Network Security Demystified
February 19, 2016
“The hackers aren’t looking at me - they’re looking at the big guys like Target, Sony and TJMaxx.”
I can’t tell you the number of times I have heard this from small to mid-sized businesses. But according to a 2013 Verizon security report, the truth of the matter is that over half of all data breaches happened to smaller firms. The study shows that security in small firms is much more relaxed, and in some cases, nonexistent - which hackers see as “ripe for the picking.” Why waste thousands of hours on Sony when it only takes a few minutes to hack a local accountant?
“I already bought a copy of Norton’s Internet Security, and it works great.”
A common misconception is that one firewall is enough to protect your data. Time and time again, this has been proven false. A single firewall is not able to block all malicious attempts to penetrate your system. An analogy I like to make is a typical water filter - would you trust swamp water enough to drink it if it was filtered through the Brita pitcher sitting in your fridge? Now, I’m not saying you should throw out your Brita, but the Brita works because it depends on other filters already in place. Your municipal water treatment plant uses physical, biological and chemical methods to clean your water before it reaches your faucet. A decent, multi-layered firewall system works the same way.
Most users are familiar with the trial version of some pre-installed firewall that came with their computer. However, firewalls also come in hardware form, like a dedicated device that goes between your network and the outside world. So, for an intruder to compromise your network, they have to jump through hoops, much like the moat, walls and gatehouse of a castle. Whether it’s at the network level, circuit level, or application level, firewalls of all types can be used to prevent unauthorized access.
“So, I have firewalls. Am I safe now?”
Proper network security goes beyond putting up firewalls, because a firewall doesn’t prevent an authorized user from inviting a virus in. Basically, a firewall figures out what belongs or doesn’t belong, but if a user tells the firewall to allow something in, it does. Your home router is a typical example: it creates a layer between the Internet and the devices you want to connect to it. It is the first line of defense against a malicious hacker trying to find holes to sneak through. While a properly configured router is essential, it is moot if the WiFi password is compromised. That’s when you hope there is application level security in place to look deeper into the packets being exchanged.
Network security can get downright philosophical sometimes. Vulnerabilities will continue to be discovered as our appetites and imaginations grow, creating new avenues of communication. The more features you develop, the more complex a system becomes, which in turn opens up more “surface area” for exploitation. And while major corporations can afford to suffer a short term drop in business due to a data breach, a smaller business may never recover from that loss of business or reputation. If you haven’t made any New Year’s resolutions yet this year, there’s still time to make sure your network security is one of them.