March 21, 2016

Is your firewall strong enough?

Laurent Slutzky


A network breach can cost your business as much as $5 million. Too many business owners think that a firewall offers adequate protection from would-be cyber criminals, and are stunned to find out, too late, that it does not.

If the loss of $5 million would derail your business and your sanity, then you need to learn about firewall safety now. Here’s what you need to know about firewall strength and security.

How a Firewall Works

If you know nothing about your firewall other than you’ve got one and it’s running, start here. If you’re tech savvy, feel free to skip ahead.

A firewall is essentially a bouncer. It looks at all the traffic that wants to get inside your network. It checks it out, like a bouncer looking at IDs in an attempt to spot underage bar hoppers. If you don’t look legit, you don’t get to go inside. Sounds simple? It is.

In recent years, hackers have leveled up their strategies by exploiting the central weakness in firewalls. Essentially, they’ve gotten a really great fake ID that tricks the bouncer. Now, a hacker can create code that looks and acts like totally legitimate data. Once your firewall grants the data packet entry, however, things change. That formerly harmless piece of code sheds its skin and transforms into a familiar little pest… malware.

Unfortunately, at this point your firewall cannot protect you anymore. The malware is already inside your network, actively doing harm.

In other cases, an employee could unwittingly download a file or piece of software that contains malware. Unfortunately, you have already given your employee trusted access control.

Imagine the bartender pouring drinks at the bar. If the bouncer has let someone inside, the bartender knows their ID was checked and won’t ask to see it again.

Likewise, your networked security system isn’t monitoring your employee’s actions, because your employee is trusted. Yet if that malicious software goes undetected for a period of time, your network faces real problems.

Finally, there is a threat that no business likes to think about: Insider threat. Savvy businesses must acknowledge that a rogue employee wanting to do harm could log in with their valid credentials and steal, leak, or delete sensitive data. If staff are lax about access control, this type of sabotage is too easy for staff who are unhappy or vengeful. Again, a baseline firewall will not help prevent threats from the inside because it only patrols your network’s perimeter.

Companies love firewalls because they are (well, were) super effective and very inexpensive. As these examples illustrate, firewalls do offer protection… but not so much that you don’t have to worry about a data breach. Your organization is still vulnerable even if you’ve got a firewall.

The good news is, there are stronger firewalls that leverage advanced mechanisms to better protect your network.

Recommended Firewall Types

A modern type of firewall offers backup security by scrutinizing internal traffic. These firewalls might sit at important areas in the network, giving all traffic that wants access another inspection. This way, malware that bypassed firewall #1 will now be caught and segmented. Malware that was unwittingly let in by a known employee will also be caught. Your most valuable business asset, your data? It’s safe now.

These new firewalls are efficient. They can quickly evaluate traffic, so your employees can complete work without the system slowing them down.

Next-generation firewalls offer internal firewall protection with other value-added features, such as deep packet inspection and intrusion prevention. They also allow admins to set very granular controls over which staff members can access which areas of the network. This way, an employee cannot accidentally get into a sensitive area of the server and copy or erase documents.

By protecting the inside against internal and external threats, next-generation firewalls deliver superior performance and can prevent a worst-case scenario from unfolding.

How to Tell What’s Right For Your Business?

With a new data breach in the news almost every week, it should be clear that you cannot simply use the same technology you have been for years, and keep your fingers crossed that nothing will go wrong. You need to take active steps to protect your business. It’s great that you have a firewall — but you probably need a better firewall.

A good firewall for your business should not only be suitable for your present needs, but scalable to grow as your organization grows. It should be easy for IT staff to set up and maintain, and provide useful analytics in real time so staff can receive timely notice if something does go wrong. Finally, a strong firewall will back up your existing network security system while filling a missing link in your networked security and protecting against internal and external threats.

If you cannot state with confidence that your existing firewall does all these things, you need a modern firewall that offers robust protection against internal threats.

Yet, unless you are an IT whiz, you probably don’t know enough about the modern firewalls out there to pick the right one. It’s always a good idea to check with your existing vendor. They should be able to recommend certain products that will work with your existing setup, and can help you implement these new solutions with minimal loss to your productivity.

For example, we are always happy to talk over new product recommendations with our customers. We can explain why we recommend a given product, and what known security vulnerability it will address.

You don’t need to be a global enterprise to face a risk of cyber attack. Businesses of all sizes, and in all industries, are vulnerable. If your firewall is not up-to-date, along with your other network security measures, please prioritize this now. There could be $5 million on the line.