The Meridian Blog: Tech News, Tips & More for SMB and Enterprise Environments

SMBs: A Secure Network Does Not Have to Be Costly

Robert Bruce

Posted by Robert Bruce
Thu, Feb 25, 2016

Global spending on information security exceeded $7 billion last year, but that doesn’t mean your business has to spend large sums of money on a secure network infrastructure.


Picture1-6According to a recent Kaspersky Lab survey, the average IT security budget among large enterprises is about $3.35 million. For the small-to-midsized business (SMB), that figure is unimaginable. So, in a world swarming with cyber-threats, how can any SMB secure its IT network without spending itself out of existence?

Here are some tips on how any organization can bolster its network security on even the slimmest of IT budgets, including:

  1. Start with an expert assessment
  2. Strengthen your firewall
  3. Segment your network
  4. Establish a strong password policy
  5. Patch and update frequently
  6. Remote backup

Read on to learn about how you can implement each of these tips to achieve a solid IT infrastructure and increased network security.

1. Start With an Expert Assessment

Get a professional, objective evaluation of your firm’s current IT infrastructure, your company’s needs, and your enterprise’s resources — both financially and intellectually. A consult with a trusted managed services provider, or MSP, is a good place to start. Recommendations from a professional MSP, one that is brand agnostic and fully understands your enterprise’s core mission, is an extremely cost effective way to design solutions that are within your budget.

By taking a comprehensive approach in assessing your company’s total IT security environment, an MSP will consider both your firm’s security culture and your strategic assets. This will help you set your own security policies that should be adhered to throughout your organization, and eliminate any weak links in the security chain.

RELATED: Top 5 Reasons Your Organization Should Perform an IT Assessment

2. Strengthen Your Firewall

As a first line of defense against cyber intruders, the firewall is critical. Pre-installed firewall software that comes on most new computers is just not strong enough to protect business networks.

For a relatively small investment, you can layer on an additional enterprise-class firewall that provides added security features such as:

  1. Internet and bandwidth filtering
  2. Gateway antivirus
  3. Gateway antispyware
  4. Intrusion prevention

This is an affordable security solution often referred to in the IT security industry as unified threat management (UTM).

RELATED: Does Your Firewall Policy Extinguish Network Threats?

3. Segment Your Network

The installation of a business class firewall with Internet filtering will stabilize your bandwidth and allow for network segmentation or segregation. This will really beef up your security capabilities by enabling you to keep hackers from compromising your entire network if they breach any part of the system. Basically, it's like watertight compartments on a large ship that can be locked down to prevent one hole in a ship’s hull from filling the entire vessel and sinking it (Titanic, anyone?).

A well-segmented network perimeter will allow for the design and implementation of network modules or DMZs based on your organization’s needs and resources. For example, you may have a research and development (R&D) division and a payroll department, neither of which needs access to the other’s network. Separating division networks reduces the potential for both inside abuse, and limits any damage if someone gains unauthorized access to any one network segment.

RELATED: Top 5 Reasons Your Organization Should Perform an IT Assessment

4. Establish a Strong Password Policy

In my opinion, implementing a strong password policy provides more bang for the buck than any other low cost security step. Publish your password policy and enforce it. Although most passwords can, with enough time and effort, eventually be cracked, strong passwords are a major deterrent to cyber-crime. Hackers have tools that seek out weak passwords and move on when faced with complex ones.

Here are some password guidelines to consider:

  1. Password minimum length of 8 to 10 characters
  2. Case-sensitive passwords
  3. A minimum of one lowercase letter
  4. A minimum of one number
  5. At least one special character, such as an exclamation point, hash tag, or dollar sign
  6. Passwords should expire once every 60 days, with reminders issued at least two weeks in advance

RELATED: 7 Simple Steps for Smartphone Security

5. Patch and Update Frequently

Attackers are getting very good at exploiting known vulnerabilities, but if your systems are properly patched there will be nothing to exploit. Patching and updating is an ongoing process that must be performed on a regular basis. Regularly update all system software applications on all enterprise devices (servers, computers, laptops, and all mobile devices). For third party products, apply updates as soon as they are released. Be vigilant, because not all products receive patches and updates via automatic download.

RELATED: SMBs: Let Your MSP Patch Those Network Vulnerabilities

6. Remote Backup

Regularly scheduled remote backup and encryption is affordable insurance in case your data is compromised. By utilizing either an inexpensive cloud storage option or a remote hosted solution, you guard against both cyber threat and loss resulting from a physical disaster such as fire or flood.

RELATED: Be Prepared: Avoid Data Disasters with Backup and Disaster Recovery Planning

All of these system configuration recommendations can be made easily and take into consideration the budget constraints of the small-to-midsize enterprise.

Ready to get started? A thorough assessment of your technology environment and business processes can improve system reliability, streamline business processes, and improve focus on core competencies. Click here to request an assessment.

Robert Bruce

Ready to Become a Pro?

 Our White Paper can help.

whitepaper-4-key-elements-for-building-your-technology-road-map-thumbnail-3Subscribe to our blog and get your copy of "4 Key Elements to Consider When Building Your Technology Road Map"

You'll learn:

  • What role people play in determining your road map
  • How to build a plan in a multi-device world
  • What types of applications need to be considered
  • How data plays a key role in success


Subscribe to get your copy

Leave A Comment

About this blog

News, best practices and more to help you get the most out of your office technology. Whether you're an SMB owner who wears a lot of hats, or an enterprise IT director, facilities manager or just someone who wants to work smarter — this blog has the resources you need to maximize the business impact of all your tech investments. Be sure to subscribe to receive email updates about new posts!

Download our eBook



Sort Posts by Topic

see all