Enforcing The Human Firewall

What is a firewall?

To start with, we should explain what a firewall is. A firewall is a computer security network which monitors, controls and restricts ingoing and outgoing internet traffic. This means that a firewall is a software or hardware-based system that work as a gatekeeper between trusted and untrusted networks. Also, its purpose is to prevent malicious activity and engaging in unauthorized network activities.

So, firewalls are protecting unauthorized incoming connections which simply means that hackers:

1. Can’t access your data by connecting to your device.
2. Can’t take a control of your device.
3. Can’t filter your network no matter if it’s a home or office one.
   
   

3 types of firewalls

There are 3 most common types of firewalls:

• Proxy service works as a ‘’go-between’. This means that they prevent direct connections with customer devices and the incoming data packets. However, packet filtering firewalls work a bit slower than other types.
• Packet filtering uses its filters to compare each data packet, which network receives, to a set of established criteria.
• Stateful inspection examines a variety of data packets and compares them to the database of trustful information (for example: ports, IP addresses, and applications). In this type of firewall, incoming data is required to sufficiently match with the trusted information.

What is a human firewall?

So now, you may be wondering what is a meaning of human firewall. A human firewall is a ability to prepare your employees by training them to detect any threat such as phishing or malwares which might affect your business network.

Many attacks on the enterprises are caused by negligence of their employees. Therefore, humans are the weakest link in the cyber security of companies. Building human firewall for your business will require many training courses, and patience.

NEXT GENERATION FIREWALLS

A Next-Generation Firewall (NGFW) is a sophisticated network security device that represents a significant advancement over traditional firewalls. Unlike its predecessors, an NGFW combines the traditional firewall functionalities of packet filtering and stateful inspection with advanced features like deep packet inspection, intrusion prevention systems (IPS), and application awareness.

NGFWs often incorporate user and identity-based controls, providing enhanced security by allowing organizations to base policies on individual user identities or groups. They can also inspect encrypted traffic to detect and prevent threats hidden within SSL/TLS connections.

As cyber threats continue to evolve and become more sophisticated, NGFWs play a crucial role in providing comprehensive network protection, offering a proactive and adaptable security solution for modern organizations. Their ability to detect and mitigate a wide range of threats, combined with their granular control and visibility, make them a fundamental component of a robust cybersecurity strategy.

STRENGTHEN YOUR Firewall's WEAKEST LINK

The greatest threat to cybersecurity is human error. 

“We need to educate the end user in how to be safe and how to be aware" C.J. June - Paladin Data Corp. 

According to Experian's Managing Insider Risk Report, up to 60% of surveyed companies had a data breach in 2016, as a result of uninformed and negligent employees. This negligence can come in the form of opening unknown links, downloading unknown attachments and uploading personal and company information into a seemingly friendly site. These human errors are prompted by social engineering, where hackers take advantage of human behaviour to successfully manipulate the target into disclosing confidential information. 

AVOID PREVENTABLE INCIDENTS

Consider these situations:

1. One of your new interns copies an operational report onto a personal USB stick with the intent to develop his understanding of your company's customers. This report contains details of your company's customers, their contact details and profiling to better equip your company with marketing your products to the right clients. The intern then takes this USB stick and places it into the right pocket of his jacket. He then quickly makes his way to his train which is packed with the 5 pm rush. Unknowingly, this unencrypted USB is hanging out of his pocket and is easily taken by a stranger. By the time this intern realised his USB is missing, the thief had long been gone and who knows what they will do with the sensitive information. 

2. Your service-desk staff is busy and overwhelmed by the never-ending calls from difficult customers. Then she receives a call from an anxious employee of the company who states that he is desperately in need of his password which he had allegedly forgotten. The staff member, weary after a strenuous and lengthy explanation from the caller, finally gives in. Having successfully tricking the staff member, the caller confidently walks through the company firewall and disrupts your data. 

The above situations are preventable, but it requires the right steps to achieve security awareness within the workplace. 

how Drivelock can help

1. DriveLock's Security Awareness Training 

With DriveLock's Security Awareness, you and your employees will be able to access a range of topics such as:

• how to handle data,
• how to report unusual behaviour,
• the smart use of personal devices (BYOD),
• how to navigate business and personal use of Email, Internet and Social Media, 
• how to adhere to the EU General Data Protection Regulation (GDPR) and more. 

Your users are your last line of defence. Don't just train your employees, with DriveLock's holistic multi-layer-concept you can create a security awareness culture in your company. 

2. DriveLock's Application Control

DriveLock's Application Control prevents unknown applications to run on your system and runs application whitelisting with AI. 

3. DriveLock's DEVICE CONTROL

Add an extra layer of protection by managing the extent of data your employees can access with DriveLock's Device Control. Why?

Case study: Bupa's 2017 data breach leaked the personal details of more than 500 thousand of its customers. The culprit? A "rogue" employee. This employee was able to steal the names, date of birth and emails of the customers to be sold on the dark web. An ICO investigation concluded that Bupa did not have effective control over its CRM system and was, therefore, left vulnerable to be taken advantage of by employees.

4. DISK and file encryption

Disk and File Encryption provides your data with the security measure required so that in the case of stolen devices or unanticipated user action, the data becomes unintelligible to these unauthorised users. 

Interested in how DriveLock's Application and Device Control solutions can work for you?

Try our free 30-day trial or contact our experts for more information, we will be happy to assist!