Firewall Check!

I set aside some time each month to examine one or two sections at a time to make sure I cycle through everything in detail at least once a year.

A lot of home networks use a simple wireless access point-slash-firewall-slash-router from their ISP or from their local Big Box store. Once it’s working, it’s “set it & forget it.” Maybe you hand out the simple wireless password to friends and guests? Undoubtedly you’ll never change it since it’s just too painful to change every laptop, every cellphone, the wireless printer, the Alexa devices, the Chromecasts and Rokus, the Ring door devices, … yeah. The entire home network is one accidental visit to hackme.com away from disaster.

Not surprisingly, a lot of businesses operate precisely the same way.

At simple level, a firewall prevents inbound traffic that you haven’t invited in. That sounds innocuous enough, but “It’s complicated…” If you visit your favorite news site on a web browser, undoubtedly that page directs the browser to pull ads as well that come from other sites. When you click a link in an unscrupulous email, you potentially invite a problem in. You can also allow a problem child or an infected device onto your network unwittingly. In general, a firewall doesn’t prevent any of the above, but it can help against the general frontal assault, and it can help in preventing the spread of damage between compromised systems inside your wall.

So, how do we ensure a firewall is up to snuff?

  1. Routinely check the rules and test their function. Annotate the rules if possible — who made the change when and why. Keep documentation, however simple, about changes you make. Periodically ask if the rules still reflect your current situation’s needs or if there’s a better way.
  2. Check that the configuration has not changed since your last checks. Keep a copy of current configurations offline and know how to use them to restore the device to a known good state if necessary.
  3. Check who has access to the physical device and who has access to administrative controls. Change passwords periodically. Use strong passwords or more sophisticated methods. Monitor for unauthorized access or attempts to access administrative controls.
  4. Check for vulnerabilities using up to date scanners. Keep the device up to date with firmware and system updates that repair discovered vulnerabilities. Mitigate unrepaired vulnerabilities where possible.
  5. Keep a record of your doing all of the above.

On the home network, the basics can be quite simple. For a business that has to pass security audits to handle client data, health data, financial transaction data, and more, it can require quite a dedicated effort. In the end, it’s your decision: Once you have a grounded idea about what data and devices you’re trying to protect, you can make a sound judgment about the effort required. For instance, I monitor one network in particular with around 200 firewall rules between around a dozen interfaces. I set aside some time each month to examine one or two sections at a time to make sure I cycle through everything in detail at least once a year. YMMV.

So, when was the last time you checked your firewall?

If you’re interested in help assessing your IT security posture or staying predictably on top of your security audit needs, feel free to contact us to start the conversation.

#originstory

What are you working on? Why is it important? How can we help?

I once sat at a corporate cattle call hiring event in some hotel ballroom on the edge of one of those well-known industrial parks where everyone is working for that one big government entity just down the block. On signing in, a staff member hands each attendee a sheet indicating the various hiring managers who had some interest. Sitting in front of one of those fellows, I heard the question, “So, where you you see yourself in five years?”

I don’t remember much more of that event than my uncontrolled but very honest laughter. Looking around the room, all those people… I recognized many of them from various projects over the years when we all undoubtedly had different companies and agencies making promises and taking their cuts… But there was also this: “That guy over there? We’ve worked together before. He’s really good at X. Whenever I need help with X, I call him. And her over there? She’s really good at Y. Whenever I need help with Y, I know I can call her. It doesn’t matter where they work; if there’s something we need to accomplish, we can get it done — from wherever we are.” In my experience, not much more matters than finding these people and supporting their causes.

It’s simple:

What are you working on? Why is it important? How can we help?

TCM: The Corporate Monks