Why Are Firewalls Important?

What do firewalls do? Why are they so important?

Every day we are more and more reliant on digital systems both at work and home. This heavy reliance on digital tools means we need to protect our sensitive data from malicious threats. One of the most fundamental components of keeping records and systems safe is cyber security and one key component of cyber security is the firewall. But why are firewalls so important, and how do you choose the right one for your needs?

What is a Firewall?

A firewall acts as a barrier between your internal network and the outside world. It monitors and controls incoming and outgoing network traffic based on predetermined security rules. Think of it as a gatekeeper that decides what traffic is allowed to enter or leave your network, thereby protecting your systems from unauthorised access and various cyber threats.

The challenge is to get the ‘gatekeeper’ settings correct. Too strict and your team won’t get their emails, and too loose, means running the risk of access and breaches. The goal is to protect your business, whilst ensuring everyone operating within the business is not prohibited from going about their regular tasks.

The Importance of Firewalls

Firewalls play an essential role in defending against the threats mentioned earlier, they serve as a virtual shield between your network and harmful intrusions.

One of the most significant functions of a firewall is its ability to defend against cyber-attacks. With the constant rise of viruses, malware, and hacking attempts, your network is always at risk. A firewall serves as the first line of defence by blocking malicious traffic before it even reaches your system. By filtering out harmful data, firewalls prevent many threats from ever entering your network, acting as a vigilant gatekeeper, ensuring that only safe and trusted traffic gets through.

However, the value of a firewall goes beyond blocking threats. It also plays a vital role in protecting sensitive data. A firewall adds an extra layer of protection, ensuring that your data cannot be accessed by unauthorised users, hackers, or cybercriminals looking to exploit vulnerabilities.

In addition to defending sensitive data, firewalls are crucial for preventing unauthorised access to your network. Hackers are constantly on the lookout for vulnerabilities that can be exploited to gain entry. Firewalls work by only allowing trusted and verified sources to connect, ensuring that your network remains impenetrable to unauthorised users. This protection is particularly important for businesses that manage large amounts of confidential data and operate complex networks.

Another key benefit of firewalls is their ability to monitor network traffic. By observing the flow of data in and out of your network, a firewall can detect unusual or suspicious activity that may indicate a security threat. This proactive monitoring enables you to identify and respond to potential attacks before they cause significant harm, offering a powerful tool for maintaining network integrity and security.

Firewalls also enforce security policies within organisations. They help control access to websites, applications, and online resources, ensuring that employees or users adhere to the company’s security guidelines. This reduces the risk of internal security breaches by limiting the chances of users accidentally or deliberately accessing unsafe or unauthorised content. With this added layer of control, businesses can ensure that their security protocols are consistently followed across the board.

cloud security

What Firewall Should I Use?

Choosing the right firewall for your needs can seem overwhelming, especially with the variety of options available. The decision largely depends on the size of your network, the level of security required, and the specific features you need to protect your infrastructure.

Software firewalls are a good starting point, particularly for individuals or small businesses. Installed directly on devices, these firewalls offer essential protection against common threats and are relatively straightforward to configure. Options like Windows Defender Firewall and the built-in macOS firewall provide users with a solid line of defence against basic cyber attacks, making them ideal for personal use or small setups.

For larger businesses with more complex networks, hardware firewalls are often the better choice. These physical devices sit between your network and the internet, managing traffic across multiple devices with robust security features. Hardware firewalls from brands like Cisco, Fortinet, and Palo Alto Networks provide advanced protection, including Virtual Private Network (VPN) support, intrusion prevention, and comprehensive threat management.

For those requiring an even higher level of security, Next-Generation Firewalls (NGFWs) offer enhanced capabilities. NGFWs combine the traditional functions of a firewall with advanced features such as deep packet inspection, application awareness, and intrusion prevention systems. Ideal for organisations facing sophisticated and evolving threats, these firewalls ensure the highest level of network protection. Notable NGFWs include those from Check Point, Fortinet, and Palo Alto Networks.

For businesses operating primarily in the cloud, cloud-based firewalls offer an innovative solution. Designed to protect cloud infrastructure, these firewalls are scalable and capable of securing multiple cloud environments. With many organisations migrating their operations to platforms like AWS, Azure, or Google Cloud, cloud-based firewalls are becoming an increasingly popular choice. Examples of top cloud-based firewalls include Barracuda CloudGen and Cisco Meraki, which provide seamless protection for cloud networks.

