Computer Consult

Firewalls: Cheap and easy protection

By Bob Lowes

• You can buy good firewalls for under $75.

• Some hardware firewalls include extra security features, like antivirus protection.

• Software firewalls may slow down your computer.

A hacker penetrated the computer network of the University of Washington Medical Center several years ago and downloaded the admission records—and Social Security numbers—of nearly 5,000 patients. How could he do it? The targeted computers weren't protected by an electronic firewall.

Computer experts say that firewalls are frequently missing in physician computer networks, too. However, you can't cite cost as a valid excuse for stinting on this antihacker technology. Good firewalls are relatively cheap—even free.

They're also no-brainers when it comes to complying with HIPAA. No, HIPAA doesn't specifically require anybody to install a firewall. However, the federal regs do require doctors to take "reasonable and appropriate" measures to keep patient information confidential and intact. An inexpensive firewall has "reasonable and appropriate" written all over it.

Firewall basics. Firewalls use a variety of geeky tricks to prevent unauthorized parties from logging onto your computer via the Internet. Some firewalls also regulate what goes out of your computer—blocking instant messaging by a goof-off employee to a friend, for example.

Firewalls are critical in an era of DSL and cable modems. The high speed and uninterrupted service of a broadband connection make it easier for hackers to get a foot in the door.

While they're effective, firewalls aren't security panaceas. Determined hackers can find their way around them. Then again, the mere presence of a barrier deters intruders bent on easy pickings.

Contrary to what some people believe, a basic firewall doesn't offer any defense against computer viruses. To keep your machine infection-free, you also need antivirus software.

Hardware firewalls. You can erect a firewall around your computer with either hardware or software. A hardware firewall—a flat little box—gets plugged in between your modem and the rest of your network, says Ryan Haislar, a manager with Computerease, a computer services firm in Collinsville, IL.

Your choice of hardware firewall—like everything else in computerdom—involves a bewildering variety. Firewalls are built into some DSL and cable modems, for instance. They're also a component of many routers, a piece of hardware that directs traffic between one network of computers, such as the five PCs in a doctor's office, and another network, such as the Internet.

A prime example of a router/firewall is the Express EtherNetwork DI-604 from a company called D-Link (www.dlink.com). This router/firewall retails for as little as $29 and includes Internet filtering software that can prevent employees from visiting porn and gambling sites. A company called Linksys (www.linksys.com) makes another router/firewall for between $60 and $80. Both earned Editors' Choice honors from PC Magazine last year. While the devices are designed for a network of computers, you can use them for a single machine, says Mark Johnson, president of a Dallas medical IT firm called MediNetwork.

A firewall also may be a stand-alone device apart from a router or modem. Firewalls in this category include the SOHO3 from SonicWALL (www.sonicwall.com). Advertised as a security appliance, the SOHO3 can be upgraded with anti-virus software, Internet filtering, and other play-it-safe features. The version for a 10-computer network retails for between $350 and $400.

Software firewalls. Popular software firewalls include Zone Labs' ZoneAlarm Pro, Symantec's Norton Personal Firewall, and McAfee Firewall, all $50 or less for one computer. For a few dollars more, McAfee and Symantec will sell you a suite of programs that includes a firewall, antivirus protection, and Internet filtering.

If you're dead broke, you can download free software firewalls from Zone Labs (www.zonelabs.com) and Sygate (www.sygate.com). These freebies have their fans, although they're not as robust as their for-sale counterparts.

Computers with a Windows XP operating system have a built-in software firewall that just needs to be turned on. However, computer experts say you'll get better protection from add-on software.

Sizing up your options. Before you go out and buy a firewall, determine whether you already have one. If you hired a computer company to set up your system, their tech guys may have installed a stand-alone firewall, a firewall/router, a modem/firewall, or software firewall and never bothered to tell you. There's also a slim chance that your DSL or cable Internet provider gave you a modem/firewall.

Let's assume that your network lacks a firewall. Do you go with a hardware or a software version? Computer expert Ryan Haislar prefers hardware firewalls because a software firewall running in the background can slow down your machine, especially if it's older. "And some firewall programs constantly annoy you with screen messages that require a response," Haislar says.

If you're trying to safeguard multiple computers, a piece of hardware like a router/firewall has another advantage: It's less expensive than installing a software firewall on each computer.

Some experts recommend investing in both a hardware firewall and software firewalls for individual computers. That strategy, however, strikes Haislar and MediNetwork's Mark Johnson as overkill.

The good news is that you probably won't make a huge mistake no matter what solution you choose. For as little as $50, you can greatly reduce the risk of a hack attack. HIPAA compliance doesn't get much cheaper than that.

The author, who is based in St. Louis, is a Senior Editor of Medical Economics.

 

Robert Lowes. Computer Consult: Firewalls--Cheap and easy protection. Medical Economics Sep. 5, 2003;80:20.