“Why do we need a new firewall if we are planning to migrate our services to the cloud?”
Many businesses that have made the jump to cloud-based services ask this question, and it’s a good one.
Why keep spending money on on-premise security when you’re already paying Microsoft, Amazon, or some other company to host your IT services and keep your information secure? For some small businesses, the idea of getting rid of the firewall and saving money on cyber-security is one of the big draws of switching to the cloud in the first place.
In addition to making documents and services more accessible to your team, the cloud improves overall security, and your service level agreement with Amazon, Microsoft, or a private cloud should specify that.
So do you really need a firewall? Yeah, I’m afraid you do.
Cloud Security Isn’t Enough
Even with all the amazing protections businesses get in the cloud, it doesn’t shield your entire technical infrastructure from threats.
Speaking metaphorically for a moment, if you ditched your on-premise server and moved all customer files and confidential data to the cloud, these files are no longer stored in your office—either in a filing cabinet or on a computer. Does that mean you can stop locking the door to your office? Would you leave the door wide open because your data is no longer directly vulnerable?
It’s a silly question, but it strikes at the issue of why firewalls are so important. Just because your data is stored in the cloud and protected with authentication, that doesn’t mean cyber-thieves aren’t targeting other assets in your office. Without a firewall, you are essentially leaving the door open, exposing every piece of technology in the office to theft, including computers, servers, wireless hardware and printers.
Firewalls Protect You From The Internet
If you have 30 machines accessing the Internet every day, you know those computers are doing more than just working in the cloud. They are checking email, googling stuff, updating social networks, and visiting websites. It’s easy to stumble upon a site that isn’t properly secured along the way.
Suppose one of your employees goes to a compromised site and malicious software infects their machine. Later on he or she will try to access secure data in the cloud. Even though your cloud environment is secure, the computer connecting to it isn’t. As a result, any data exchanged between the server and the employee computer could be intercepted by the malicious software and sent to someone else. That’s a significant threat to your business, and it only takes one infected site to trigger a breach.
What Your Firewall Can Do for You
Regardless of how your employees use technology at work, make no mistake – you need a firewall.
Your cloud service provider should keep your data safe and available at all times, but that commitment does not extend to your computers, and vulnerabilities in your network can still allow threats to reach your data. By using a multi-layered approach—firewalls, endpoint protection, backups and employee training—you can maintain a system that scans everything coming into your machine. Remember, computers aren’t designed to protect everything in real time. Firewalls are.
Firewalls for Remote Workforces
If your employees are mostly doing their work from a centrally located office, it makes sense to install a firewall to filter out bad traffic, but what if you have remote workers?
Just like filtering water, there is no single approach of keeping the bad stuff out everywhere you go. When employees access the cloud from other networks—like hotels, cafes, and personal Wifi – you can’t count on the same level of security.
To avoid threats in these situations, there are a few things you can do. The first step is training. Teach your employees how to recognize dangerous websites, spot threats, and identify infections. The second step is endpoint protection. If employees are accessing the cloud out of the office, make sure their devices are safeguarded with antivirus software and encryption.
Third, you should use a virtual private network to allow employees to access your office network remotely. A VPN will connect a remote worker back to the central office network, encrypting all communications between the network and the employee’s computer. This process means remote employees can surf the web and access the cloud as if they were in the office—even if they’re miles away. Most importantly, the VPN puts your remote workers back on a firewall protected network.
These precautions may sound like a lot of work, but a managed services provider like us can set them up pretty easily. You’ve already gone through the trouble of migrating your assets to the cloud. Why not take a few extra steps to make sure the doors to the outside world are closed while your teams make magic on the inside?