Hardware firewalls are the first line of defense to protect cardholder data and are required by the PCI Data Security Standard requirements. A firewall provides another layer of security that blocks external access to your environment and limits inside access to potentially harmful outside environments. What does this mean in plain English? It helps keep the bad guys from getting into your system and your employees from sending things outside your network. How does this occur? A firewall examines all network traffic and blocks transmissions that do not meet specified security criteria, just like a bouncer sitting at the door of a bar checking IDs or a TSA agent at the airport scanning luggage for security threats.
Without a firewall, you have no control over what comes in or goes out. It’s essentially like leaving your house unlocked for anyone to come in and leaving the door wide open for your pets to escape. Below are some best practices for installing and maintaining a firewall configuration:
*Make sure your firewall is configured properly to block unauthorized access to system components in the cardholder data environment.
*Change the default password that came with your firewall. Default passwords can be easily retrieved through search engines and are a easy target for criminals.
*Install personal firewall software on all mobile and/or employee-owned computers that connect to the Internet or to the cardholder data environment. The employees playing poker games on your back office computer may be ultimately letting criminals “in the door.”
*Use your firewalls to deny access to parts of your system and ports that are non-essential.
*Test your firewall configurations any time you change your equipment or software configurations to make sure your data is still protected.
Tags: data security, Payment Card Industry Data Security Standard, PCI Compliance, PCI Security Standards
