Managing Information Technology & Information Security Management in SMB

Working in IT of a SMB itself is a challenging job. In most of SMBs, there is hardly any budget for Information what to talk about Information Security. IT Manager is the only person to deal with myriad of Information Technology/Security issues with minimum resources.

In this article I am not going to touch internal IT setup issues (like domain setup up etc.). My focus is how to manage two most critical functions that affects SMBs presence on the internet.

First and most challenging job is how to protect the network from outside attacks (for those SMBs who have their own mail or web servers). These organizations have entry level firewalls with limited RAM and processing power. As an IT Manager one has to decide how to play safe with traffic shaping without compromising on performance and security. Take your team into confidence and apply the best possible rules that protect you from malicious traffic. Key decision is how to handle bad traffic from a rouge IP and a host. Most firewalls provide options to block such type of activities.

Spare sometime daily to view firewall logs personally. It will help you identify the pattern of internet traffic that touches the firewall and manage the rules to handle any rouge traffic.

Advise: Do not leave Firewall Rules on ‘Default’ settings.

Handling Spam: Another area of concern for businesses of almost any level is how to handle increasing spam traffic. Spam is the single item of internet traffic that consumes considerable portion of bandwidth and computing resources. Spam can be handled at:

1. Firewall (Point of Entry) Level; and
2. Email Server (Antispam software) level

First option requires to have good RAM and processing power that is lacking in SMBs. So one option is to protect from SPAM is at Email Server level. There are many good Anti spam software available in the market that are designed for Email Servers only. Having separate SMTP Gateway also is an option but it costs will add to already cash starved SMBs.

Many Emailing software companies have their own solutions that come with Emailing System. But there licensing is separate from the Email server.

Advise: Whatever solution a SMB choose, never leave any settings to ‘Default’.

Conclusion: Working in SMB is a great challenge. However, it polishes one’s skills and provide a unique learning opportunity about how to survive with limited resources.

Thank you for reading. Your comments and feedback is highly appreciated.