Sunday, December 17, 2017

A few questions about the security/networking of small business (x-Post from /r/hacking + some additions)

Hi there,

I am not sure if that's the correct subreddit for my questions below, but I'll post them in case someone can help (If there is a better sub, please let me know). Someone on /r/hacking suggested I consult an IT company and I plan to do that in addition to learning more myself so I'd know what to look for.

I work in a small business in Canada that have some developers (very specific experiences and don't know much about networking; otherwise I would have asked them) and we don't have an IT department.

  1. We are using a one device (modem+router) from the ISP provider. We have been using it for some time now, what are the issues with that?
  2. I'm thinking about getting a faster and more secure router (NetGear NightHawk X10 ... Seems the fastest option out there) to replace the router component in the device provided by the ISP but what should I be looking for? (I have been looking at the following: VPN available through the router for remote access, QoS (not sure if it matters), Availability of client network, Possibility to use it with a NAS). Also, is this a good router?
  3. Why would I use a VPN at all instead of forwarding PORTs?
  4. Is the VPN available through the router any different from the paid for VPNs? For the paid-for VPNs, do I purchase them per machine or per router?
  5. The machines that we have been using are connected to the WiFi, should I use LAN instead?
  6. Also, all of the employees know the WiFi password of course, is there an issue with that? Should I change it every few months?
  7. I trust all the guys I'm working with, but sometimes some documents/code leak (It is human business and I'm fine with it) but what should I do to stop any possible leakage. Should I block USB drives, disable access to file sharing websites? Again, I'm trusting my guys, but I know that leakage takes place and I was tasked to stop it.
  8. We are using Windows machines. How can I install (an antivirus for example) on all the machines without installing it on every single machine? What should I learn?
  9. For NAS, I have been looking at ones from Synology and QNAP but is it better to build my own NAS/Server?
  10. If you have any other ideas or thoughts about what I should look for and how to make the work network more secure, please let me know.

Thanks in advance!

Note: The other post is here



No comments:

Post a Comment