Who's that knocking at your door?
Recently we were reviewing firewall logs for a client of ours as part of their managed IT services. We had recommended an improved remote access method, but the client had decided it wasn't worth the extra costs. However once we had deployed our management and monitoring tools we were able to analyse the data collected and go back to the client with conclusive evidence and a list of reasons why they needed to make it a priority.
The data collected showed that they were being bombarded by attempted attacks on common services every few seconds. Things like remote desktop ports, SSL, SSH and other common and potentially vulnerable applications that many small and even some medium to large business's may have open, either due to oversight, or simple ignorance.
All that was standing between the client and numerous data breaches were the complexity of their passwords, which luckily for them were slightly better than password123.
However a better defence than relying on passwords would be preventing these attackers from being able to knock on their door in the first place.
A firewall or UTM gateway which start at only a few hundred dollars would allow the client to reduce the likely hood of random attacks to almost zero.
To start with we would block all connection attempts from outside Australia meaning that straightaway 95%+ of attempts seen in our data would be blocked automatically.
With this one simple change and for the cost of under $1000 this client could reduce their online vulnerabilities by over 95%, plus allow for secure remote connections and future improvements such as content filtering and gateway security scans.
So next time you get a knock at your front door, maybe cast your mind to who might be knocking on your businesses virtual front door, and what intentions they may have in mind?