Firewalls, for the most part, are thought of for keeping the bad guys out of your network. They can also be used to keep your data inside your network.
As networks have evolved from isolated connections of few computers to networks with multiple computers sharing resources and utilizing the Internet, firewalls have been there to help block access from outside the network. While that is one important aspect of what they do, there is another purpose. In today’s world of easy network access combined with high speeds it does not take long for your data to be shipped right out the door. Far too often firewalls are left in their default configuration to allow all connections to the Internet regardless of the protocol. While protocols like HTTP and HTTPS that are used for web browsing are common to let out, others such as those for transferring files such as SSH, SFTP, and Telnet should be blocked entirely or at a minimum configured to only let out specific IP addresses. Furthermore, if specific IP addresses are allowed out on those protocols, the rules in the firewall should be configured to only allow them to connect to specific addresses on the Internet.
In addition, if the network is configured in a manner where the internal data traverses the firewall, access to data within the network from other internal resources can also be limited.
At this point you might be thinking why go to all this trouble to limit connections to outside of the network? The main reason is to keep your data inside where it belongs. For many businesses, the proprietary data that is generated from day-to-day operations is their lifeblood. This data could vary widely based on your business but may include contracts, software, information about internal business operations. The list could go on but losing this data could affect your bottom line if this data were to fall into the wrong hands.
These are just a few examples of how a firewall can be used to provide extra security for your network and help, not only keep the bad guys out, but the good data in.
One of the key components of any computer infrastructure is the completion and testing of backups.
In the past, backups were used primarily to restore data in case of accidental deletion, a corrupt file or complete system crash.
Today there is an additional cause for good backups, ransomware.
Ransomware is advanced software that holds your data hostage and does not let you access it. Generally, the data is there on your hard drive, but it cannot be accessed as it has been encrypted and you do not have the key.
One of the most prevalent ways that ransomware can get on your computer is via SPAM emails that contain attachments that are nefarious in nature. Once the attachments are opened, the program goes to work and looks for and encrypts targeted files. Now you may be stuck in a bad place and will have to pay to get the key so that you can decrypt the files. But are you really stuck?
This is where the backup comes into play. Backups conducted over time and at
regularly scheduled intervals will allow you to restore your data from a time prior to it being
encrypted after the infected machine has been cleaned.
“Over time” is a particularly important concept here as there are some variations of ransomware that infect your machine but do not encrypt immediately. This means that your backups will contain the same virus that you are trying to avoid so you may have to dig deeper into the archives to retrieve a clean copy of that file to ensure that you do not restore an infected file back to a clean machine.
While this article is very simplified, your backup plan will most definitely be more complicated. You will want to look into how often you are doing full backups and how long you are going to keep them. There are weekly, monthly, quarterly, and even annual full backups that you will want to take into consideration. A well thought out backup retention plan can go along way to helping you restore your data and functionality and quite possibly save you a lot of money, time and effort.
If you would like help setting up a complete backup scheme give us a call. We can keep your network secure so you can focus on your business.
TikTok is a popular social media app made in China that makes it easy to share videos. As with a lot of tools and applications on the Internet that makes things easy, there could be some drawbacks to them whether it is security holes due to the convenience of use or processes that the app is doing behind the scenes that you don't know about it. This article from boredpanda discusses quite a few items that a reverse engineer found that the app does in the background. If you are interested in what he found give it a read at this link.
Guy Who Reverse-Engineered TikTok Reveals The Scary Things He Learned, Advises People To Stay Away From It