Why are firewalls important and do you need one for your small or midsized business? That’s probably the question that led you to this article. Here’s the thing - firewalls are critical security tools, but they are not the only thing you need to stop all cyberattacks. We’ll explain more in the article below.
A firewall is a network security system that protects your network from unauthorized access and external threats. A firewall can either be a big hunk of hardware or installed software.
A firewall is designed to protect computers from viruses and malware by blocking unauthorized traffic. There are security controls within the firewall so you can block traffic from certain countries, block access to specific websites, and can inspect traffic going in and out of your network.
To understand the importance of a firewall, let’s look at what could happen without one. Without a firewall, any cybercriminal essentially has the ability to gain access to your network and your data, and you wouldn’t have any way of monitoring this type of threat. A firewall isn’t bulletproof by any means, but it can be very effective along with other security solutions.
There are three types of firewalls:
Depending on your business, you may want one, two, or even all three for your company.
Here’s an overview of each option:
Hardware firewalls are made by companies like SonicWall, FortiNet, Meraki, Palo Alto, and Cisco.
These systems are best for businesses who are still largely working from the office, since they protect the physical network at your office. They will only protect home-based users if they use VPN to connect, and only provide full protection if the VPN is configured to “not allow split tunneling.”
You can get a good overview of hardware firewalls from Gartner.
Windows and Mac computers have firewall software built in. You should double check to make sure they’re enabled at all times.
Make sure you work with a qualified IT or security expert to configure these built-in firewalls. They can get complex, and it’s important you know what you’re doing.
Companies like ZScaler, Perimeter 81, and Cloudflare have created a new type of firewall, called “SASE”. A lot of companies are now considering these systems either as a replacement for or in addition to their hardware firewalls on their networks.
With the COVID pandemic, many companies have moved to a situation where many more people are working from home. Since companies usually don’t have control over their employees’ home networks, SASE tools let them connect securely from home, and provide some of the same benefits of a hardware firewall. Many of our clients are either implementing or considering SASE tools, especially as they move to cloud-based solutions like Microsoft 365 and Google Workspace.
Overall we recommend that everyone should turn on and configure the firewall built into your Mac or Windows machine (see instruction links under #2 above). Businesses that work in an office should typically have a hardware firewall appliance. If you have a mostly remote or all remote workforce, it’s important to understand that a hardware firewall may not make much sense, and you should consider a combination of SASE and better endpoint protection.
This article explains why firewalls are important – but it’s necessary to understand that firewalls will not stop all cyberattacks. As a cybersecurity company, we used to offer a service where we took clients’ firewall logs into a SIEM (basically a big database) and looked for anomalies.
Here's what has happened over the past few years that make this monitoring a sometimes ineffective way to catch security issues:
You know when you go to a website and it has that little green padlock indicating it's secure? That's a great thing from our perspective, but it means your firewall is completely blind to any viruses that might come over that connection. Between 85% and 95% of all Internet traffic is now encrypted, which means that we'd never see anything that happened over the majority of your traffic.
If you have employees working remotely, the firewall won’t have any visibility into what’s happening. Plus, many businesses are using or moving to cloud services like Microsoft 365, which means that people won’t need to VPN into the office to do their work. A firewall is blind to that traffic.
So what’s the solution? We still recommend having a firewall if you're in an office situation, as it's still good at blocking basic attacks, but for more sophisticated attacks we need to go to the endpoint.
We need to shift our thinking to look at firewalls as a good defense against rudimentary attacks, but all of the more advanced attacks these days are going after the users and the endpoint. That's really where we need to focus our efforts to be effective.
Monitoring computers for suspicious and malicious activity has always been the best approach, but the problem is that 2-3 years ago all of these tools were extremely expensive, and were out of reach of small and midsize businesses, so the firewall was the best we could do without charging an additional $25k per year. However, that's changed a LOT in the past year, and these services also come with 24x7 monitoring. We have helped a number of our clients implement a service that includes 24x7 computer-level monitoring for way less than $25k.
We specialize in helping small and midsize companies in highly regulated industries like healthcare, financial services, and government contracting. Our 60-point gap assessment turns into a living project plan that we use to improve your cybersecurity.
Our solutions are not one-size-fits-all. We customize our recommendations for security solutions (including firewalls, 24x7 monitoring, antivirus, vulnerability scanning, and more) based on your specific company’s needs. Adelia Risk Virtual CISO Service and Testimonials
Leave a Reply