IT Perimeter Security for Small Businesses

Author: Levi Wilson

Your business' IT perimeter security needs to be like an onion; there should be an innumerable amount of layers, and the farther one cuts, the more he wants to cry.

Information Technology (IT) security for small to medium-sized businesses (SMB), fewer than 100 employees, is not different from large enterprises. The risks are just as important and just as potentially devastating, but smaller organizations have to manage the risks without the available resources large organizations use to implement thorough levels of harden security. Nonetheless, there are many fundamental and relatively inexpensive tactics a small business can implement in order to harden their IT security; the specific topic covered in this article is IT perimeter security.

What is an IT perimeter?

Normally, defining a perimeter is easy, at least in the physical sense of things: I don’t want the neighborhood kids walking through my backyard, so I build a fence to stop them(unfortunately they use it for a baseball home run boundary); I want to minimize interruptions during the work day, so I separate myself with four walls and a door. But when it comes it to IT, we begin to venture into the intangible realm of cyberspace.

First, the business originates with you, and you only need one computer. But you know how to hustle, so growth and prosperity follows; the number of computers in your organization increases, followed by a small network, followed by networks and networks connecting with other networks, internally and externally, and earlier this year you heard about Target, Sony, and the IRS getting hacked. Those stories scared the digital bits out of you, and now you need a digital protective barrier between your business and all of those external hazardous forces.

Until recently, the idea of an IT perimeter was less complicated. One could implement a simple firewall, and everything inside it was considered trustworthy, while everything outside of it was like a voracious velociraptor eagerly searching for its prey. The simple firewall worked well and did its job properly, but the IT perimeter has become more complex and defined by each node on the network, rather than just the network at large. For example, some devices that break traditional IT perimeter protocols include:

  • Applications that tranerse through firewall policies
  • Mobile devices
  • IP-enabled devices internal to the network
  • External devices that are "allowed" on the internal network temporarily
  • Wireless access points that are unknowingly deployed
  • Direct Internet access from devices

Now, I purposefully outlined some IT-speak to emphasize the complexity of the modern day IT perimeter. Because the network has become extremely dynamic, a business owner or the person/company hired to manage a network must ensure a vigilant exploration of an ever-changing technological environment. Thus, scanning and assessing must be continuous and ensure that one can identify misuse and abuse of the network. In doing so, one can maintain a harden level IT perimetery security.

What is IT perimeter security?

The process of security for an IT perimeter includes using multple tools to create multiple layers of protection, resulting in a fortified digital boundary. Examples of these tools include but not limited to: boarder routers, firewalls, IDSs, IPSs, and VPNs.

Border Routers

These routers are the traffic cops of networks; they direct traffic into, out of, and within the network. Because all of an organization's Internet traffic goes through this router, it often functions as a network's first and last line of defense through initial and final filtering.

Firewalls

A firewall is a chokepoint device that has a set of rules specifying what traffic is allowed or denied to pass through it. A firewall typically picks up where the border router leaves off and makes a much more thorough pass at filtering traffic. There are several different types of firewalls: static packet filters, stateful, and proxies. Although firewalls aren't perfect, they do block what they are told  to block and allow what they are told to allow through; thus, the network admin has a lot of control at this level of filtering and protecting.

Intrusion Dection Systems (IDS)

An IDS is like a physical burglar alarm system for your network that is used to detect and alert on malicious events. In general, IDS sensors watch for predefined activities of malicious events; furthermore, IDSs tend to offer statistical and anomaly analysis.

Intrusion Prevention Systems (IPS)

An IPS is a system that automatically detects and stops computer attacks against protected networks; it strives to automatically defend the network without the network admin's direct invovlment. This system achieves this level of protection by using signature-based and behavioral techniquest to identify an attack and then block the traffic before it can cause additional damage.

Virtual Private Networks (VPN)

A VPN is a protected network session formed across an unprotected channel such as the Internet. So it allows an outside user to participate on the internal network as if he or she were connected directy to it from an internal host. The intended use might be for business partners, road warriors, or telecommuters.

---

Each business is unique and requires a custom Network Evaluation to clearly identify that business' IT expectations and IT needs; nonetheless, this article outlines IT perimeter security factors that tend to be implemented in all IT Business Strategy plans. 

Next Steps

This article was a quick introduction to IT perimeter security and the many layers that come with a well fortified defense. As you continue your research on this topic and are looking for additional ways to protect your network, here are few factors to consider:

  • Firewalls regulate traffic but may not prevent an attack through an open, known port.
  • Anti-virus software needs to be reactive.
  • Application control is necessary.
  • Encrypted traffic on the internal IT network should be denied.
  • Mobile devices, desktops, and servers must be treated equially when it comes to malicious content exposure. This is especially important if you have a Bring Your Own Device (BYOD) work environment.

Furthermore, because of the complexity and the high level of importance on protecting your business from digital devastation, feel free to reach out to an IT consultant here at MapleTronics Computers.

Conversation