By Mike Heil, CEO, ThrottleNet, Inc.
Your firewall is the first line of defense when protecting your network from the wilds of the Internet. Often, Firewalls are an afterthought and not given priority when working through your HIPAA technical policy manual.
A firewall is in essence a guard that questions every packet or piece of data that wants to cross either way to the Internet or in to your private network. Good firewalls can detect if something is manipulating the data packets to attempt unauthorized access to your network. They will challenge each piece of information that attempts passage. Poor firewalls, or home based models, won’t. They look at simple set of instructions, and give the go ahead. Quality firewalls dig deeper.
Quality firewalls have detailed and data rich logs. They can be configured to report any suspicious activity to your security officer. Logs can pinpoint areas that may be under assault from hackers or automated scripts, called bots. They are also a valuable tool for diagnosing problems with bandwidth or hardware failure inside your network. Poor firewalls don’t bother to log anything.
Quality firewalls have definitions they can download that keep them apprised of the latest threats coming from the rogues of cyberspace. They use these definitions to check for common threats imbedded in the data stream. They then isolate and shutdown the data flow from those sources, and notify the security officer. Poor firewalls do not receive updates, nor do they even break data apart to identify threats in the first place.
Quality firewalls have access control lists that allow you to classify users according to their need of access to the Internet as a whole. They allow you only allow certain users to visit certain sites; and use content filtering to meet the standards of your Internet Use Policy. Poor firewalls see all users as equal and have no such abilities.
These are just a few of the ways firewalls impact your HIPAA compliance standards. If you have questions about your firewall or need help in this area, visit us @ throttlenet.com.