Boundary firewalls and Internet gateways
Firewalls and gateways provide a basic level of protection where a user connects to the Internet. While antivirus software helps to protect the system against unwanted programs, a firewall helps to keep attackers or external threats from getting access to your system in the first place. The firewall monitors all network traffic and has the ability to identify and block unwanted traffic that could be harmful to your computer, systems and networks.
The security provided by the firewall can be adjusted like any other control function (in other words, the firewall ‘rules’).
The best way to stay safe online is to only visit websites that you trust or that are known to be secure. In these cases, this behaviour reduces the strain on the firewalls by eliminating incidental encounters with malicious code, drive-by downloads, and so on.
Are you at risk? The following practices should be avoided:
- The use of default administrator passwords.
- Poorly configured firewall rules.
- The firewall failing to block certain risky websites and applications.
- The firewall failing to restrict inbound and outbound traffic to authorised connections only.
- The firewall not being set to a default deny-all policy.
TJX Companies, a popular apparel and home goods company based in the US, exposed 94 million credit card numbers after a data breach in December 2006. According to sources, this was possible because TJX's network wasn't properly protected by any firewalls. Albert Gonzalez, the infamous hacker and ringleader of 2008’s famous Heartland breach, was convicted of the TJX hack and sentenced to 40 years in prison, while 11 others were arrested.
Read more about TJX's story >>
View another control:
Solutions for Cyber Essentials certification
IT Governance offers three unique solutions that will enable you to achieve certification to either Cyber Essentials or Cyber Essentials Plus cost-effectively and easily.
View the three solutions >>
Speak to an expert
Please contact our team for advice and guidance on our Cyber Essentials products and services.