2023 Technology Framework for Small Business
2023 Suggestion Overview
For Small Business Technology Framework
Email – Office 365 Exchange, Access Email form Anywhere with internet Connection, no relying on a single In House Server. Hyper Secure when combined with Multifactor Authentication.
VOIP –Cloud Phone System – You Phone Everywhere you are. The ability to have a cloud based phone system that you can make and receive calls form anywhere with internet connection. You can use the Cell Phone App, a traditional style desk phone or a application that runs on your laptop/desktop. You can still have all the features of the phone systems you are used to at reduced cost and great flexibility.
Server Cloud – Office 365 EU3 License – One Drive for Personal Files and Sharepoint for All Shared Company Data. Azure AD to manage Domain users Accounts from the Cloud without the need for an internal Infrastructure.
Antivirus – Sentinel One – redefining cybersecurity by pushing the boundaries of autonomous technology. Our Singularity™? XDR Platform encompasses AI-powered prevention, detection, response, and threat hunting across user endpoints, containers, cloud workloads, and IoT devices. Empowering modern enterprises to defend faster, at greater scale, and with higher accuracy across their entire attack surface.
Multifactor Authentication – DUO MFA with Cell Phone or Fob to protect your Online Data and Local machines. Integrates with Active Directory-Azure AD and Office 365.
SPAM and Advanced Threat Detection – Barracuda quickly filters and sanitizes every email before it’sdelivered to your mail server to protect you from email-borne threats. Using virus scanning, spam scoring, real-time intent analysis, URL link protection, reputation checks, and other techniques, Barracuda provides you with the best possible level of protection.
PC Protection – System to manage your windows updates and make sure they are being installed.
Internal Network Protection – A firewall tracks and monitors the traffic coming from the outside world into your network and the traffic from the internal network to the outside world. The firewall is there to protect the outside from seeing the internal network and devices and blocking various types of attacks. SonicWALL and Barracuda Networks both offer devices at an affordable price point and provide the security and features needed by businesses.
Wifi Routers: Wifi routers allow for you to use the internal network without having to plug into a network jack with a Ethernet/network cable. This creates a very fluid and accessible network. Grandstream makes some affordable and very powerful Wi fi routers.
Backups – Make sure you have a Good Backup in place for your Office 365 or local machines.
A Good Partnership with a Managed Service Provider can make all the difference in the world when it comes to trying to manage and keep up with the technology available and needed. Go with a MSP that can provide access and management of the solutions listed here.
Laptops and Desktops:
User Accounts managed in a Central location to assure Security and Access is regulated. This can be accomplished by taking advantage of Azure Active Directory. This allows you to create Accounts and Join machines to a completely cloud based Domain-Network. Giving you the flexibility to manage it from anywhere. User password resets, user lockouts and creating or deactivating users are all managed remotely.
Machines are setup to store personal files on OneDrive Folders, and Company data on Sharepoint Folders, that are synced with the Online 365 system. Having the files synced with Office 365, means that if the machine is damaged or lost, the files that are important are available online from any Web browser and easily synced back to a new machine for use.
Using DUO for Multi Factor Authentication allows the local machine to be secured with 2 pieces of information needed to access the system. Both the password that is stored in Azure Active Directory on the cloud, and accepting a request sent to your cell phone or a token number on a fob that is carried by the end user.
Antivirus installed on the machines ensures you are safe when using the machine and exploring the internet. It also means the machine is safe for other people on your network to share files with. The AV you choose should be able to update regularly, scan files not only on access, but when downloaded and when a program runs that is only in the memory of your machine. With out these components you are leaving the machine, yourself and anyone else on the same network open for a Virus Attack. SentinelOne is the best on the market are keeping the machines safe from Attackers and the users or the machine themselves. It is continuously updated from the cloud servers and monitors all processes on the local machine. The cloud backends also monitors the other machines in the network to look for suspicious activity on a machine accessing items it usually doesn’t or should be from other systems in the same network.
