Cyber attacks often target SMBs because they process a lot of customer data from personally identifiable information (PII) to payment cards that can be used for identity theft, fraud and other nefarious purposes. This puts a lot of pressure on SMBs to maintain a strong security posture, and a big part of that is to properly configure your firewalls.
While the word “firewall” is a commonly used term, not everyone really understands what it does in the context of cybersecurity. In layman’s terms a firewalls block networks and devices from unwanted traffic while also preventing users and devices from accessing dangerous or malicious content. As such, firewalls act as both inbound and outbound sentries that protect your network from malware infections, intrusions and data theft.
But just throwing up a firewall and connecting it to your network isn’t enough. Firewalls aren’t plug-n-play set it and forget it devices. They must be maintained and updated to prevent new threats. Here are eight important considerations in firewall configuration and maintenance:
1. Traffic Cop
Think of the firewall essentially as a traffic cop that decides what data enters and exits your network. You get to decide how narrow or broad the cop’s authority is. Firewalls can be configured to keep malware from getting in and to prevent connections to malicious networks or infected websites from within your network from getting out.
Firewalls come as either standalone or components of larger layered security solution. Depending on your specific security needs, the firewall can focus just on the content filtering piece or be configured to also perform functions such as intrustion detection (IDS), intrusion prevention (IPS), VPN tunneling, to antivirus software. Which approach makes sense depends on other security controls you implement.
3. Network Segentation
Network segmentation is a critical firewall function. Some computers don’t need to communicate with each other, and the firewall makes sure it doesn’t happen. For example, employee workstations and many back-office applications shouldn’t be connected to the Point-of-Sale (POS) payment systems. Linking them creates security vulnerabilities that hackers can exploit, which is just one example of why segmentation is necessary.
4. Network Updates
Any change that are made to your network may affect firewall settings. For expamle, if you decide your business needs a faster internet connection by replacing DSL with fiber, or you decide at add additonal workstations, new applications, or WiFi to your network, the firewall needs to be reconfigured to reflect the change. Neglecting to update a firewall configuration is bound to create vulnerabilities that lead to network breaches and data theft.
5. Using the Right Firewall
What kind of firewall should you use comes down to your business needs. Even SMBs may need an enterprise-grade firewall with advanced features. Buying a security appliance off the shelf at the local store is not usually the best approach nor is it recommended; it’s best to consult with an IT cybersecurity reseller to determine which solution best meets your needs.
When configuring firewalls, it’s best practice to document everything, including the password and a list of contacts and account numbers that may be necessary when calling the phone company or service provider with issues. Having detailed documentation can be especially helpful if a technician visits your site for troubleshooting.
7. Ongoing Process
Remember that firewalls are not “set it and forget it” solutions. They must be updated and maintained regularly to fend off new threats and to protect new devices and applications that are added to the network. They also must be constantly monitored and tweaked by trained IT professionals to keep things running smoothly. Simply installing the latest and greatest firewall will do nothing to protect your network if you don’t know how to properly configure it for your network. Also remember that as the network changes, so must the firewall.
Protect Your Network
A properly configured firewall can spare a SMB a lot of pain. Be sure to follow these basic recommendations to secure your environment. For more on how to secure network give us a call to setup an appointment with an IT security professional.