With all the problems of international hackers and security concerns that have hit the news headlines lately, I awoke from my sleep one night with a solution in my head that is just plain OBVIOUS, but nobody is doing it. It's a solution that will eliminate 99 percent of the Internet security problems for most small businesses. The solution: Configure a router's firewall so that it will allow traffic to and from Internet servers only within the United States. This is an extremely radical idea, but one that might make good sense.
When I started a small dial-up ISP (Internet Service Provider) business 20 or so years ago, the Internet was a new and wonderful thing. I was selling access to the World Wide Web. This exciting new technology (in 1993) allowed anyone to communicate anywhere in the world, visit web pages, and send e-mail without any additional expense. Nobody would even think about wanting anything less than the global Internet. Every Internet related company redesigned their logos to include a picture of the planet Earth! It was an exciting time to live in, riding that wave of technology. Today everyone takes world wide communication for granted, but in 1993, it was all new technology that made the world seem a lot smaller.
These days, I spend a considerable amount of time working with Internet Security. I have some great tools, such as our active firewall, that will detect and shut down suspicious traffic immediately, before any damage can be done. After many hours watching, logging, and analyzing hackers probing my network, as well as virus activity, I confirmed a well known fact that most malicious traffic comes from or goes outside the United States. The reason for this is that many countries still do not have laws or do not even care about what people do on the Internet. These countries are safe havens for hackers to operate. Hackers are free to do things that would quickly result in getting their doors kicked down by FBI and Homeland Security agents here in the United States. Hackers simply do not dare to operate within the United States. Also, when analyzing an infected computer, the first thing I look for is unexpected connections made to foreign Internet addresses, or IP addresses.
It does not matter whether you are a large or small business. Hackers are going to probe your network looking for ways to get in. Just as telephone auto-dialers work their way through ranges of telephone numbers, tirelessly making calls and playing recordings to find that one in a million sucker, Internet hackers go through ranges of IP addresses using automatic programs, testing each and every address for vulnerabilities or open ports to get into your network. It does not matter who you are, your Internet connection will be probed several hundred times each and every day, 24 hours a day. Each time you are probed, it consumes a minute amount of system resources. If you get bombarded with probes, it can turn into something called a Denial Of Service Attack as your router becomes overwhelmed. By blocking international Internet access, you make your network invisible to the vast majority of hacking activity.
So, if you have a small medical practice, store, or any other local business, do you really, Really, REALLY need to access the International Internet? Probably not!
What would life for your users be like if their work computers could go no further than the United States? Believe it or not, your users may not notice!
Would blocking Internet access for all but a single country like the United States help with HIPPA Data Security Regulations, and help protect your network from international hackers? You bet it would.
What would the major advantages be of restricting your Internet access to the United States, or maybe a handful of countries? Well there are two major advantages. On the inbound side, foreigners would not be able to attempt to access, or probe your network to look for vulnerabilities. These well known and widely published vulnerabilities allow hackers to break in and either control your computer, disrupt services, or steal information. On the outbound side, any virus or malware that infects your computer will not be able to “phone home” to a foreign server for further instruction or to upload stolen information, thus rendering it useless.
Maybe the whole World Wide Web Internet is not what you want after all. I challenge you to sit down and think of any foreign servers you need to access for actual productive work purposes. If you can't think of any, then limiting your Internet Access to only to the United States, or a handful of countries, may be a practical way to greatly increase your network security and eliminate problems.
By using a highly programmable Tomato Router, like we recommend and install for use at our customer sites, along with some custom programming, we have a way to block all IP addresses except those that are assigned to the United States. This actually amounts to over 56,000 IP network ranges, which ordinarily would be too many filtering rules for anything but the most powerful and expensive router to handle. We have an efficient way to handle this task, and it works extremely well on our Tomato Routers.
If you buy a Tomato Router from us, or have a Tomato Router already, and would like us to program it for you, we can remotely program it to restrict or allow any list of countries you wish.
With international access blocked, you can still send and receive e-mail internationally, or have foreigners visit your web site, because chances are you are not hosting your own web or mail servers. I am simply talking about blocking international access from and to your local Internet Connection.
This solution is not for everyone. Obviously it would not work for Sony Pictures. If you are not an international company and are mainly concerned about accessing the Internet within the United States or a small list of countries, we can block international traffic at the router so you, your employees, and work computers will not be able to communicate with international hackers.
Good network security has many layers. Blocking or allowing Internet access to a country is a great tool to enhance your defenses against international hackers. It could be one of the many levels of security you use to protect your network.