Routers, Firewalls and Small Business Security

Most small businesses rely on the modem / router provided by their ISP (internet service provider), or a consumer-grade Wi-Fi router that they purchased at a big box office or computer store. Everything appears to be OK, and mostly everyone is connected to the internet and are able to browse at will. Usually, I get asked for help if the WiFi signal is too weak, or if the internet is “too slow.” Otherwise, I get called in when one or more computers are infected, or are running poorly or have a terrifying message up on the screen.Sadly, sometimes that is too late. Some of the encrypting malware (Ransomware) does its job properly, and recovery is only possible with a good quality backup.

So how do we protect a small business from losing everything? First of all, backups. The best form of backup is a hybrid backup—with local and cloud-based backups. The local backup is faster for recovery, but can be damaged by whatever might harm the computer(s). The cloud-based backup is slower, but is off-site and safe. We can help you set up appropriate backups for your business, but this blog post is about keeping the bad actors out of your computers.

If you are subject to privacy laws (HIPAA, FINRA) or are concerned about protecting your own data and your clients, you know that you need security software (antivirus and anti-malware) and that your business needs some sort of firewall. You may be relying on the software firewall provided by Microsoft Windows or your antivirus suite, or you may know that there is a simple firewall in your router.

The main problem with relying on a Windows computer to protect itself is that if something gets past the local protection, it is able to hide from Windows and do it’s dirty deeds invisibly, until it is too late. So while you must have antivirus / anti-malware protection on your computers, it just isn’t enough anymore.

So the firewall in the router will protect us, right? Well a NAT (Network Address Translation) firewall does provide some basic protection, but the dirty secret of the industry is that these consumer-grade or ISP-provided routers stop getting firmware updates from the factory or the ISP fairly quickly. It doesn’t pay to keep providing updates for a device sold for a low price to compete for limited dollars. So when a security hole is discovered in your router, you may never get an updated firmware to protect you. Frankly, even if a firmware update is provided, you may never see it—you have to log in to the router and load the update yourself. Sadly, this is the state of the industry—we all want to pay as little as possible for our routers, and the big selling points are speed and distance for the WiFi, not security.

So as a small business owner, what can you do? Business-grade firewalls do exist, and while they cost more, they also provide better protection and continue to receive updates for much longer. A basic business-grade firewall may serve your purposes well, or you may want a NG (Next Generation) Firewall. A Next Generation Firewall will come with a security subscription that costs money (just like your antivirus), because you will be paying your share for the updates to firewall rules, application filters and anti-malware protection. The firewall company is paying security analysts and programmers to keep you safe. Is it worth it? I think so. We have a next Generation Firewall at Ed’s Computer Solutions. We can discuss the options for your business, and we can look at the level of protection and budget that you are comfortable with. Both the Business-grade and the NG Firewalls are compatible with Business-grade WiFi Access Points, which give you more security and better coverage.

Ed's Computer Solutions recommends Check Point and Untangle NG Next Generation Firewalls. We use Ubiquiti Business-grade security and WiFi access points for our business-grade offerings.

Contact Ed’s Computer Solutions today to set an appointment to check and upgrade your business security with a proper firewall.