Your Small Business Network Setup Checklist
September 29, 2023
Cyber Security
Temporary solutions have a way of becoming permanent. In a rush to support remote workers, many small companies reconfigured their existing networks without performing an end-to-end assessment. They intended to return and reassess their networks, but more pressing issues arose. Now that hybrid work environments are the norm for many companies, it's time to go down that small business network setup checklist to ensure your network is secure.
The Small Business Network Setup Checklist
This security checklist highlights the areas most affected by moving or reconfiguring a network. Even if your small business hasn't made network changes, it's a good time to review the checklist to ensure your network's security.
1. Move On-Premise Servers to the Cloud
Look at what on-premise resources are being used. Are there servers that could be moved to the cloud? For example, servers may act as file shares for employees. They become storage devices for archiving and sharing spreadsheets, presentations, and reports. Maintaining on-premise storage for resources frequently accessed by multiple employees means establishing secure access.
Consider moving to the cloud rather than consuming resources to secure on-premise servers. Cloud service providers offer a wide range of authentication and encryption settings. Many configurations are beyond what an on-premise solution can provide. If you set up a new small business network, now would be a great time to migrate legacy file share servers to the cloud.
2. Verify Wi-Fi Router Patching Settings
Unsure if your router automatically downloads and installs software patches? Now would be a good time to check. If it doesn't, it's time to either work through a configuration change or acquire a new Wi-Fi router that does. We've been surprised to see this item absent from many of the guides we've read about small business network setups. Router settings and software updates are two of the most vulnerable parts of a small business network because would-be attackers don't even need to be physically inside your office footprint to attempt their exploit.
3. Run an Internal Network Vulnerability Scan
Many small businesses focus their on-premise network security effort around workstations, and that's a fine start. However, don't forget that printers, conference room phones, smart displays, videoconferencing equipment, and other devices are often network-connected as well. One of the most common oversights in small business network setups is forgetting to change the default administrative usernames and passwords on non-workstation devices and neglecting to have a game plan for patching those devices. A business-grade internal network vulnerability scan can help identify vulnerable network-connected devices that might be overlooked.
4. Don't Automatically Implement a VPN
This advice is going to sound crazy to some longtime IT professionals. Bear with us here. Before you rush to set up a VPN that allows employees to access the office network from the comfort of their home, ask yourself exactly which office resources they depend on. Is it a file share? A peer's workstation? An internal line-of-business application? Whatever it is, is it something that really needs to be hosted in an on-premise manner. Tracing back to the root cause of why employees "need" VPN access to the on-premise network is a great way to reveal dependencies that shouldn't be hosted on-premise at all. By moving some of those dependencies to the cloud, you may find that very few (if any) employees really need VPN access to the on-premise network.
5. Label Active Network Taps
Ever find yourself in an office that has dozens, hundreds, or thousands of network taps -- and no one seems to know which ones are active? This scenario is all too common. Although the number of taps may not be an immediate security problem, it can become a big problem when office reconfigurations occur. What happens if a company downsizes but remains in the same building?
Whether it's leasing a smaller space or reconfiguring an existing one, it is very easy to end up with an active network tap in an area that shouldn't have it. A good labeling system that helps keep track of which taps are connected to which switch ports will secure a small business network.
6. Don't Bargain Hunt for a Firewall
When it comes to firewalls, you get what you pay for. It's very tempting to look at the huge gap between the low price of bargain firewalls and the large price of well-known brands and think of budget constraints rather than capabilities. Please don't buy from the lowest bidder. This is an area where a solid investment will help you stay safe for years to come.
7. Keep Guest Wi-Fi and Employee Wi-Fi Separate
Here's an item that will make "zero trust" fanatics squirm. We love the trend towards zero trust. In its mature form, zero trust may make on-premise networks "no different" than any other network -- meaning, that the office network may supply internet access but have no other implicit privileges. We love the theory and the move in that direction. However, for now, most networks aren't cleanly managed in a way that makes that a reality. So, for now, keep Guest Wi-Fi and Employee Wi-Fi separate.
8. Rotate Infrastructure Configuration Passwords
Small businesses don't have extra time to ensure that administrative passwords for infrastructure components such as firewalls and routers are changed frequently. But, they should be. If moving offices now is the time to change passwords as part of a network setup checklist. Even better: maybe it's time to set up a recurring calendar item to rotate those passwords every quarter.
9. Retire Legacy Workstations
Does this sound like your office?
Q: "Hey, what's that workstation over in that empty part of the office used for?"
A: "Not sure. Jim from accounting used to use that one. When he left, he said that machine helps us with the ABC part of the XYZ workflow."
Guess what: it's time to track down exactly what workflow that mysterious workstation in the corner really does. There is a good chance that it's no longer used, making it a weak link in your company's cybersecurity perimeter.
Small Business Network Setup Checklist Wrap Up
If you are in the midst of a small business network setup, please be in touch. We can be helpful by being your expert advisor on any of these topics. We're glad to deploy internal network vulnerability scans or use our fleet of other small business cybersecurity tools to aid small business owners anywhere.