How To Secure Your Small Business LAN
It isn’t easy maintaining a small business network, and it requires time and energy to keep things on lockdown, ensuring that you are able to keep your sensitive data from being accessed by competitors or anyone else looking at exploiting your business information. Even for an experienced IT professional, managing a business network is a job that requires constant work, there is no quick fix.
- Put a secure firewall in place
It seems like a basic piece of advice but, it is surprising how many small businesses have not put basic security measures such as a firewall in place on their network, thus leaving their business open to exploitation. A properly configured firewall acts as the first line defense on any network and having a firewall is so important to a business that many routers now come with firewall capabilities, making it more affordable and easier for businesses to put basic security in place.
2. Put Static IP addresses in place
Most small businesses run on what is known as a DHCP which automatically assigns an IP address to any device on the network. DHCP is great, as it makes it easy for users to access your network but, with access being simplified, it also makes it easier for attackers to connect to your network. So, in order to make your network more secure, if you have only a limited number of users on your network, assign these user devices static IP’s, so that you can know which users are on your network and you will have more control over who has access to your network whereas, with DHCP, the same devices could constantly be assigned new IP addresses as they connect and disconnect from the network.
3. Encrypt your wireless access points
Again what seems to be a simple bit of advice however, many business wireless networks are wide open, making ti easy for anyone to gather all your traffic and even steal your sensitive information. By using WPA2 encryption, you can ensure that only official employees or guests have access to your network and that your network does not get accessed by unknown individuals sitting in the business car park.
4. VLAN your network
VLAN’s form part of almost any business class router and, VLAN allows you to segment your network based on the access required by individuals. For example, you could put your sales department on one VLAN while your finance department is on another and your guests are on yet another. By doing this, you can provide users with access to specific network resources based on their needs for these resources and restricting access to those who don’t need to use that specific resource, thus making important parts of your network more secure.
5. Move your web server off your local network
It may seem like a good idea to host your own local web server but, doing so, potentially increases the chances of exploitation. Having a web server in place is actually the worst idea for any business. Instead of hosting your web server locally, get your web server hosted at your local ISP / data centre where you can access your web server off of your network using a secure VPN. Should you not want to move your web server, ensure that you scan your network regularly for exploits.
There are various other security options that you can implement to give you peace of mind and make it harder for attackers but, these 5 bits of advice are a great start to protecting your network. These options don’t cost much but will have a big impact on the security of your network and subsequently your sensitive business information.