Top 10 Tips: Internet access for your small business

This guide is for small business owners who need to understand the considerations for providing Internet access for their offices and employees.

The tips are written with the expectation that at I.T. professional will be doing the work for you. Thus, I do not go into any detail on “how” implement the tips, rather I focus on what to ask for.

1. Buy business grade Internet.

Business grade Internet, has many advantages over consumer grade Internet including better repair times in the event of a service interruption, and guaranteed data upload and download rates. The additional cost will be worth the benefit if Internet connectivity is essential to your small business.

2. Treat your providers Internet modem as insecure.

Your Internet service provider will deliver your office connectivity using a device called a modem. The modem provides the Interface that your computers will understand. The modem will also provide a local network, wired and/or wireless, for your computers and devices such as printers.

Unfortunately, Internet service providers do not have a great history for securing their devices against intrusion from malicious users over the Internet. For a specific example, read this article. My advice is to ask your I.T. professional to limit your Internet service providers device to modem functionality only, and supply and manage the local network functionality (for your I.T. professional this means suppling and managing your own “firewall”, “router” and switch). This approach will provide many other advantages around scalability and functionality for your small business, one example is covered in the next tip.

3. Consider two connections from different providers.

Have two connections from different providers installed if Internet connectivity is critical to your business. This will prevent the loss of one connection impacting your business. With the correct network devices, your I.T. professional can set up your network to use both connections.

4. Keep the Internet access for your guests separate.

If you have visitors to your office, chances are they will ask for a wireless connection with Internet access. Ask your I.T. professional to setup a guest wireless connection that keeps your guest Internet access separate to your business applications. This does not require a separate Internet connection and will prevent, for example, a virus on your visitors computer impacting your business applications.

5. Keep your computers up to date.

Unfortunately Internet access is the primary method that malicious sources use to compromise small businesses. The easiest action to minimise this risk is to keep your computers up to date. This applies to personal computers, but also to computers hosting business applications (servers), and also devices used for network connectivity (modems, firewalls routers and switches). This specifically means making sure your I.T. professional is applying firmware updates, operating systems updates, application updates, and antivirus updates at the intervals recommended by the vendors.

6. Protect your travelling workers from malicious Internet access.

Using airport or hotel WiFi is normal practise when travelling. Unfortunately, there are many common malicious exploits used in these environments. Read Facebooks and other online accounts easily hacked when used via shared WiFi or Thieves create fake hotel Wi-Fi hot spots to steal your information as examples. There are various ways to combat these risks, some based on user awareness, such as only using secure Internet connections (denoted by “https” rather than “http” in a web browser address bar), and others that protect your Internet traffic by encrypting it using a technology called a Virtual Private Network (VPN). A discussion with your I.T. professional is the best way to decide what is most suitable.

7. Limit Internet access to sensitive data.

You should consider if remote access, via the Internet, to sensitive data stored on computers (or servers) in your office is appropriate. Clearly, having remote access via a secure connection can have convenience benefits, however do understand that this also opens a security risk if the remote access is compromised. Potentially any malicious user on the Internet can have access to your sensitive data. For the most security conscious, you can segregate your sensitive business data from Internet access, and while this is inconvenient, it means that your Internet connection can never be used to compromise your sensitive data. Talk to your I.T. professional about using “VLAN separation”. Alternatively you can pre-define locations that have remote access via the Internet such as your home office – in this case, talk to your I.T. professional about using a “DMZ” with external access limited to known locations.

8. Manage how Internet access is used.

It is important to restrict both inappropriate and malicious Internet access, as both are common sources of compromise of small business computing assets. Inappropriate Internet access can be managed by using an antivirus product that also includes website filtering. Malicious Internet access is best managed by using a service that scans Internet traffic for malicious content. Depending on your small business there are various options available including on premise “gateways”, or online services that inspect traffic before it is delivered to your computers. Your I.T. professional can advise on the pros and cons of these options.

9. Monitor your Internet traffic.

To have an Internet service that supports you business, while also being secure, requires monitoring. Through monitoring you will know: how much capacity you are using; you can identify traffic that could be moved to out of business hours (like backups); and, you can identify malicious traffic. Ultimately monitoring (and the alerts that go with it) requires an I.T. professional as responding to, and making sense of the data needs expertise.

10. Don’t forget about your disaster recovery plan.

As with all I.T. services, make sure you consider what you would need in the event of a disaster. If your main office, or your main computing resources completely failed, how would you continue business, and what would this change in terms of your Internet requirements?