Why firewalls are crucial to protecting your business

Cyber threats continue to evolve and become more sophisticated, firewalls are no longer just a luxury; they are a necessity. Whether you are an individual looking to protect personal information or a business safeguarding critical data, a firewall serves as the foundation of any cyber security strategy. By preventing unauthorised access, monitoring traffic, and enforcing security policies, firewalls are essential to keeping networks secure in today’s digital landscape.

Choosing the right firewall depends on your unique needs and the level of security you require. Whether you opt for a simple software firewall, a robust hardware firewall, or a cutting-edge NGFW, making the right investment in cyber security will ensure that your digital assets remain protected. In an increasingly connected world, where the stakes of cyber threats are higher than ever, a reliable firewall provides not just security, but peace of mind, knowing that your network is shielded against potential attacks.

Investing in the right firewall today secures your future against the ever-growing landscape of cyber threats.

The perils of password post-it notes

In today’s highly digital world, many of us still prefer the comfort of pen and paper, notebooks and post-it-notes. Storing passwords in a physical format leaves them susceptible to theft. 

With cyber threats evolving and becoming more sophisticated, protecting sensitive information is a top priority for both individuals and organisations. Despite this, a very common behaviour is to write down passwords: “Do you write your password down and put it on a post-it note and leave it on your desk?” 

While this might appear like a simple and harmless act, it actually poses significant risks. This seemingly innocent habit can be detrimental to both IT security and your own personal information, leading to potentially severe consequences.  

 

The basics of IT Security and Cybersecurity

IT Security refers to measures designed to protect the integrity, confidentiality, and availability of information. It encompasses a wide range of practices and technologies to safeguard data from unauthorised access, misuse, or theft. This includes everything from firewalls and antivirus software to encryption and secure network protocols. 

Cybersecurity, on the other hand, is a broader term that includes IT security but also extends to the protection of internet-connected systems, including hardware, software, and data, from cyberattacks. Cybersecurity strategies are designed to combat threats such as hacking, phishing, and malware attacks, aiming to protect against both digital and physical threats. 

 

The post-it note conundrum

Let’s address the question of writing down passwords and leaving them on your desk. This practice is a glaring vulnerability in both IT security and cybersecurity. Here’s why: 

  • Physical security risk: A post-it note with your password is a physical object that can be easily seen and accessed by anyone passing by. This could be a coworker, a visitor, or even a member of cleaning staff. Once your password is exposed, it’s as if you’ve handed over the keys to your digital kingdom. And that could include both workplace and personal data and finances. 
  • Lack of accountability: Leaving passwords in plain sight negates the principle of accountability. If unauthorised access occurs, it’s difficult to trace the breach to a specific individual, leading to potential chaos and security breaches without clear sources. Without identification of the source, this creates significant extra time, effort, and cost to implement preventative measures to protect against future breaches. 
  • Encouragement of bad habits: Writing down passwords on post-its fosters a culture of complacency regarding security practices. It undermines efforts to promote strong, unique passwords and secure storage practices, paving the way for more significant security lapses. 
  • Risk of social engineering: Cybercriminals often employ social engineering tactics to manipulate individuals into divulging confidential information. A visible password can be an entry point for such attacks, leading to more severe breaches. 

 

Best practices for password security

To mitigate these risks, it’s crucial to adopt and promote best practices for password security: 

  • Use strong, unique passwords: Ensure passwords are complex, incorporating a mix of letters, numbers, and special characters. Avoid common words and personal information that can be easily guessed. 
  • Utilise password managers: Password managers store and encrypt passwords, allowing you to maintain strong, unique passwords without the need to remember each one. This eliminates the need for physical notes and enhances security. 
  • Enable multi-factor authentication (MFA): MFA adds an additional layer of security by requiring a second form of verification (e.g., a code sent to your phone) beyond just the password. This significantly reduces the risk of unauthorised access. Products such as Microsoft offer an app ‘Microsoft Authenticator’ to approve sign-ins from browsers and mobiles. 
  • Regularly update passwords: Periodically changing passwords can help prevent long-term unauthorised access. Set reminders to update passwords and avoid reusing old ones.  
  • Educate and train: Conduct regular training sessions on cybersecurity best practices. Ensure that all employees understand the risks associated with poor password management and the importance of robust security measures. 

