Is your firewall fighting fit?

Steve Sutcliffe
By Steve Sutcliffe
Previously we’ve talked about firewalls as being the bouncers of the internet. Believe it or not, they also have a lot in common with those fitness DVDs and gym memberships thousands of us will be investing in come January in a bid to shift some of the Christmas pounds.
Is your firewall fighting fit?

While the initial purchase may be a good first step on the road to health, it is only a tiny part of what’s required. In isolation, buying a gym membership or DVD will do very little to help you get fitter. And – believe it or not - it’s the same with firewalls. They are all too often installed with the best of intentions only to be left to languish, be ignored and unloved, while the health of your online security continues to suffer.

Getting the basics right

A fitness DVD that’s still in its cellophane wrapper on the shelf is no good to anyone. A firewall is no different. If you just leave the firewall configured as it arrived with you, it will do very little to protect your business.

Think of it as a building locked with an access code. Over time, as the people authorised to access this building may change and grow in numbers it makes sense to keep changing the code, if only as a precautionary measure. The same goes for firewalls. After all, a poorly configured firewall can be worse for data security than no firewall at all!

And if you have gone to the trouble of installing code access on your building it’s likely you wouldn’t leave the code as ‘1234’. Or at least we hope you wouldn’t! To most people, the very idea of doing something so careless is laughable, and yet one of the most common mistakes companies make after taking the time to install a firewall is to then leave it with the broad rules and open policies that come as standard, without configuring it to their own organisation’s needs.

Firewalls are the unsung heroes of your business, constantly working away behind the scenes to protect your critical business data. Cyber attackers are getting more and more sophisticated, but there’s still not much a firewall can’t do. And while getting your firewall right may not be a speedy process, neither is dealing with the fallout of a cyber attack.

Take the time to set up specific rules, and your firewall will be able to use them to filter out unwanted and dangerous intrusions. For example, the firewall could shut down any non-essential ports that a hacker might probe for and open. Your network manager could also choose to block out all inbound traffic except for email or data that's been requested by someone inside the firewall.

Keep up the good work

Back to the gym membership: we know you’ll go for a few weeks and then it’s easy for those good intentions to slide. Same with firewalls. If you stop maintaining them, they will soon stop being effective.

In our experience, the needs of businesses have an uncanny ability to alter at a blink-and-you’ll-miss-it rate, and that means their firewalls will have to as well. So, a firewall that may be operating effectively one day has to be maintained to ensure it remains so. Luckily, if there’s one thing your firewall should be good at it is adapting to changes. What it may not be good at, unfortunately, is operating successfully when no thought is given to removing the rules that have become obsolete. Your firewall is your friend, so it’s in the best interests of your business to treat it to frequent audits to delete unnecessary rules and test the impact of such changes.

Firewalls aren’t supposed to be like a locked vault without access; more like a city allowing movement in and out. But it is also worth taking the time to ensure that reasonable controls are in place for traffic leaving the business, as well as entering. More thought needs to go into what could be exposed when it is assumed that all outbound traffic can be trusted.

Our team of experts can run simple tests that will show you how vulnerable your critical data is to thieves, and how easy it would be for someone to plant a virus or malware on your server, or access data you don’t want them to access. And, for a limited time, we are offering this network security check for half price as part of a wider charity fundraising initiative. Available to 40 businesses for just £250, all of the money raised will be donated directly to St. Gemma’s Hospice and Pancreatic Cancer UK. Find out more here.

Dynamic insights & advice