With special guest Matthew See, WatchGuard
We’ve talked before about how bigger security isn’t just for bigger businesses. Recently, we talked to somebody who knows this firsthand, and he had a lot to say about managed firewalls.
Matthew See, who has a background in financial security, used to hand-build firewalls for a major global company. But big earners are no longer his top concern. His current company, WatchGuard, has been a specialist security provider for almost 25 years—and has always focused on smaller businesses. He says managed firewalls are one of the most important protective measures a small-to-medium sized business can take.
What is a Firewall?
In construction, a firewall prevents possible fires from getting into a certain location. In technology, it’s a protective obstruction between the internet and your own local network.
Basically, it keeps attackers out and data in. Simple rules dictate what’s allowed to pass through the network at any given time. But cyber security isn’t always simple, and neither are cyber attacks.
This is where the concept of managed firewalls comes in.
In our last blog, we talked about managed IT services as a comprehensive security solution for your business network. Firewalls are no exception. For example, ClubIT is able to monitor and manage every user device on a network in real time. WatchGuard’s managed firewalls are what enable us to diagnose and proactively handle security threats around the clock for smaller businesses.
Managed firewalls take basic firewall security to the next level. Additional logic, algorithms and security add-ons serve as a total functional ecosystem to manage your network security. Think about it: how many people use your network? Each one of them represents a chance for your business’s security to be compromised.
Managed Firewalls as a Remote Work Solution
Before COVID-19, everybody accessing your business network was probably right there in the office with you. It was almost enough to have one simple network firewall to block a hacker’s only way in.
Post-COVID, more people are working remotely from their own computers—all of which may connect back to the main office. Suppose an employee is targeted by a data phishing attack; that means your business becomes vulnerable, too.
For example, ransomware-infected emails can look to an employee like valid messages from colleagues. But when they click on one, they’re endangering more than just themselves. That’s right: even when working from home, someone can inadvertently expose your work network to cyber criminals. A managed firewall can actually prevent that from happening, even if someone accidentally opens a malicious email.
Common Misconceptions about Firewall Security
Big companies always make the press—when they get hacked, we hear about it. But it happens to the little guys all the time, especially those more vulnerable to cyber security threats. Here are a few more of the dangerous beliefs many people hold about network security.
Myth #1: “Cyber criminals don’t have any interest in me, because I’m not a big corporation.”
You might be surprised at how untrue this is in reality. Mr. See said of his work in financial networks, “There’s a perception that you work with a target on your back, that they can break in and take all sorts of money. It doesn’t actually work like that.” In fact, vast resources generally go into protecting financial networks. That’s why cyber criminals often look for easier targets who are unlikely to have things like managed firewalls in place to protect them.
Myth #2: “I already have antivirus software that works just fine, so I know I’m safe.”
Cyber criminals become more sophisticated by the day. They have tools that enable them to get around traditional security mechanisms like basic firewalls. In what’s called a spear phishing attack, it may be as easy as looking at your profile on LinkedIn, finding out who you know, and then learning a little about them via their Facebook profiles. (Screen scraping, or copying data from a web page like your social media profile, can even be automated.) Now, you can see how easy that would make it for them to craft a malicious email that doesn’t look suspicious at all. Employees might even believe it’s from someone they know and open it without hesitation. Without managed firewalls in place, any employee targeted by this type of tailored attack becomes a possible link to your business’s data.
Myth #3: “Even though I’m not an expert, I understand plenty enough to stay safe.”
Having worked in security all his life, Matthew See says that because it’s unglamorous, most people don’t want to learn everything there is to know about it. But to him, “It’s a living, breathing component of your network, your work environment.” According to Mr. See, sufficient security can mean working with multiple layers of physical firewalls, virtual firewalls behind those, and API-level firewalls run by host files on critical servers. Unified threat management or managed firewalls offer multiple tools both to identify and debug problems within your network at any given time.
Managed Firewalls vs Traditional Firewalls
Of course, it’s good to have basic antivirus products on your laptop—especially if you’re working remotely, because you may be working anywhere from hotels to coffee shops with unsecured networks. And that very well might be enough to protect the asset (your personal computer). But that’s still not going to protect your business’s network itself.
Let’s say a business with all its employees has 50 wireless devices connected to the same network. They could be laptops, tablets, or smartphones. Did you know that cyber criminals can even hack into a business network via a smart thermometer? That is, unless your business makes use of managed firewalls.
Here are some specific benefits of a managed firewall:
- Packet filtering (What is able to come inward via the business network?)
- Web filtering (What websites can employees visit via the business network?)
- DNS filtering (Is this link secure, or does it lead to a compromised site?)
- Sandboxing (Determines exactly what a program wants to do before it can run on your network)
- SD-WAN (For securely directing traffic across the network)
In-Depth Defence with Managed Firewalls
Does your firewall product give you information in a truly usable way? “We have partners out there who are running fleets of up to 14,000 firewalls while under central management,” says Matthew, “And let me tell you, they don’t actually touch all of these firewalls themselves. They use the central management capabilities to apply good, solid configuration templates that they know work.” The WatchGuard solution allows you to understand exactly where the weaknesses are in your network and what to do next, which makes it a lot more practical than relying on a traditional firewall. Club IT is also here for you if you’ve got any remaining questions.