Edward Snowden has become a household name for most Americans or at least for those in and around technology. He is the person who leaked the secret that the NSA was viewing your emails, listening to your phone calls and other privacy-invading actions. Whether you believe what he did was a good thing for the American people or bad is not the purpose of this blog post.
My goal is to say that what he did cause a fundamental shift in how we view our firewall security and how we protect our small businesses. From a practical standpoint, what Snowden revealed was that your email is not private and that your Internet browsing is not either, essentially he made you think about your firewall security. For most of us, this is not a problem because we are not doing anything that would interest the government but let’s think further.
The nature of email is that I can send an email to anybody and they can send an email back. This requires a very open structure because we all have different software and if it is going to be able to communicate, then all software needs to follow the same standards. Encryption takes this open format and covers it up so that it can’t be easily read and it further adds a “code” as a combination lock, that only the recipient knows.
This process of encryption is helpful because now I can send information and I do not have to worry about the wrong people being able to read it. A good example might be my personal financial information including social security numbers that I must send to the bank. As of February, 27th 2016 according to the New York Times, 77 percent of requests sent from computers around the world to Google's servers are encrypted, this is up from 52 percent at the end of 2013. Google’s goal is to code 100% of the traffic that flows in and out of their servers.
Encryption is a good thing for most of us, but unfortunately, the cyber criminals are using it to their benefit. By encrypting their malicious code, they can infect your computer when you thought you were protected. Your older hardware firewall may have difficulty in recognizing that there is malicious code in the traffic flowing through it and so it will not block what arguably should be blocked. Next generation firewalls have the processor power, additional memory and current software that allows them to un-encrypt the information, look for malicious code and then if everything looks okay to pass them on.
If your firewall appliance is more than four years old, you probably need to look hard at replacing it. Like a PC a firewall has a life and we would suggest that life, is three to five years. The fact that the firewall appliance seems to be functioning properly and not giving you trouble is not a good indicator of how well it is protecting your business. We would recommend that you speak with whoever manages your firewall about deep packet inspection and Geo IP provisioning. Geo IP provisioning is where you put restricted locations into your firewall. Example; we do not do any business in Russia so don't allow traffic to pass through the firewall from Russian IP addresses.
Improving Your Network
Total Computer Solutions is continually looking for ways to improve our client’s networks and with that the security of their systems. TCS can help by being proactive and recommending changes before a hack, or a system failure occurs. If you do not have a trusted adviser who is looking ahead at ways to secure your network better or if you just want to get a second opinion, give us a call or click below and we will be happy to assist you.