GS Logo
The Green Sheet, Inc

Please Log in

A Thing

Links Related
to this Story:


Firewall Away - Internet Security

By Joel Rydbeck

One of the most overlooked areas of Internet security in small businesses is the firewall. You should become familiar with firewalls because as more merchants use IP-based credit card terminals (such as Lipman's NURIT 3020), and online gateways (such as Authorize.Net) to process transactions, firewalls can help protect them.

In addition, business computers often store personal, financial and confidential information, and you want to make sure that the information is not available for others to peruse. In this article, I'll cover some basic steps for securing a network from malicious programs (and people) on the Internet.

A lot of companies initially launched their Web sites by running them off of someone's personal computer. However, as the Internet grew, malevolent users began hacking into computers to spread worms and viruses around the Internet.

In response, many companies put up firewalls to block access to their networks. They allowed employees to use their PCs to surf the Web and send and receive e-mail, but they blocked outsiders from accessing those PCs over the Internet.

What Is a Firewall?

Webopedia.com defines a firewall as "a system designed to prevent unauthorized access to or from a private network." That's as simple as it gets. A firewall sits between you and the Internet, allowing you to go where you need to go and exchange data with others, while simultaneously blocking outsiders from accessing the data and resources inside your network.

Without a firewall, almost every computer on the Internet would be accessible from any other computer. Some programs on your computer are designed to help you share your files with other users on the network, but they also allow access from the Internet without your knowledge.

A firewall prevents these applications from providing services without your permission. Many Web sites, including those that perform credit card transactions, also use firewalls to protect the servers.

While no site is 100% secure, you can educate yourself and your merchants and manage your risk so that the likelihood of an attack or security breach is very low.

Much of your security depends on how you get access to the Internet. If you gain Internet access through your office building, you might already be protected from much of the outside world, but this doesn't mean that you're protected from your competitor down the hall.

I spent some time in an office in Dallas where the Blaster worm had infected several of the computers in the building. The worm subjected every other computer in the building to a constant attack, even though all of the computers sat behind the office building's firewall.

What Protection Does a Firewall Offer?

You need protection from many things on the Internet. Two of the largest threats from which firewalls help protect you are:

  • Malicious Hackers. These individuals use techniques, which can vary from applying advanced programming skills and social engineering to running software developed by others, in order to access your computer and data.
  • Worms. These programs copy themselves from computer to computer over a network and usually do bad things. Worms use a variety of mechanisms such as networks and e-mail to transfer themselves.

A firewall protects the network while allowing users to exchange e-mail; however, it won't catch some worms that transfer themselves via e-mail (make sure that your version of Windows is up to date by visiting http://windowsupdate.microsoft.com).

What Types of Firewalls Exist?

You have many great firewall solutions to choose from. My goal is to help you set up a solution that you can easily understand and maintain on an ongoing basis as your business grows. If you use the Internet, you need a firewall; it's a no-brainer. But what kind of firewall do you need? Let's look at your options.

Software Firewall

You can download several different kinds of firewalls from the Internet, or purchase them on a CD. Software installed on your computer stands between your network and other applications on your computer and monitors all Internet traffic inside and out. Here are a few examples:

  • Windows Firewall. This was Microsoft's answer to a lot of these risks and problems; if you have Windows XP installed, you simply need to turn it on. If you type "Firewall" into Windows help, you'll find some great information on how to set up the firewall.
  • ZoneAlarm. This is a free, third-party firewall that you can download from http://www.zonelabs.com (visit my blog http://www.merchanttechnology.org for details on setting up ZoneAlarm).
  • Norton Personal Firewall. You can purchase this solution at most major computer stores.

Hardware Firewall (aka Router)

Packaged in a little box, suppliers often combine a firewall with other features and capabilities. Many Internet providers build them right into their DSL or cable modems. (Because these applications cost so little, and the risk of not using them is so high, many providers offer a modem that does it all. If you think this might be the case with your product, jump down to "How to Test Your Network" where I provide instructions on testing a firewall.)

  • Linksys WRT54G. This firewall will fit inside a box of cookies, and it includes everything you need to run your office. You can plug it in between your DSL or cable modem and your computer and be up and running in minutes.
    Linksys includes some easy-to-read instructions for setting this up. Amazon.com offers the product for about $60; if you buy it from a local computer store it will probably be $70 - $100.
  • Netgear WGU624. This firewall is very similar to the Linksys product, but it has a different form factor and some different options.

Hardware Firewall

Focus: Fast, configurable and expandable

Other Features: Network in a box; often provides wireless access Requirements: Ethernet connection to the Internet through DSL, cable modem or an office building

Installation: Plug it into your Internet connection and computer, and you're up and running

Pros: Provides Internet security; easy setup; very configurable; expandable to protect your whole office; low cost

Cons: Doesn't protect you on the road; requires cables

Software Firewall

Focus: Portable

Other Features: Provides Internet security while you're on the road

Requirements: Computer with several megabytes of free space

Installation: Download from Web site or insert CD, and you're up and running

Pros: Provides Internet security; works well with dial up and mobile Internet access

Cons: Doesn't protect you on the road; requires cables; others can disable it; only protects your computer; uses computer resources; Pop-up windows from virus software get annoying

How to Test Your Network

If you're connected directly to the Internet, follow the steps below to assess your current situation. If you access the Internet through your office building's network, the results will reflect the security of the office building (in which case your computer might still be exposed to the guys down the hall).

From your Web browser, go to the Web site: http://www.hackerwatch.org/probe/ . Click the arrow in front of "Port Scan." A series of tests will run against your connection to determine if your computer is exposed.

The tests should finish with "Test complete. No open ports were found." All of the results should be either Closed or Secure. If you see Open as a result, you need a firewall (if you already have one, configure it so that the test lists everything as Closed or Secure).

Securing your network will help you protect your information security and extend your confidence. As the merchant services industry continues to leverage the Internet and the competitive advantages it brings, you'll be able to provide additional value as you advise your clients on their technology solutions with terminals and workstations.

Joel Rydbeck, Chief Executive Officer of Nubrek Inc., brings his strong background in e-commerce and business process automation to the merchant services industry. Nubrek offers eISO, a software application that tracks clients and provides automated commission and residual calculations. For more information on spyware visit Rydbeck's blog: www.merchanttechnology.org, e-mail him at joel@nubrek.com or call 877-390-1887.

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.
Back Next Index © 2005, The Green Sheet, Inc.