Opening Your New Office: Getting IT Right the First Time

Written By Farrad Ali

Many entrepreneurs will come to the point of opening a new office.  It is important to get the essentials correct at the onset to maximize productivity and to effectively manage costs.

Here are some recommendations to initially consider when opening your new office.

Procure only Internet Services from your ISP

The local cable/internet provider will attempt to sell you “package bundles” that may include TV services and phones.  The only service that becomes essential for your office is a good Internet connection.  Avoid any additional add-ons like wireless 5G backup service.  Since you intend primarily to do work in the office, you will likely not require a TV service or the maximum internet speed available for streaming services. 

Pay strict attention to the details of your pending contract and make sure that you only are being charged for Internet services.  Most bandwidth offerings between 100Mb and 250Mb would be a good initial starting point.  If more bandwidth is required later, you can simply call to upgrade your service to a higher bandwidth.

Deploy a network firewall behind the ISP router

After obtaining an Internet service at the office, deploy a network firewall to add further protection to all network resources in your office.  The firewall should include basic firewall rules that permit outbound traffic, but deny any external inbound traffic. 

Any outbound traffic that is not associated with an established session should be denied outbound access as well.  Most firewalls come with this configuration by default.  Additionally, depending on the firewall capabilities, you may have the option to remotely access the firewall (and hence your office network) via a VPN client.  This option is great if you would like to access office-based resources from a remote location.  Example office resources include camera systems, printers, scanners, and servers. 

Many firewalls also include annual subscription services for advanced threat detection/prevention and malware detection.  Any business that deals with confidential, non-public information should consider investing in one or more of the additional subscription services.  Example professions that may require additional firewall security capabilities include accounting firms, law firms, and health-care organizations.

Use your VPN capability when not using a secure network

After you have a firewall that is capable of supporting remote Virtual Private Network (VPN) connections, you should actively use the VPN feature when you are traveling and are not able to ensure the integrity of the available Internet service.  An example is when you are away staying at hotel.  The network at the hotel is used by many guests and the privacy of your activities may be minimal. 

When you choose to use a VPN client to connect to your office, you are ensuring that the communication from your computer to the Internet is encrypted between the hotel and your office.  By using this approach, you create an encrypted tunnel of communication between your computer and the office.  Your office becomes the Internet departure point (egress) for your Internet activities.  All of your searches and sign-on activities will appear to have originated from your office. 

Using this approach drastically minimizes the risk that any nefarious activity on the hotel network presents.  If you perceive that this would be a heavily used option, it may be beneficial to obtain a static IP address from your ISP to ensure that you can always easily remotely connect to your firewall.  Adding a static IP address to the Internet configuration will likely increase you monthly Internet charges by up to $20 per month.

Use both wired and wireless networks 

While everyone likes the convenience of wireless networks, wired network connections are superior with respect to bandwidth and throughput.  Wired connections are recommended for users that depend heavily on hosting virtual meetings.  The bandwidth required for streaming video and audio can quickly saturate a wireless network when multiple users are active. 

Using an Ethernet connection on your primary virtual meeting system ensures that you keep network latency to a minimum to maximize the quality of your virtual meeting experience.  Additionally, other devices, such as phones and cameras, can leverage the Power-Over-Ethernet (POE) feature of a network switch to provide both network connectivity and power to all phones and cameras in your office.

Use VOIP cloud-based providers for phone service

While many may choose to use their mobile number as the phone number as the business number, we recommend that you establish at least one permanent phone number for the business.  This can be easily accomplished by using a cloud-based Voice Over IP (VOIP) provider.  Once you select a VOIP telephony provider, they will will likely send you a pre-configured VOIP phone.  When you plug the phone into your local office network switch, it will power up, connect to the VOIP cloud provider, and establish the phone service.  Most VOIP providers also have the mobile app feature to ring your mobile phone when you get a call on the office number. 

The office phone is tied to a phone number that is managed by the cloud VOIP provider, so when you take the phone from one location and plug it into a network at another location, the phone number follows the phone.  This feature also works well if you have multiple employees, where some may work from home.  Lastly, you can also choose to use a desktop “Soft Phone” app on your computer instead of having a physical phone.  The portability features are the same for the desktop app.

Use Smart TVs for waiting areas

If you require access to news or business channels as part of the service that you provide, we recommend that you leverage a Smart TV to connect to the plethora of streaming services.  You can place the TV in a prominent office location and configure it for wireless communication relatively easily.  Most firewalls support wireless networks and you can choose to create a second, separate wireless network just for TVs that does not have access to your data network. 

Deploy with expansion in mind

If you perceive that you may open future locations, possibly in different states, we recommend that you plan to consider the first office as your headquarters and other offices as satellite locations.  This approach allows you to develop standards that can be shared with the satellite offices.   

As an example, when you open your second office, you can connect it to your HQ via a site-to-site VPN.  This means that once you have a functioning Internet service at the second location, you can create a secure tunnel between the remote office and HQ.  This feature permits you to have access to network resources at both locations, if desired.  With growth in mind from the onset, you may decide to go with a particular brand firewall, switch, VOIP provider, etc.  The equipment at HQ may need to be a bit more powerful than the equipment that you use at the remote locations once you establish a many (remote offices) to one (HQ) configuration.

These are a few recommendations to take into account when configuring your new office.  Hopefully, the information shared will help you avoid some of the pitfalls that we have seen some of our customers experience.  Getting it right the first time is always better!

If you have any questions, feel free to contact us and we will be happy to discuss helping you to design and implement the optimal solution to meet your needs.

Farrad Ali
Previous

IT Essentials For Your New Business
Next

Welcome: Introduction to Mende Cybernetics