 

7 Tips for creating and remembering strong passwords

Creating strong passwords and remembering them can be challenging, hence the reason why people choose to write them down. Here are a few tips to help: 

  1. Use a passphrase: Instead of a single word, use a passphrase – a combination of words that are easy for you to remember but hard for others to guess. For example, “BlueSky$SunnyDay123”. Or combine unrelated words in your passphrase or password. 
  2. Incorporate numbers and symbols: Mix in numbers and special characters to add complexity. Avoid predictable patterns like “Password1!” or “1234$abc”. 
  3. Use a combination of at least eight numbers, letters and symbols: The longer your password and the more character variety it uses, the harder it is to guess. For example, M0l#eb9Qv? combines upper- and lowercase letters, numbers, and symbols, making a unique and hard-to-guess password. 
  4. Acronyms and abbreviations: Create passwords from the first letters of a sentence or a phrase. For instance, “I love to travel around the world in 2024!” could become “Il2tAtw2024!”. 
  5. Avoid common words and personal information: Steer clear of using obvious words or personal information such as birthdays, names of pets, or family members. Do not use sequential numbers and letters such as 1234, qwerty, jklm, 6789 
  6. Do not reuse passwords: Every device, application, website, and software requires a unique and strong password or PIN. Remember, if a cyber criminal does guess one of your passwords, they will use this to attempt to hack into all of your personal and professional accounts. 
  7. Use a password manager: As mentioned earlier, a password manager can help you store and manage your passwords securely. It can generate strong, random passwords for you and remember them, so you don’t have to. 

 

Overcoming the Post-it note perils

The simple act of writing down your password and leaving it on a post-it note can have far-reaching consequences. It’s a small mistake that can open the door to significant security breaches. By adopting strong password practices, utilising technology such as password managers, and fostering a culture of security awareness, individuals and organisations can significantly enhance their defences against cyber threats. This best practice will also protect your personal information and reduce the likelihood of your financial and banking information being compromised. 

Remember, in cybersecurity, even the smallest detail can make a big difference. So, think twice before reaching for that post-it note. 

Windows server 2008 end of life

Is your organisation at risk?

Did you know…

Windows Server 2008 extended support will be ended by Microsoft on January 14th, 2020 – that is less than 4 months away!

The move is seen by many as a push for users to migrate servers to Microsoft Azure. A feeling that is substantiated by Microsoft offering 3 years of critical security updates to customers who make the transition.

Make no mistake the scale of this problem cannot be understated. Statistics on Server 2008 usage are elusive. After some digging we found that lower estimates suggest 70% of Server OS installations are Windows, of these 40% are Server 2008 or earlier.

The risks

The risks of not upgrading or extending security updates to your server environment are probably obvious to most people. Whilst the systems will continue to work the infrastructure will become vulnerable to cyber-attacks. Cynics could be forgiven for thinking that criminals will increase their focus on these weaker, unsupported environments.

The risks of data loss will increase over time. Not only will there be a continuity risk to your organisation but potentially a compliance and regularity risk, depending on the nature of your business. A high profile security breach that hit the headlines recently was British Airways – who received and eye watering, record breaking £183 million fine for a data breach. https://www.bbc.co.uk/news/business-48905907

What are your options?

At this late stage migrating directly to Azure is unlikely to be a realistic way forward for all but the most basic of IT infrastructures.   There are several options and, indeed, a pathway that should be taken. Based on an understanding of your infrastructure your IT department or IT service provider can offer the following options:-

  • If servers cannot be upgraded or migrated by the 14th January 2020 customers may be able to purchase Extended Security Updates for 75% of the full annual license cost. This would provide some relief to organisations to start planning their options and migrating applications to Azure over a 3-year period. You should note that there will be a 3-year limit on this option.
  • An upgrade to Windows Server 2012 can be undertaken in a single step and provides the quickest and easiest solution. Obviously, this is likely to just defer the problem to 2023 when Microsoft intend to discontinue support of the 2012 environment!
  • Upgrade to Server 2016 or Server 2019. The options for this process are to either carry the upgrades out sequentially from 2008 to 2012, 2016 or to provide a clean installation on the platform preferred an appropriate for your environment.

At Platform 365 we have been evaluating the risks of this deadline for our clients very carefully and advising and upgrading them accordingly.

If you are unsure if Windows Server 2008 End of Life is going to affect your business or need guidance on the options available please contact Chris Young chris.young@platform365.co.uk or call +44 07985 686688 to arrange a free audit of your IT systems.

Keep up to date with all the latest tech news on our blog.