Security risks to business systems are increasing at a rapid rate and are going undetected by even the best IT teams. As technology grows, businesses are now battling to contain the impact of external threats from employee-owned devices, mobile workers, unauthorised software applications and cloud services.
Gartner[1] estimates that by 2017, marketing will spend more on technology than the IT department. Yet it’s the hard-pressed IT professionals that will still need to protect everything and keep employees and company data safe from data-breaches and cyber-attack. For IT teams struggling to secure a rapidly-evolving IT landscape, Managed Firewalls provide the answer.
Free Download: Is An Outright Ban On Workplace Social Networking A Good Idea?
A managed firewall service offers an advanced security device using Unified Threat Management technology, which can inspect all traffic entering and leaving an organisation. Not only this, but it can look within traffic to inspect the content and detect intrusion attempts anywhere they may be occurring, thereby securing the business. IT teams can rely on this service to recognise anomalous behaviour and pre-empt attacks before they are able to succeed. It can be trusted to notify teams 24/7, all the while constantly reporting back to the Network Operations Centre (NOC) to respond to any alert or security event and maintain the systems with up-to-date information.
A managed firewall service filters all traffic coming into the network, much like people entering a building. In this way, we can use the analogy of a building with two security guards, that is, a building with a budget security guard and a UTM security guard, and assess the drawbacks businesses face from using a budget service.
Antivirus
People are receiving emails containing viruses, and staff are browsing websites containing malware, leaving some systems infected.
Budget system: Internal antivirus software can help stop the infection, and if they have support, IT are alerted and can begin the clean-up operation, but this costs time and money and the system has no idea who is infected or why. More so, systems and data may be irreversibly damaged.
UTM: This system detects the infected emails and blocks them. It also detects malicious websites and blocks access to these site. It does not permit files that would cause infection and notifies the NOC and customers of the events in case there is an underlying issue or pattern.
Data Loss Prevention
Staff members are emailing price-lists and pipeline reports to their home email addresses and uploading confidential documents to such services as Dropbox.
Budget system: A legacy firewall cannot detect this activity, and at 3am there is a large upload to Uzbekistani IP addresses. While 500MB of data is being uploaded every night, the source, destination and content are unknown. The business is not aware of this activity and therefore cannot understand how data is falling into third-party hands
UTM: The UTM service identifies the documents and alerts the NOC and business owner. It identifies the perpetrator along with evidence/attribution, and the security policy then blocks company access to Dropbox and related services. Daily reports sent by the service highlighti any anomalies in traffic patterns, while the company restricts web access to authorised employees only at certain times of day. Any violations or access attempts are then easily reported proactively.
Wireless Networking
The building operates a Wi-Fi network for staff, meaning all internal systems can be accessed by staff using wireless devices.
Budget system: The level of control is poor as Wi-Fi networks often provide full unrestricted access without granular policies. The Wi-Fi networks can be impersonated by rogue access points, allowing staff to naively join ‘fake’ networks, and Wi-Fi networks can also (accidentally) be enabled, granting full access to the corporate networks. Unauthorised access attempts are also not logged by the budget system.
UTM: The firewall supports Bring Your Own Device (BYOD), so access to wireless can also be controlled by device type (iPhone/Android). UTM supports multiple wireless networks with different policies (e.g. Guest, Directors, Sales), and for larger sites, multiple access points can be installed, all managed by the central firewall. The firewall can detect unauthorised access attempts to the wireless networks and alert the NOC.
When companies assess the multiple risks their networks are exposed to, many fall short. But with a managed firewall solution, these risks are negative with a dramatic increase of the network’s visibility, detection and defence capabilities. For businesses, data loss, viruses and other breaches cause significant damage, both financial and reputational. Not only do managed firewalls remove the headache of complex management from IT teams, they also offer lower operational costs along with better performance.
[1] Laura McLellan at Gartner, 2012
By Russell Horton, COO, Elitetele.com
About Elitetele
Elite Telecom is the leading unified communications provider, delivering an unrivalled, next generation product portfolio to businesses that is designed to increase efficiency, cut costs and deliver return on investment.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.