Already in 2021, a devastating cyberattack has impacted a significant portion of the United States population—in early May, hackers shut down the Colonial Pipeline until a ransom of almost $5 million was paid in bitcoin, although that didn’t stop major fuel supply shortages along the East Coast. Through global pandemics, national elections, and technological innovation, there has been one constant over the past 10 years—the pace of cyberattacks accelerates.
Hackers, unfortunately, are extremely opportunistic in who they target—they go after individuals as well as businesses of all sizes. No matter your business, there is probably a digital component, including wireless connections, smartphones, or an email address. Even these small exposures put you at risk, so cybersecurity needs to be part of your business strategy.
Firewalls are a necessary component for small business cybersecurity—they provide a line of defense right at your internet connection. This guide will help you understand why you should purchase a firewall, how to compare your options, and how to set up a small business firewall.
Even though you might not think your business would be a target for a cyberattack, this is increasingly not the case. And once your company is successfully hacked, your situation can quickly become nightmarish as you are usually at the mercy of your anonymous attackers; hence why the Colonial Pipeline paid untraceable millions to regain control of their system. The average company takes 197 days to discover a system breach and up to 69 days to fully contain it, IBM says.
“Cybercriminals are continuing to evolve their attacks with more sophisticated tactics, and companies of all sizes are in their crosshairs,” Dr. Larry Ponemon, founder of cybersecurity research firm The Ponemon Institute, said in a statement. “Every organization, no matter where they are, no matter their size, must make cybersecurity a top priority.”
Ponemon’s 2019 survey of 2,000 small businesses found that 76% of American companies reported being digitally attacked in the past 12 months, up from 55% in 2016.
“More businesses are experiencing highly-targeted, sophisticated, and severe cyberattacks than ever before, yet the results of our study show they aren’t doing enough to close the gap,” noted Darren Guccione, CEO of Keeper Security, about the survey. “We … want SMBs to understand that no target is too small for cybercriminals, and it’s not enough to simply be aware of the cyberthreats that exist. It’s absolutely critical that these businesses take the next step toward cybersecurity preparedness and get a strong prevention strategy in place.”
A hardware firewall device provides protection on the frontlines of your battle against cyber invaders—at your wireless internet router. Understanding how firewalls work and what options are available will help you best protect your business, no matter whether you are operating out of your home or in an office building.
A firewall is a system that monitors incoming and outgoing computer network traffic. Firewalls can be a hardware device or a software program. Firewalls are used as a bastion of security between a protected network, like your home office computer system, and unprotected networks, i.e., the open ocean of the internet. Firewalls, particularly hardware ones, provide protection right at the source of the internet for your company.
“When your computer is accessible through an internet connection or Wi-Fi network, it is susceptible to attack,” explains the Cybersecurity and Infrastructure Security Agency (CISA) in its small business resources. “However, you can restrict outside access to your computer—and the information on it—with a firewall.”
Before computers, a firewall was used to prevent or halt the spread of an approaching fire—an apt metaphor for how computer firewalls work, if you imagine cyberattacks as the wildfire roaring toward your business.
“Using a firewall in conjunction with other protective measures can help strengthen your resistance to attacks,” CISA continues.
Hardware firewalls are a physical device, essentially a router in many cases, that is wired into your internet connection and runs cybersecurity software on all data flowing in and out of your network.
Software firewalls also exist, which are applications you download onto specific computers that protect your online connection on these computers.
While a software firewall is better than no cybersecurity, hardware firewalls are your best option. For one, they protect all devices connected to the firewalled network, not just the ones that have the software firewall downloaded. Every connection to a network presents opportunities for hackers, but a hardware firewall protects your entire network.
Also, the software used in a firewall device is fully optimized for protecting your network—when your computer is running a software firewall, that firewall program competes with your web browser, word processor, and other programs for your computer’s processing power.
Many hardware firewalls today do much more than just protect your network. They are often referred to as Unified Threat Management (UTM) devices. Along with protecting your network, UTMs can also have active antivirus software or control what devices are able to connect to the network.
Purchasing a firewall can be expensive, but dealing with the fallout of a major data breach can cost you far more in money, time, and reputation.
To set up a small business firewall, first purchase a hardware firewall or UTM device from a trusted supplier. Follow the manufacturer’s instructions closely, and don’t be afraid about contacting support if you have questions. Because each device is different, it is impossible to go into the details of setting up your specific firewall, but there are some general guidelines to keep in mind.
If a hacker gains access to your firewall, your network is toast. When first setting up your firewall, update it to the latest firmware settings, and change the password from the default password right away. Make your password long and complex—it should be a random string of letters, numbers, and special characters that you have never used for any password before. Protect your firewall’s username and password information like any other precious asset—only share it with those you trust to be responsible with it.
You can often create so-called firewall zones for different networks used by your business, and then you can organize connections by IP devices. For example, all your networks that connect to the internet, like web and email servers, could be placed in one zone. Software that contains sensitive data, like customer credit card numbers, could be placed in another firewall zone so that devices can connect with each other but not the internet. Some businesses choose to put network-wide software like their point-of-sale platforms in their own firewall zones as well.
Multiple zones make it extremely difficult for hackers to compromise your whole operation even if they breach into one zone through, for example, a worker telling their password to someone who shouldn’t know it.
Cybersecurity threats are constantly changing, but cybersecurity firms are also constantly changing their software to best protect against the latest weapons in the digital realm. Usually, your firewall will let you know when a firmware update is available, but you should check on a regular basis anyway. Update your firmware at least every month—the best practice, though, is to update your firewall firmware daily.
The best firewall for small business is a hardware device that allows access to multiple devices. Options from Fortinet, Cisco, and Ubiquiti are popular and trusted. Compare cybersecurity features and think about buying a UTM. Because firewalls control your entire network connection, they will also have varying impacts on your internet speed.
The best firewall for your home is still a hardware firewall, but you probably need less processing power. Generally, you will also not need a firewall that supports a large number of accounts and devices. Systems from Firewalla, MikroTik, and Zyxel are well-liked options for home offices.
The least expensive type of firewall is software firewalls and some companies, like OPNSense, even offer software firewalls for free.
However, a hardware firewall is still a much better choice than any software firewall, and many of the companies suggested above have affordable models depending on your needs. Remember, there is a difference between affordable and cheap—when shopping for firewalls, compare security features, company reputation, and internet speed alongside price to find the best hardware for your business.