Prevention is the best way to deal with malware

Dental Products Report, Dental Products Report November 2020, Volume 54, Issue 11

In this latest cybersecurity series of articles, the author explains how and why it’s important to select the correct firewall for your network.

In the first article in this 6-part series on cybersecurity last month, I laid out a framework for the next 5 articles that I will be writing. My goal is to present a logical sequence of steps dental offices must take to protect and secure their data. Upcoming articles will focus on the use of firewalls, dealing with malware, encryption, disaster recovery, and finally, HIPAA considerations.

In this month’s column, I want to explore why and how to choose a firewall. While many offices tend to focus on antimalware software like antivirus and ransomware software, the fact is that if you’re counting on those software systems, it may already be too late. Many forms of malware are what we call “zero day,” meaning that the virus is so new that the antivirus vendors don’t even know how to deal with them, and their programs haven’t been updated to deal with those specific strains. In my opinion, a better approach is to do whatever you can to prevent the viruses and ransomware from getting onto your network in the first place, and that’s where a firewall comes into play.

So, what is a firewall? Here’s a great definition I found online: A firewall is a network security device that monitors incoming and outgoing network traffic and permits or blocks data packets based on a set of security rules. Its purpose is to establish a barrier between your internal network and incoming traffic from external sources (such as the internet) in order to block malicious traffic, like viruses and hackers.

Firewalls carefully analyze incoming traffic based on preestablished rules and filter traffic from unsecured or suspicious sources to prevent attacks. Firewalls guard traffic at a computer’s entry point, called ports, where information is exchanged with external devices. For example, “Source address 173.18.1.1 is allowed to reach destination 173.18.2.1 over port 22.”

Think of IP addresses as houses and port numbers as rooms within the house. Only trusted people (source addresses) are allowed to enter the house (destination address). Then, it’s further filtered so that people within the house are only allowed to access certain rooms (destination ports), depending on if they’re the owner, a child, or a guest. The owner is allowed to any room (any port), while children and guests are only allowed into a certain set of rooms (specific ports).

For most dental offices, there are 3 types of firewalls, with varying levels of protection. The first is the software firewall that is built into all versions of Windows. While I always recommend that you keep this firewall turned on, in my experience, it really doesn’t offer a whole lot of protection compared to the hardware firewalls out there.

Second, some firewalls are built into routers or modems. Many offices will use these firewalls. While a step better than Windows firewalls, in most cases, these are consumer-level devices and don’t have many of the features of business-class firewalls. Examples of these types of routers include Linksys, D-Link, Netgear, and more. It’s important to know that if you are trying to get HIPAA compliant, HIPAA does not “certify” any firewalls as being compliant or not, so even though I recommend better options, you would not be formally out of compliance if you went this route.

But for the third option, I highly recommend a business-class firewall for most offices, from companies like Sophos or SonicWall. While they have additional features not found in consumer firewalls, many have antimalware subscriptions built into the firewall, adding significantly more protection for your network.

We will explore the different software techniques of dealing with malware in the next issue, but there’s little doubt that keeping the bad guys out in the first place is your best line of defense.