Do I Need A Firewall With Application Whitelisting?
by TUCU Managed IT Services in Toronto
Do I Need A Firewall?
Application whitelisting is an essential security tool to help you protect your vital IT network. Think of a whitelist as an approved list. Essentially application whitelisting is having an approved list of applications, programs or even domains who are approved to transmit data to, from and through your IT network. Ideally, known virus programs would be blacklisted so that virus can't enable on your network. People on your contact list would be whitelisted so their emails to you are allowed through. But how do you go about setting up a whitelist? Well, you need a firewall.
An Application Whitelist Via Windows Firewall - A Good First Step
One of the most basic instances of application whitelisting is through the Windows default program called Windows Firewall.
Using Windows Firewall allows you to configure Network Profiles based on their uses. Within broad Network Profiles, you can set individual rules governing which applications are allowed or restricted through the network, or even through specific ports.
A prime example of Windows Firewall use is if you would like to restrict a program's access to specified users. Windows Firewall can be used to set which IP address can connect to the program and through which ports.
Ports are basically the ‘border check’ for tunnels in a network. Data travels through the tunnels on your network and reaches a port through a firewall. At the port, a check is done to determine whether access should be granted or restricted, similar to a real life border check. No firewall means no border patrol, and that means anyone or anything can get through with far more ease.
Reportedly, the $80 million dollars stolen from India's bank was partially due to the use of a basic modem and no firewall. Investing in IT is a sound use of your budget.
A Firewall With Application Whitelisting Can Improve Your IT Network Security
Despite the numerous features of Windows Firewall that your small business can take advantage of, there are more broad aspects to firewalls that other programs are better suited for. This is especially important as digital threats continue to rise. Malware, cryptolockers and phishing attempts are all malicious objects which your business needs to be protected from. Windows Firewall is not enough.
Antivirus companies such as Eset and BitDefender invest enormous resources in identifying malware and threats and creating comprehensive and dynamically updated whitelists. This isn't something you can adequately do on your own. You can purchase their products to benefit from their extensive work. Reasonable IT Network Security requires some investment on your part.
Here are some areas where Windows Firewall will let you down and why investing in a commercial firewall with an application whitelisting subscription makes sense for your business.
Malware is probably the most common and well-known collection of malicious objects. Malware is the comprehensive term used to describe a wide range of malicious code and programs such as viruses, spyware, adware etc.
In most cases malware is the first and most frequent damage small business networks encounter.
For some situations end-user antivirus programs like McAfee and Norton can be effective, namely, if the "network" centers around the end user. This is common for a solopreuneur but for most small teams, this is not the case. Most small business networks centre around a server, and a well-configured gateway firewall can prevent most malware before it reaches your users.
A growing concern for small businesses are Cryptolockers known more commonly as Ransomware. Cryptolockers allow hackers the ability to lock and encrypt network files and applications. Users on the network are given a ransom to pay to unlock the files. The ransom is usually demanded in BitCoin, a digital and difficult to track currency.
In some cases, even after being paid their ransom, hackers choose to keep the files locked, however,in general, this is a money making scheme so files are normally released upon payment of ransom.
Firewalls combat cryptolockers as a whole by restricting IP addresses allowed to access the network from the outside and patrolling ports so that malicious objects can’t get through.
For highly sensitive industries where users commonly work from home, a firewall + VPN is recommended. This is one of the reasons why most businesses in the financial sector use VPNs to allow users to work from home. With a well-configured Firewall and a VPN in place, external users should never be able to access the business’ network or its files. However, a VPN is not required for most small business teams.
Phishing attempts are the actions of malicious parties to retrieve your personal and business information to be used to gain access to the network, or individually defraud you.
Phishing attempts are the most unobtrusive and well-hidden malicious threats. Most users will never know they are targets of phishing attempts as the fakes quite convincingly appear to be legitimate emails, websites and apps.
Phishing attempts can also come from phone calls pretending to be a member of the IT department.
Phishing attempts can also arrive through physical mail as fake invoices or account renewal letters.
Most commonly though, phishing attempts come via email. Emails pretend to be of legitimate origins and trick users into divulging personal information that can then be used for harmful purposes.
To combat these threats, spam filters and firewalls should be set to better eliminate these emails before they ever reach users.
User awareness training is also recommended.
We recommend gateway firewalls to almost every small business.
As we mentioned above, because of the growing threats to small business, there is a whole sector in the IT Industry devoted to fighting these malicious programs. Antivirus and firewall manufacturers work on a daily basis to update malware definitions that combat malicious programs. These definitions go into the application whitelisting programs that advanced threat management devices offer. Some of the hardest working firewalls include Ubiquiti and Cisco Adaptive Security Appliance. Check them out today.
TUCU in Toronto offers IT services for SMB's, including network setup, support and management. Your IT support needs will be planned and performed by experienced IT Technicians. For a personal quote, please contact TUCU today.
Say goodbye to techaches!
We understand that you need a reliable IT company you can trust. Join our long list of happy clients dating back to 2003.
Reach out now to schedule your Discovery Call to learn how we can help you.