by Chris Low

Establishing enterprise IT best practices for an SMB

Apr 18, 2018
IT GovernanceIT LeadershipSmall and Medium Business

Enterprises spend trillions of dollars each year on storage and security compliance. Here are some of the best practices that enterprise IT adhere to, and how small businesses could deploy similar systems for your own infrastructure setup.

data storage man watch
Credit: Getty Images

Enterprises worldwide are expected to spend nearly 3.8 trillion dollars this year on IT. A major chunk of this is going to Communication Services and IT Services with a significant chunk also being spent on devices, enterprise software and data center systems.

One reason why enterprise IT infrastructure costs so much is because they are designed to comply with all the federal regulations related to data storage and security/transmission. In addition to this, IT downtime can contribute to potential losses worth millions of dollars. Ramping up infrastructure to deal with peak loads is thus a critical need.

Small and medium businesses do not have the budgets to establish similar infrastructure for their own IT systems. Here are some of the best practices that enterprise IT adhere to, and how you could deploy similar systems for your own SMB setup.

Data storage

There are four essential factors that drive data storage decisions – performance, searchability, availability and reliability.

A high performing IT system is necessary for quick access and retrieval of stored data. Organizations invest in hard drives with over 15,000 RPM for such instances. Solid State Disks (SSDs) are a good alternative for high transaction volumes. Enterprises also invest in data-tiering where mission-critical data is stored on high performance servers while stale data is stored on secondary servers. Not only does this bring down the cost of your storage systems, but also reduces the workload on your main servers. Data tiering also contributes towards better searchability.

To ensure high availability, enterprises invest in technologies such as Failover Clustering and Network Load Balancing. This ensures high redundancy and near 100% SLAs (Service Level Agreement) for at least the tier-1 mission-critical servers.

Automatic monitoring and repair of corrupt data is one of the most essential activities to enable high reliability. There are several software tools that help automate the process. Windows server commands like Chkdsk too can help with remapping bad sectors on your hard drive and thus improving reliability.

Some of the tools necessary to improve performance, availability and reliability can incur high capital costs that are out of an SMB’s reach. However, a lot of this is possible today with IaaS and PaaS tools. These are cloud-based systems and essentially offer the same infrastructure that is used by large enterprises, for a far lower cost. Also, since the infrastructure is cloud-based, they are scalable and permit businesses to enhance their performance simply at the click of a button.


Effective enterprise security is a four-step process. It begins with assessing your environment to identify all your assets and security issues. This is followed by protecting your network. Once this is done, the organization must also look at protecting servers and the client systems. Finally, once all the network and servers have been secured, you must start monitoring your environment and auditing your security efforts.

Assessing your environment begins with conducting a risk assessment process to identify every component of your IT infrastructure that lacks a governing security policy. Such computers and devices that do not comply with a central security policy are immediately disconnected until they are made compliant.

Network security is primarily handled through firewalls. In addition to this, enterprises also look at multi-factor authentication (MFA) systems to protect remote access and also deploy automated quarantine systems to identify and disengage from connected devices that do not have the latest anti-virus software. Similar security measures are also carried out on servers and client systems to ensure there is no potential vulnerability on any of these devices. Organizations have dedicated personnel to audit all their various assets on a continuous basis to make sure that their infrastructure is protected against vulnerabilities at all times.

The major difference between enterprises and SMBs in terms of IT security is scale. Equipment and software used for connectivity and data transmission too differ. Enterprises, for instance, use Cisco ASR for connectivity while ISR is used by SMBs for the same purpose. The best practices in terms of securing these network ports for vulnerabilities are thus handled by the same applications since they are made by the same manufacturer.

It is worth pointing out that since SMBs host most of their mission-critical data on the cloud on third party servers, most of the security audits is performed by the IaaS or PaaS service provider. The onus is on the SMB client to verify the SLAs to make sure that they adhere to their organizational standard.

Vulnerabilities could still exist in the transmission systems that send and request data from these third-party servers to your local machines. Network encryption through IPSec architecture help create a secure framework for private communication over IP networks. Implementing this helps with creating a secure transmission system for data. Like the connectivity tools, there are unique SMB-focused network encryption tools that are affordable and suited for the relatively lower bandwidth of data transmitted.

Assessing the performance and security of your IT infrastructure is a continuous process. IaaS and PaaS systems have made this process affordable for SMBs. Picking the right provider and deploying the right software tools to monitor should help your organization match the best practices carried out by your enterprise counterparts.