Activate BitLocker on the machines, this encrypts the local hard drive and does not allow access to the data even if the hard drive is removed from the machine. Make sure the Keys are stored centrally. This can be done within Azure Active Directory as well.
Make sure Windows is updated on a regular basis, the recommendation would be weekly. At a minimum of Critical and Security patches for the Windows Operating system and Driver and Firmware for the type of device. This can be done manually but it best to have a system push and manage this for the machines to ensure all of your users are staying up to date and secure.
Cell Phones:Make sure all Cell Phones are using Face Recognition (with Eyes Open Needed) or a PIN Lock Screen to ensure the device can not be opened by other people if lost or stolen.
Internal Network:
Have a reliable and reputable Internet provider. Then in between the Internet service and the Internal Switch and machines, have a Firewall in place. This will allow for monitoring of the traffic and block any external users from gaining access to the internal machines and devices on the network.
For Internal Wifi, use a reputable Wifi Router, not the Wifi delivered by the internet company. This will keep your internal Wifi isolated behind the firewall. Make sure you are using a Secure password for the Wifi access and have a router that will allow for separate Wifi networks for business and guest access.
For the Internal Switch, using a Power Over Ethernet (POE) Gigabit Switch will allow for Phones, computers and other POE devices to be used with a single switch. POE delivers power directly from the Switch to the devices without the need for a power plug.
External Cloud Services:
The services listed below are all cloud based, which means there is no physical hardware needed at the local offices and offer access from anywhere with an internet connection. From the office to home to a sandy beach in Brazil, you can work seamlessly taking advantage of these offerings.
Office 365 Services:
Email – Email offered on combination with a majority of Office 365 subscriptions means your email is hosted in the cloud and accessible from your laptop, tablet, phone or any internet browser.
OneDrive – Personal File storage in the cloud, offered with a majority of office 365 plans, keeps your files safe and in a separate location in case you have an issue wit your local machine. Also provides access from your laptop, tablet, phone, or any internet browser.
Sharepoint – Business file storage similar to OneDrive but for Files that will be shared amongst many users in your business. Again, offered with Office 365 subscriptions and accessible from your laptop, tablet, phone, or any internet browser.
Azure Active Directory- This is an online location for creating and machines users accounts and machine accounts. Giving you the ability to control and monitor access to your data and machines. Also cloud based allowing for management from anywhere with internet and the ability to remotely resolve issues. Features also allow for making sure machines meet the criteria you have set before being allowed to access your cloud services. Mobile Devices can also be joined and monitored and remotely wiped clean. This is offered with some of the Office 365 subscriptions.
DUO is a Multi Factor Authentication platform that is cloud based as well. Offering the added protection to the other cloud-based offering mention as well as the local laptops and desktops you rely on. Having Multi Factor or 2 Factor authentication is quickly becoming a requirement of most insurance companies.
SPAM Service:
SPAM is those emails that you don’t want or need. A SPAM service sits in between the internet and Office 365 for your email It scans it for unwanted emails. A good service also scans the attachments of your emails for virus and blocks then and does Advanced Threat Detection, which looks at the links inside the email and will block it if they are dangerous.
VOIP – Phone System:
VOIP stands for Voice over IP. Which means the call is transferred over a network cable or the internet. There are literally thousands of VOIP companies on the internet. Most of which offer about the same features, but at drastically different pricing. Having a Cloud based system means you are not relying on the old phones lines you are used too. Having all the features with you were ever you are gives you the ability to be available for your customers at any given time. Make sure you check all the features you need before signing a long contract.
Backups:
This is open of the most over looked items that a business really relies on. Even when using cloud services for all your files and email. The need to make sure you have backups of the data is essential to your business’s existence. Cloud services do a great job and offering and making your data and emails accessible. But it is still the Businesses responsibly to back up the files that are stored there. The cloud services don’t offer the ability to restore files that were accidently deleted by you or your staff. Which means if someone deletes the project folder for your biggest client mistakenly or even on purpose. You need to be able to recover those files. Make sure you back service is not only offsite and cloud based but backs up every day.