There is No Secure Inside – So Get the Most from your Firewall

Uploaded on 2015-05-12 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

 

Firewalls seem like a fixture of IT security, having been used for more than 15 years in most business environments to protect our internal assets from the hacks out there on the big bad Internet.

Yet too often we read the headlines and hear about another network intrusion that begins with "Once the criminals obtained valid network credentials they were able to explore the network and smuggle gigabytes of personal information/credit cards/state secrets/medical records to servers under their control."
Why, in the 21st century, when much of our workforce is currently sitting in a cybercafé, airport, hotel or home office, do we still think that our employees are on the inside? What about all of that data you shipped off to the cloud? Is it inside?
Modern firewalls are impressively equipped to help out with these problems.
One really obvious way to get more out of your firewall is to start scrutinizing what is going out from sensitive areas of your network with at least as much effort as you put into stopping unwanted connections coming from the other direction.
It can often be difficult to detect a perpetrator who has phished a valid set of credentials from one of your trusted users. In this case, noticing what information is being accessed and whether it is being sent off to a cloud storage service might be far more useful. 
Many organizations have started using next-generation firewalls to protect internet-facing databases and web servers from SQL injection and other common data theft attacks.
Why not protect your internal web servers and databases the same way? Whether it is a malicious insider or a malware infection, it hardly matters. If the data inside those servers and databases is worth protecting, it shouldn't matter whether it faces the Internet.
Another way firewalls can be used in "reverse" is looking for indications that you may be compromised by more advanced threats.
Often these attacks are designed to bypass anti-virus protection and can worm their way into your infrastructure. Why not watch the network for command and control traffic used by the crooks to control their devious applications?
The lack of segmentation has been a major problem with taking advantage of firewalls. When you think of them as gatekeepers, it makes sense to use one to segment off your HR, Engineering and Finance departments.
Many firewalls are available as low cost hardware appliances or can even operate as software on commodity hardware without any additional licensing cost. The cost of a small PC to protect your Finance department is pretty easy to justify.

Naked Security: http://bit.ly/1G2i3vB

« Cyber War and Peace
Kaspersky Denies KGB Connections »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Mocana

Mocana

Mocana provides a software platform that allows you to develop, test and distribute more secure IoT devices and services.

OASIS Open

OASIS Open

OASIS Open is where individuals, organizations, and governments come together to solve some of the world’s biggest technical challenges through the development of open code and open standards.

AGAT Software

AGAT Software

AGAT Software is an innovative security provider specializing in external access authentication and data protection solutions.

Netresec

Netresec

Netresec is an independent software vendor with focus on the network security field. We specialize in software for network forensics and analysis of network traffic.

ISMS.online

ISMS.online

ISMS.online is a cloud software solution for fast & cost-effective implementation of an information security management system and achieve compliance with ISO 27001 and other standards.

AFNOR Group

AFNOR Group

AFNOR Group designs and deploys solutions based on voluntary standards around the world and provides services including training, professional and technical information, assessment and certification.

Applied Magnetics Laboratory (AML)

Applied Magnetics Laboratory (AML)

Applied Magnetics Laboratory is a manufacturer of military security and data destruction equipment for sensitive, classified, and secret information.

CloudVector

CloudVector

CloudVector's API Detection & Response platform is the only API Threat Protection solution that goes beyond the gateway to provide Shadow API Prevention and Deep API Risk Monitoring and Remediation.

ZecOps

ZecOps

ZecOps is a cybersecurity automation company offering solutions for servers, endpoints, mobile devices, and custom devices.

SimSpace

SimSpace

SimSpace is the visionary yet practical platform for measuring how your security system responds under actual, sustained attack.

ContraForce

ContraForce

ContraForce is a threat detection and response software providing complete visibility across cloud, network, endpoints, user, and email with the ability to target and block threats in real-time.

vCISO Services

vCISO Services

vCISO Services is a small, specialized, veteran-owned firm focused on the needs of SMBs only.

Sotero

Sotero

Sotero is the first cloud-native, zero trust data security platform that consolidates your entire security stack into one easy-to-manage environment.

Intelligent Technical Solutions (ITS)

Intelligent Technical Solutions (ITS)

We help businesses manage their technology. Intelligent Technical Solutions provide you with the right technical solution, so you can get back to running your business.

CloudGuard

CloudGuard

CloudGuard is an AI-driven XDR platform that helps organisations to proactively detect and automatically remediate threats in real-time.

Inveo Group

Inveo Group

Inveo group is the Italian leader for the management of privacy and data protection issues.