Recently there has been much reported on security breech incidents in major organisations, large corporations and multinational companies like Hotels, Fast food chains, and large retailers.
Unfortunately, every day small businesses like yours suffer equally devastating incidences that have a much more real term effect to productivity.
In the following chain of blog posts, I’m going to explain some fundamentals that I hope will educate you as to the 5 main words we use to dissect a case.
First we must understand how your infrastructure is setup and how it functions.
- Servers (data storage and user authentication)
- Virtualisation services like VMware or Hyper-V
- Storage ( these cover NAS ( Network attached Storage) or SAN ( Storage attached Network )
- Workstations (user productivity and the window to the internet)
- Network (where data zips around your internal network, print jobs, file copies, accessing the internet etc )
- Firewall (your bounce on the door)
- Printers ( printing those important paper copies)
Servers come in all shapes and sizes, but generally they are used to save, store and make available resources like printer queues, files, authentication methods and some applications.
Virtualised servers are now common place, a single hardware box (like a server) can host several smaller servers of different functions, really good for keeping the costs down.
Storage (this is where you can store vast amounts of data in a single device dedicated to this purpose)
Workstations are what the user operates to do their work. They can be workstations, desktops, laptops or even tablets (the distinctions between them in narrowing very fast as technology improves).
Network is the bridge between the workstations, and the servers and the printers and all manner of other things. It’s what allows the data to flow between devices, typically you would have at least one switch device (lots of cables plugged in and lots of blinking lights showing network activity)
Firewall’s come in all shapes and sizes, some smaller ones are typically referred to as SoHo (Small office Home office) these are types you can get from the local PC World type stores and are generally ok to begin with and they offer a variety of features to get you going, but are not really suitable in high traffic environments.
Printers also come in many shapes and sizes from small desktop Wi-Fi printers to large multifunction devices that scan to email and folders, shape and staple and offer lots of other options.
So how does it all hang together, well simply put, they all connect together using TCP/IP and talk to each other using IP addresses and protocols like SMTP and SMB and HTTP etc..
The image below shows a simplistic look at how a typical SMB network might look
This is pretty much how 90% of most networks are designed. It’s a tried and trusted model and has worked for many years at many levels. Notice the Firewall is the single choke point in how data would move in and out of your network. It also should control what level of access Wi-Fi users have compared to workstation/desktop users have.
Most organisations will have a network infrastructure setup like this, the models of firewall, switch, server and workstations change as required for many reasons, mostly to do with speed and productivity.
So you have your network and things have been working ok for a while, but maybe you’ve read some news article or heard about a competitor or client or customer suffering from a virus or a security breach and you’re wondering if you’re next?
Like a well-planned robbery, most attacks follow certain patterns, and we have to discuss the Where, the Why and the How before we get to the Who and the When.