The answer is simple – whichever one your local qualified IT professional recommends. Please note I said “qualified.” I hear so many stories from executives that start out with, “My brother-in-law who knows all about computers told me that I should do such and such and now nothing works right anymore!” Yes, brothers-in-law are often much more fun to work with than an IT professional, so I encourage you to find an IT professional who is both fun to work with and makes his living being successful at IT.  This is your family’s safety you are talking about here.

The important reason to go with the device recommended by your local qualified IT professional is that they are familiar with the device. That way, when your device stops working at some crucial moment and says something less than helpful such as, “error number 64553,” your local IT professional will know exactly what to do. They have seen that issue fifty times before and can fix it in their sleep. Even better, they have anticipated the issue and have already taken steps to ensure you never experience the problem in the first place.

What makes a good firewall good? Several things – and most of the answers are very technical. This blog is dedicated to business professionals who want to know about IT in plain English. Better firewalls examine the actual data being transmitted.

For one thing, to compare your network information to snail mail, better firewalls open up the envelopes and read inside before they decide to let the information travel on your network.

Better firewalls allow you to connect a secure tunnel to your office through a technology called VPN. VPNs can cause a lot of trouble if they are not set up correctly – such as allowing all your home computers to infect your office computers with everything your kids accidentally download. When set up properly, however, they can be a wonderful help in security.

More advanced firewalls can block material from web sites too. Think of parental controls. The better the service, the easier it is for you to configure. Technology can be simple and easy in many cases.

Better firewalls can also give you an experience of your information getting to you faster. In addition, through giving different types of traffic different priorities, you can make the most of your connection to the Internet.  In other words, if your kids are listening to online radio, you can give your connection to the office a higher priority.

Another example is that if your internet service provider is unreliable, you can get two providers, such as DSL and Cable. Then the router will load balance to give you the fastest connection at any moment. If one of the services fails, again, then the router will fail over to the service that is still working. The result is that your network connection experience on your computer stays good.

The bottom line is that you can invest a little bit more in your home router and firewall to gain big benefits.

Do not connect to any networks other than your own. That way you know your IT professional has made your own network as safe as it can be.

However, what if you travel with your laptop and you want to connect? Consider using a wireless broadband solution from AT&T, Sprint, Verizon, or one of the other services.  These cards offer coverage in most populated areas. Most of them will give you a 30-day trial to see how well you like the service. I use multiple companies and it is very rare that I cannot connect with at least one of them. I have four broadband cards with me on the road today in fact. You do not need four cards, just one.

In addition, if you are going to connect at hotels and hotspots, then you are strongly advised to allow your IT professional to provide you with a VPN or some other encryption to protect your information while you are in your hotspot.

See the video http://www.keepmynetworksafe.com/hackingvideo.html that shows how people can monitor your traffic unless you allow your IT professional to protect you.

What if there are virus infections on the outsider’s computer? What if those viruses infect your network?

What if the user performs an illegal behavior using the Internet? The police will come to your office looking for the perpetrator.  If you provide an unsecured wireless network, the suspect may have been outside your business in a truck in the middle of the night when he broke the law using your Internet access.

Take steps to control this including:

• Teach everyone in the organization how dangerous it is to connect unauthorized computers to the network – wired or wireless.
• If the executives agree to deny guest computers all together
  • Have a strong written policy that people sign saying that NO computers will ever be connected to the internet without the IT professional’s prior approval
  • Securely encrypt wireless networks (and if your IT professional still thinks WEP encryption is secure, have them search Google for WEPCRACK sometime)
  • Your IT professionals may choose to use other technology solutions that monitor for unauthorized connections and potentially deny them access such as http://www.laneye.com.
  • Encourage your guests to sign up for their own connections such as Verizon, Sprint, or AT&T broadband access. These connections can be used in almost all populated areas.
• If executives feel they must offer access to guest computers during conference meetings and/or other times
  • IT may implement a form of endpoint security that makes sure the connected laptop meets specific requirements (updates, anti-virus, etc) before being allowed to connect
  • IT may implement password security using, for example, RADIUS or Cisco authentication for guest computers.
  • Put any unprotected wireless access points on a hot tub timer so they turn themselves off automatically after an hour or two.

In addition, I see many IT professionals come up with the idea of signing up for a separate broadband connection such as a DSL or Cable link for the exclusive use of guests for Internet access.  Yes, this will help protect our network from the guest’s computer and is similar to connecting the guest computer to a DMZ so they are outside our firewall.  Keep in mind, however, that the risk is that if the guest (or a program on their computer) performs an illegal act, the police will trace the traffic back to your company either way.