There is No Secure Inside – So Get the Most from your Firewall

Uploaded on 2015-05-12 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

 

Firewalls seem like a fixture of IT security, having been used for more than 15 years in most business environments to protect our internal assets from the hacks out there on the big bad Internet.

Yet too often we read the headlines and hear about another network intrusion that begins with "Once the criminals obtained valid network credentials they were able to explore the network and smuggle gigabytes of personal information/credit cards/state secrets/medical records to servers under their control."
Why, in the 21st century, when much of our workforce is currently sitting in a cybercafé, airport, hotel or home office, do we still think that our employees are on the inside? What about all of that data you shipped off to the cloud? Is it inside?
Modern firewalls are impressively equipped to help out with these problems.
One really obvious way to get more out of your firewall is to start scrutinizing what is going out from sensitive areas of your network with at least as much effort as you put into stopping unwanted connections coming from the other direction.
It can often be difficult to detect a perpetrator who has phished a valid set of credentials from one of your trusted users. In this case, noticing what information is being accessed and whether it is being sent off to a cloud storage service might be far more useful. 
Many organizations have started using next-generation firewalls to protect internet-facing databases and web servers from SQL injection and other common data theft attacks.
Why not protect your internal web servers and databases the same way? Whether it is a malicious insider or a malware infection, it hardly matters. If the data inside those servers and databases is worth protecting, it shouldn't matter whether it faces the Internet.
Another way firewalls can be used in "reverse" is looking for indications that you may be compromised by more advanced threats.
Often these attacks are designed to bypass anti-virus protection and can worm their way into your infrastructure. Why not watch the network for command and control traffic used by the crooks to control their devious applications?
The lack of segmentation has been a major problem with taking advantage of firewalls. When you think of them as gatekeepers, it makes sense to use one to segment off your HR, Engineering and Finance departments.
Many firewalls are available as low cost hardware appliances or can even operate as software on commodity hardware without any additional licensing cost. The cost of a small PC to protect your Finance department is pretty easy to justify.

Naked Security: http://bit.ly/1G2i3vB

« Cyber War and Peace
Kaspersky Denies KGB Connections »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Caldew Consulting

Caldew Consulting

Caldew specialise in providing information assurance and cyber security consultancy, covering the full spectrum of the security life cycle.

PhishLine

PhishLine

PhishLine helps Information Security Professionals meet and overcome the increasing challenges associated with social engineering and phishing.

Northwave

Northwave

Northwave offers an Intelligent combination of cyber security services to protect your information.

CyberESI

CyberESI

CyberESI is a Managed Security Service Provider providing 24x7 remote security monitoring and management of your mission-critical networks.

Raz-Lee Security

Raz-Lee Security

Raz-Lee Security is the leading security solution provider for IBM Power i, otherwise known as iSeries or AS/400 servers.

Awen Collective

Awen Collective

Awen Collective develops software-based tools for performing Digital Forensics, Incident Response and Cyber-Crime Investigation.

Aptible

Aptible

Security Management and Compliance for Developers. Aptible helps teams pass information security audits and deploy audit-ready apps and databases.

Asvin

Asvin

Asvin provides secure update management and delivery for Internet of Things - IoT Edge devices.

Citalid

Citalid

The Citalid cyber risk management platform combines threat and business intelligence to identify the risks scenarios you face.

Envieta

Envieta

Envieta is a leader in cryptographic solutions. From server to sensor, we design and implement powerful security into new or existing infrastructure.

Secure Ideas

Secure Ideas

Secure Ideas is focused on penetration testing and application security including web applications, web services and mobile applications.

Neosecure

Neosecure

NeoSecure is a specialist Cybersecurity Solutions and Managed Services provider in Latin America.

Simplilearn

Simplilearn

Simplilearn is the world's #1 online bootcamp for digital skills training in disciplines such as Cyber Security, Cloud Computing, Project Management, Digital Marketing, and Data Science.

Syracom

Syracom

syracom is a consultancy firm specialized in development of efficient business processes. With our expertise and IT competence, we develop tailored solutions for customers in various industries.

BIRD Cyber

BIRD Cyber

BIRD Cyber is a program to promote collaboration on cybersecurity and emerging technologies aimed at enhancing the cyber resilience of critical infrastructure.

Cytek

Cytek

Cytek is a leading provider of cybersecurity and HIPAA compliance for dental practices and other industries.