There is No Secure Inside – So Get the Most from your Firewall

Uploaded on 2015-05-12 in TECHNOLOGY--Resilience, NEWS-News Analysis, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

 

Firewalls seem like a fixture of IT security, having been used for more than 15 years in most business environments to protect our internal assets from the hacks out there on the big bad Internet.

Yet too often we read the headlines and hear about another network intrusion that begins with "Once the criminals obtained valid network credentials they were able to explore the network and smuggle gigabytes of personal information/credit cards/state secrets/medical records to servers under their control."
Why, in the 21st century, when much of our workforce is currently sitting in a cybercafé, airport, hotel or home office, do we still think that our employees are on the inside? What about all of that data you shipped off to the cloud? Is it inside?
Modern firewalls are impressively equipped to help out with these problems.
One really obvious way to get more out of your firewall is to start scrutinizing what is going out from sensitive areas of your network with at least as much effort as you put into stopping unwanted connections coming from the other direction.
It can often be difficult to detect a perpetrator who has phished a valid set of credentials from one of your trusted users. In this case, noticing what information is being accessed and whether it is being sent off to a cloud storage service might be far more useful. 
Many organizations have started using next-generation firewalls to protect internet-facing databases and web servers from SQL injection and other common data theft attacks.
Why not protect your internal web servers and databases the same way? Whether it is a malicious insider or a malware infection, it hardly matters. If the data inside those servers and databases is worth protecting, it shouldn't matter whether it faces the Internet.
Another way firewalls can be used in "reverse" is looking for indications that you may be compromised by more advanced threats.
Often these attacks are designed to bypass anti-virus protection and can worm their way into your infrastructure. Why not watch the network for command and control traffic used by the crooks to control their devious applications?
The lack of segmentation has been a major problem with taking advantage of firewalls. When you think of them as gatekeepers, it makes sense to use one to segment off your HR, Engineering and Finance departments.
Many firewalls are available as low cost hardware appliances or can even operate as software on commodity hardware without any additional licensing cost. The cost of a small PC to protect your Finance department is pretty easy to justify.

Naked Security: http://bit.ly/1G2i3vB

« Cyber War and Peace
Kaspersky Denies KGB Connections »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Cloud Industry Forum (CIF)

Cloud Industry Forum (CIF)

Cloud Industry Forum is a non-profit industry body that champions and advocates the adoption and use of Cloud-based services by businesses and individuals.

AvePoint

AvePoint

AvePoint is an established leader in enterprise-class data management, governance, and compliance software solutions.

Apcon

Apcon

Apcon's mission is to provide valuable network insights that enable security and network professionals to monitor, secure and protect their data in both physical and virtual environments.

itWatch

itWatch

itWatch is focused on data loss prevention (DLP), endpoint security, mobile security, encryption, and cost reducing solutions for IT operations.

Protectimus

Protectimus

Affordable two factor authentication (2FA) provider. Protect your data from theft with multi factor authentication service from Protectimus.

Khipu Networks

Khipu Networks

Khipu Networks is an award winning Cyber Security Company delivering a wide range of network, wireless and security solutions, technologies and services across multiple sectors.

Assac Networks

Assac Networks

Assac Networks ShieldIT is an app that completely protects any BYOD smartphone from both tapping and hacking.

Cybersecurity Coalition

Cybersecurity Coalition

The mission of the Cybersecurity Coalition is to bring together leading companies to help policymakers develop consensus-driven policy solutions to achieve improvements in cybersecurity.

Next Horizon

Next Horizon

In the Next Horizon incubator, new disruptive models are being developed in Industry 4.0, Automated Driving and Internet-of-Things.

SecureThings

SecureThings

SecureThings focus is to provide guidance and technology to secure connected vehicles in order to build end-to-end security for the automotive industry.

Clone Systems

Clone Systems

Clone Systems is an award winning global cloud based managed security as a service provider.

Polymer

Polymer

Polymer is a Data Governance & Privacy Platform for third party SaaS apps. A modern Data Loss Protection (DLP) approach to remove sensitive data exposure on collaboration tools in real-time.

Riskaware

Riskaware

CyberAware, by Riskaware, provides business-critical cyber attack analysis and impact assessments using NIST standards aligned with NCSC guidance.

CY4GATE

CY4GATE

CY4GATE was conceived to design, develop and produce technologies and products that are able to meet the most stringent and modern requirements of Cyber Intelligence & Cyber Security.

Winmill Software

Winmill Software

Winmill is a technology services company that provides expert consulting services in Application Development, Application Security and Cyber Security.

Klarytee

Klarytee

Protect your data wherever it goes. Klarytee is a SaaS platform that builds security into sensitive content to enable granular control in AI, public cloud and SaaS.