Compliance Security: the Firewall and VPN

In All, Compliance, Plan Strategically, Security by Alex Kallimanis

In order to provide our clients with the best possible information technology solutions First Service Carolina is starting a new initiative to explain complex IT topics in ways that are accessible for the average user. Over the next 6 weeks we will be outlining and explaining various aspects of Compliance Solutions and Security Best Practice. These practices are essential across a number of industries and, while specifics vary, have a number of threads that tie the basics together. We are starting the first entry in this series with a subject that many people will be familiar with even if their data is not subject to Compliance regulations; the Firewall and VPN.

off-site work session, courtesy of the firewall and VPN

The concept of a firewall has been around for well over a century. Despite the technological advancements that separate the modern firewall from it’s origin, the purpose remains the same. The firewall of old protected one building from fire happening on another; today’s firewall has an equally important job, protecting your data from outside threats.

What a Firewall Does

We live in an increasingly connected world. Most people will have at least two internet connected device with them at work; their primary workstation and a peripheral device like a smart phone. Each connection to the internet poses the same threat, accessibility. To a determined individual with the right information each one of those lines can be the advantage at getting into your network. Once they have access to a machine on your network, it’s only a matter of time until things break bad.

In essence a firewall only has one job: filtering. As traffic moves into the network a firewall filters all of the data. When data is flagged by the firewall’s preset parameters it is stopped before entering the network. For many businesses this is the first step in their defenses, as each user connecting to the internet poses a security risk without it. The Firewall not only restricts access to your network, but also restricts access to dangerous sites by your users, protecting them from malware or worse.

There are a number of different ways that firewalls can be configured. For instance; malicious sites can be blocked by their IP address or by their domain (that’s what it’s hard for your kids to access instagram at school). Rules can also be set to restrict TCP, HTTP, FTP, EDP, ICMP, SMTP, SNMP, and Telnet protocols, allowing for a lot of control. These protocols can be used maliciously in a number of ways but can oftentimes be avoided completely with a comprehensive ruleset.

VPN

The purpose of a Virtual Private Network is to give users on your network reliable and secure connections to the private network from anywhere. A VPN benefits your business by:

  • Establishing connections between office locations without using a dedicated line
  • Bolstering the security of data exchange
  • Providing reliable access for remote employees and offices over an existing network; the quality of connection should be the same for any number of users until handling its maximum simultaneous connections.
  • Saving employee resources with regard to commute
  • Scalability to grow as your business grows, without needing to replace the entire solution

When combined these two technologies provide your employees with access to the data that they need to perform their jobs. Your managed services provider can tailor a Firewall and VPN for your business, following the protocols for your industry.