24 Sep Cyber Essentials – The Five Controls – 1. Firewalls
As we explained previously, the Cyber Essentials accreditation has five key controls that need implementing and maintaining to a high standard to make a successful certification possible. This article is all you need to know about the first, Firewalls.
Firewalls are one of the five key components required to achieve the Cyber Essentials certification. For those that don’t know anything about them or haven’t heard of them before, let’s take a look at what Firewalls are, how they work, the different kinds, and the various ways to configure them to ensure you satisfy the requirements needed to pass the certification.
What is a Firewall and what is its function?
A Firewall monitors incoming and outgoing network traffic based on predetermined security rules. It creates a protective barrier between a network that you trust and a network you don’t.
It sits on the edge of your network separating it from the rest of the internet. For example, see it as your front door – if you leave it open you are welcoming people in, if you close it you are shutting the unfamiliar/ untrusted out. This same concept applies to Firewalls, and, like you looking out of your window to see who is there before you let them in, a Firewall monitors access for what is coming in and going out.
A Firewall is the gatekeeper to your network – its role is to prevent those that have not been permitted access from getting into your network and to stop them viewing or having access to your sensitive data or systems, all whilst simultaneously providing secure access for those external to your network that you wish to allow access.
How is a Firewall configured?
This is a difficult question as it entirely relies on the size of the network that needs protecting. If it is a small business that needs protecting with a handful of end-point devices, then they can be implemented at a device-level. If you combine the effectiveness of a Firewall with various other protective measures (such as anti-malware software) and are up to date with your patch management, there is no reason why your network security cannot stand up to scrutiny (more detail on this in a later article).
On the other hand, if you have a larger business, device-level Firewalls wouldn’t be feasible, as they would be extremely difficult to manage and keep control of, and almost definitely wouldn’t do their job effectively. This makes boundary Firewalls the best option.
How does this help me achieve Cyber Essentials accreditation?
Every device in your network MUST be protected by a Firewall – with no exceptions! You can further minimise cyber risks by effectively managing the Firewall’s controls. Having installed your Firewall software there are then some considerations that you need to determine to ensure your protection is the best it can be, which are as follows:
- It is essential you apply ‘rules’ to block any untrusted activity in your IT landscape. Just having a Firewall is not enough to achieve certification – you must prove that it is set up as safely as possible and will restrict certain traffic that is deemed as high risk.
- Make sure the Firewall configuration is safeguarded by strong password protection! Administrators should use long, complex passwords with a random assortment of numbers and letters to make them as hard as possible to guess
- If you have devices that are going to be used outside of the already protected business network they MUST have the added protection of a software Firewall. Technical security measures are essential, especially with the rapid rise in remote working and a lot of teams working from home – meaning that devices such as laptops, tablets, and mobile phones are being used on high-risk networks and, even worse, public Wi-Fi.
- Only allow access when necessary – allow permissions to employees based in the business who do actually need access to that account. If more than one person needs access to a particular account you must introduce additional access controls wherever you can – you can’t have too many.
As we said earlier, Firewalls are the first line of defence for your system so, like your front door at home, don’t leave it open – anything could happen if you do.
Cyber Essentials Accreditation achieved
We understand the importance of top-level cyber security in your organisation. Our team of experts will help guide you to Cyber Essentials Accreditation and a secure future. We will ensure that you feel confident with the new tools that were implemented which made achieving the certification possible. Contact us now and find out how we can help you transform your digital landscape into a fortress that cyber criminals haven’t got a chance of being able to penetrate.