Cyber Essentials Part 1 – Firewalls

Cyber Essentials is a government backed scheme designed to set a base standard for cyber security in organisations. In fact, if you want to tender for certain government contracts then it will be a minimum requirement.
I decided that as an IT Managed Service Provider we should be able to demonstrate that we apply and adhere to these standards. We therefore recently achieved Cyber Essentials certification for ourselves. In doing so it made us assess a couple small things we see as low risk items that would have caused a failure. Ironically the things we would have failed on I know our clients wouldn’t have. This was largely since we are all technical so have Administrative access to our own machines. In all my years in IT this has never posed a problem for us. However, we would never give our clients Administrative access. In fact, such is the level of trust our clients place in us they often don’t have any staff with Administrative permissions or knowledge of any Administrative account details.
But having gone through this it made me wonder how many companies would pass the certification without having some support and making some changes. As cyber security will play an important part in GDPR planning I thought it would be useful to write a blog post outlining the basics of Cyber Essentials. It deals with five specific areas: –

• Firewalls
• Secure configurations
• User access control
• Malware protection
• Patch management

These key areas form the bedrock of security for IT systems. All organisations should ensure these the five basic areas are covered either by their in-house IT team or their external IT partner. Over the next few weeks I will cover each of the topics in turn.
Let’s start today with Firewalls

Hardware firewall
Otherwise known as an “Internet Edge” or “Boundary” firewall. For most small to medium businesses this will either be built into your Internet router or even better you will have a more robust firewall appliance that either sits inside your Internet router or replaces it entirely. It is essential that the firewall element is activated and configured accordingly.
Your firewall should not allow any inbound connections from the Internet to your internal network. If you want to be ultra-secure you can even block all outbound connections except those that you need. For instance, if you have an in-house email server you might only allow your server to send emails and not all your PC’s. This might seem strange but your PC’s will send the email to you in-house server, which in turn will send the email the intended recipient.
If properly configured, this boundary firewall stands on guard duty on your internet connection and only lets the traffic that you want to pass through.
Some hardware firewalls also have extra security features like content filtering, anti-virus, intrusion detection. These extra features can help to prevent your users from accessing inappropriate websites or infected websites.

Software firewall
Also known as a personal firewall, a software firewall is installed on each device (PC, Laptop, Server, etc). These work in much the same way as a hardware firewall but are installed and configured on each individual device. This allows almost infinite configuration possibilities since every device could be configured differently. The software firewall could be the built-in windows firewall or a built into your antivirus (malware protection) software.
If you have more than a handful of computers you ideally need a centrally managed firewall. This allows you to standardise the settings across your devices for easier management. If you are using the windows firewall and have a windows server you can centrally manage that through your server. If you don’t have a server then it might be better to use a centrally managed antivirus software that includes a firewall.
At Reach I.T. Management we take the security of our client’s systems seriously. We make sure that their security firewalls are configured with the minimum of inbound connections allowed. We also use centrally managed systems to configure software firewalls with standardised settings. Reach IT take these things seriously so you don’t have to worry about them.
If you want to discuss how we could help you with any of the above then please do call me on 01788 440024 or fill in the contact form on our website.
Next time I will cover Secure Configurations.