What is a firewall
A firewall is a network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules.
Firewalls have been a first line of defense in network security for over 25 years. They establish a barrier between secure and controlled internal networks that can be trusted and untrusted outside networks, such as the Internet.
What is the Human Firewall
The human firewall is an employee appropriately educated, educated and trained to recognize attacks that exploit people and their gaps in cyber security even before the technological flaws of computer systems. That is why such training is important for all companies
Nowadays one of the terms that are often used within a company in the field of computer security is "Human Firewall": but precisely, what is meant by this expression?
One might ask: but is such training, being in any case a form of investment, a necessary expense to be included in the budget? The answer is definitely yes and the reasons are obvious.
Human firewall: a valid investment for companies
A company that invests not only in infrastructure, but also in the knowledge of its employees about it, significantly reduces the chances of seeing its data end up in the hands of criminals who intend to exploit it for their own purposes.
The initial investment proves to be valuable in the long term, an employee trained and appropriately updated on human firewalling techniques will constantly increase the level of general security of the infrastructure and the company to which it belongs.
The question that arises at this point is: how do you become a human firewall? To answer this, it should be noted that there are two elements to consider: the teacher and the process.
How to become a Human Firewall
Speaking of the teacher, there are several professionals in the sector who among their services offer ad hoc courses to educate the employees of companies on the subject of the human firewall; Precisely because the problem is of considerable importance, we immediately aligned ourselves to offer companies adequate training services.
The important thing is to turn to serious professionals of proven quality, not to people who improvise themselves as experts in the sector without having a concrete and real knowledge. This point seems obvious and trivial, but underlining it on such a delicate issue is essential.
With regard to the process, it is intended to outline the steps that must be followed in order to provide an effective service to employees and keep them constantly updated over time. In principle we can define this practice composed of 7 points, namely:
Detailed policies, clear but without overload: when employees are instructed on the subject of the human firewall, they need clear, detailed instructions that cover all the points of the specific topic being addressed. Keep in mind, however, that employees also have other topics to train on and other information to store during their working day: bombarding them with non-stop concepts is not the best way to help them. Haste must not be a bad counselor but rather people's learning times must be respected and taken into account;
Continuity is important: often, with specific or similar products, it is considered to update employees once or twice a year. With the human firewall this is not the case: hackers are always working to experiment with new ways to deceive their victims, so it is important to keep up and constantly update your employees;
Motivate employees: being able to make your employees feel appreciated and important is a fundamental step to be able to develop a human firewalling. For example, rewarding an employee with a commendation visible to all his colleagues for recognizing a phishing email will motivate the author of the work even more and will be a spur for others and emulate him in commitment and dedication to the work;
No exclusions: we must urge all members of the company to educate themselves on the subject and become human firewalls. We must assess employees' fears, help them overcome them but at the same time not think that there are people who can be excluded; indeed, they often know the so-called "untouchables" to be the favorite target of pirates, such as the Chiefs.
Sharing: Those who are trained on the topic should share what they have learned with the colleges and show themselves available to help them in case of doubts or questions. Working in watertight compartments, when human firewalls are formed, is not productive but rather widely harmful;
Continuous surveillance: it is not enough to train your employees. You cannot wait for a real attack and pay the consequences in the case of untrained people who have not fully understood the concepts transmitted. It can be useful to simulate an attack and see the results: for example, set up a phishing campaign managed by the company itself and send a member expert in human firewalling to talk to an employee who fell into the trap and clicked on email links, to explain where he went wrong and why;
Proactivity: everyone must be trained in human firewalling, but it is good that there is a team dedicated specifically to this and that constantly develops their skills as a primary activity. The team should constantly look for new threats, propose a solution, and bring both aspects to the attention of decision plans.
The effects of this training are evident and recognized by the data recorded by companies: according to Proofpoint's State of the Pish report , companies that have trained their employees in this art have recorded significant improvements in threat recognition. In particular, about 60% of respondents demonstrated an improved ability to recognize the attacks in question and to be able to avoid them.
Human firewall: basic knowledge
One last question that may arise is: how complicated is it to form human firewalls?
The basic knowledge, in fact, consists of very simple points that are not particularly complicated to follow. To demonstrate this, some fundamental techniques are illustrated below with three of the main attacks directed at companies today: phishing, social engineering, malware.
Phishing: the main means of conveying this attack is e-mail. The attacker relies on various components: an anxious user, who is frightened when he sees a communication from his bank or any credit institution, is led to hastily click on the link provided and make the mistake on which the pirate relies.
First of all, we must remain calm. Then it is necessary to examine the e-mail well: often there are errors that prove that this is a fake. Some examples are:
Incorrect spelling.
Non-original logos.
Social Engineering: be wary of those who invite to introduce certain unspecified tools into our work systems.
A normal process of selecting software and ways of conveying it take place through precise and structured procedures: in a very simplified way we can say that first of all it is the sales representatives who evaluate the purchase of a resource or not. Subsequently, the instruments are tested by specially prepared teams, in safe and isolated environments compared to those of production, to verify their genuineness and functioning.
Only after these phases starts the installation process on employees' PCs, among other things appropriately announced with the various tools available to the company. If someone comes to us to convince us to install any resource on the PC and we have no role in deciding the tools to be used, then it is good not to trust.
Malware: a threat often conveyed as an executable file that asks to install software on our PC.
The precautions are as follows:
If we are not sure of the source of the file, we do not start the installation.
If, even worse, we do not know what we are installing, we do not install!
The various executable files also have various verification mechanisms, which perform functions similar to certificates for websites.
Conclusions
We can therefore say that the time spent training ourselves and learning what are the threats that try to exploit our poor knowledge in the field of computer security is certainly an important investment to make, which helps us to further protect ourselves from the risks present on the network.
Comments