulnerable.
We also recommend you change the network’s name (sometimes referred to as SSID) and password to something unique which will prevent a cybercriminal from accessing your network.
When carrying out sensitive tasks such as online banking, it is safer to connect via your mobile data than using public and free Wi-Fi connections.

2. Provide employees with cybersecurity awareness training

More than 90% of all data breaches are caused by human error due to inadequate training in cybersecurity risks. One wrong click from an employee in a phishing email or fake website can bring down the most robust of IT systems. Therefore, employees should be the greatest security asset and act as a ‘human firewall’ in being the first line of defence in preventing an attack. Those using the system need to understand the risks, what a cyberattack looks like and what they should do in the event of an attack.
Be as wary, if not more so of any email you receive remotely, especially those claiming to be from a manager or the boss where it can be harder to verify its authenticity.

3. Firewalls and antivirus software

Firewalls act as a defence to prevent threats accessing your system. They create a barrier between your device and the internet by closing off ports of communication. A strong antivirus programme acts as the next line of defence by detecting and blocking known malware. Even if malware does find a way onto your device, an antivirus can detect this and usually remove it.

4. Regularly install updates

You might find that regular software updates are a nuisance, but they are vital. Updates often include patches for security vulnerabilities that have been found since the previous software update was installed. The majority of the time, updates can be set to run automatically while you are on a lunch break or overnight.
We suggest checking the status under Settings\Update & Security for Windows or under System Preferences\Software Updates for Apple Mac and install any that are missing.

5. Backup data

Your data is one of your business’ most prized assets, so it is imperative that it is backed up. Data can be lost in several ways including human error, physical damage to hardware or a cyberattack. One of the most convenient and cost-effective ways to store your data is in the cloud. This has the added benefit of allowing you to access your data remotely and on different devices.
Many users often save their files to their desktop of local PC for convenience, however this means that the file is no longer backed up by the server.

6. Lock your device

It sounds very simple, and it is. By using a password on your device, it prevents anyone from accessing the contents. If you have to work in a public space, or if you live with people who you cannot share work information with, it is important to lock your laptop, tablet, or other device when it is left unattended. For Windows users, this would be by pressing the Windows key and L.
It is also advisable to avoid working on computers directly facing windows where people walking on the street can see your screen.

7. Strong and secure passwords

When choosing a password, ensure it is long and complex. We always advise clients to use a passphrase rather than password and for it to contain a mix of upper and lowercase letters, numbers and symbols as well as to change them every few months. You can simplify your computer security by using effective password management. Check out our top tips for a secure password in our World Password Day blog.

8. Device and data encryption

Encryption is a cybersecurity measure that protects computers and their content by basically scrambling the data. The data, whether it is a message, image, email or other file, is converted into an unreadable format. This means that the data is readable only to the person authorised with the physical encryption key, and not cybercriminals.

If you need advice on working from home securely, don’t hesitate to get in touch with us.