Firewalls: The ins and outs of this essential security control
Most people have heard of a Firewall, but what exactly is one, and what do they do?
A Firewall can be in the form of a security device in your office, or a piece of software installed on your computer. It is the first line of cyber security defence, to help prevent unauthorised access to your network and the private data within. The basic principle is that it forms a barrier, constantly checking all traffic coming from between you and the outside world and blocking anything that shouldn’t be allowed.
Firewalls often come in many different shapes and sizes and can provide additional features, but there are two distinct different types; Software and Hardware.
Software Firewalls, also known as Host-based Firewalls, are commonly pre-built into your laptop or computer's operating system (Windows or MacOS). They help block unwanted traffic to and from your device, but not other devices, on your network.
Hardware Firewalls, also known as a Network-based firewall, is a device that sits on your local network between your office and the internet. They help block unwanted traffic coming in and out of your network, but not typically between network connected devices (such as PCs, laptops, and servers) within your office.
With both firewalls working, they provide robust and predictable protection across your devices on the network.
All network connected devices talk to each other through ‘ports’ - think of them like entrances to an office building. Each entrance serves a specific purpose for different needs such as a loading bay, door with key card access to a secure area, employee pigeonholes, and a storefront. These could be likened ports that handle file transfer (FTP - port 21), accessing server rooms (SSH – port 22), email delivery (IMAP – 143) and your webpage (ports 80/443). Some of these examples need to be opened to the public, but some would need to have restricted access. Cyber criminals can exploit and access confidential data through these open ports, much like a thief would exploit an unlocked door or open loading bay. Keeping ports open only when needed and closing them to external use when there is no longer a business need will help ensure that they aren’t open to exploit.
The Cyber Security Breaches Survey run by the UK government recorded that the use of network (hardware) firewalls dropped from 78% in 2021 vs. 66% in 2023. This is a staggering decline in the use of this crucial technology. It also reports that around a third of businesses (32%) and a quarter of charities (24%) report having experienced any kind of cyber security breach or attack in the last 12 months which accounts for approximately 462,000 businesses and 48,000 registered charities in the UK. These reported figures are already very high, but the true number of cyber security breaches are likely to be even higher!
The Cyber Essentials certification covers 5 technical controls to help secure your charity or organisation. Firewall use is the first control, and often one of the easiest to get set up, with the majority of software firewalls being built-in to the operating system, and may simply need turning ‘on’, and hardware firewalls commonly ‘plug-and-play’ with minimal setup necessary. They ensure that the network services that need to be running to, from, and on your devices are able to do so, such as communication with other devices in your business, while restricting access to devices and internet services that you don't know and trust, which reduces your exposure to attacks.
Where open doors and broken key card locks are easier to spot, it’s not always easy to keep track of which ports are open and which are closed. That’s why it’s recommended that the firewall configuration rules that manage the ports are checked and reviewed every 90 days. This ensures that ports that were once open, but are no longer needed, are closed off, reducing the attack surface and keeping your network more secure.
At Cool Waters, our specialist consultants are available to help support your organisation navigate through your desired cyber security certification from Cyber Essentials to ISO27001.
Our Cyber Advisor service, inclusive of Cyber Essentials certification fees and a full 12 months of ongoing cyber security support starts at just £97 per month for an organisation with 9 or fewer employees.