Going Beyond the Firewall 

A firewall is industry-standard protection for Small Business. Often the first line of defense against outside threats, a firewall forms a barrier between the full scope of the Internet and your customer’s private internal network.

Firewalls, however, are a specific product built to perform a specific task, and they don’t provide complete cybersecurity. So how can you expand your cybersecurity program beyond a firewall to provide comprehensive protection?

Good Fences, Bad Neighbors

A firewall protects against unauthorized access by scanning traffic and controlling what information can pass through the network. Since firewalls work by filtering traffic based on source and type, they won’t catch threats that come from a “legitimate” origin, such as:

• Social engineering, including phishing attacks
• Malicious websites disguised by an SSL certificate
• Human error and the insider threat

Phishing emails, for example, often make it through a firewall, as email is considered normal traffic. This is especially unsettling given that 90% of data breaches and incidents include a phishing component.

Think of a firewall like the walls of your house: they protect against unwanted intrusion, but if you leave the back door unlocked for a delivery, or the windows open for some fresh air, you’ve introduced a security hazard. Training employees and setting business policies minimizes the risk of a not-so-friendly intrusion.

Some firewalls feature Unified Threat Management (UTM) that offers more advanced protection, but not without cost: UTM systems are often expensive and cumbersome, requiring extensive setup and maintenance by cybersecurity providers and potential downtime for customers. And, yes, they still come with some of the same obstacles as traditional firewalls—sometimes we can’t help but leave the back door open for the kids, the cleaners, or maybe a contractor.

Red-Hot Attack Vectors

While most firewalls allow regular web browsing, they block other inbound traffic through an intrinsic “deny” policy. But there are many business reasons why you may need to allow access into a network:

• Compatibility with older or “legacy” software systems
• Hosting internal assets, i.e. a web server or custom application
• Communicating with an Internet of Things (IoT) device, i.e. security cameras or systems
• Remote access to internal resources, i.e. remote desktop

Opening a port, or poking a hole in the firewall, for any of these items exposes the network to potential risk. IoT devices are a great example of a common, yet potentially risky, accommodation in the firewall. Attackers can use any vulnerability in an IoT device to infiltrate the whole network.

How Can You Fireproof Your Cybersecurity?

There are several steps you can take to ensure your customer’s firewall is strong:

• Only open ports that are 100% business critical
• Follow a rigorous update schedule for any devices on the network, including IoT devices
• Perform regular firewall audits to ensure that policies and firmware are up-to-date
• Require an SSL VPN to access internal resources

And in addition to a firewall, it’s important to consider a holistic set of preventative measures for your customer’s cybersecurity:

• Build a foundation of cybersecurity plans, policies, and procedures
• Educate and test to develop a culture of cyber-defenders
• Consider additional technology to provide advanced protection
• Incorporate an ongoing program and routine of evaluation

Don’t fire your firewall – it’s an important component of cybersecurity. Just be sure you’re using it as part of, not in place of, a strong cybersecurity program.

Stay Safe,

Your Friends @ Defendify